Course Description

This course will provide an overview of the laws and professional ethics that IT Security Professionals must understand. In the early weeks of the course, we will examine some of the basic ideas and dynamics that will help us analyze and discuss the interplay between technology, law and professional ethics. Later, we will examine one or two substantive areas of law each week, including: e-contracts; e-regulation; online crime; intellectual property; privacy; data breach liability.  Students will conduct independent research relating to privacy and artificial intelligence.

Lecture # Topics
1 Information and Security Policy Overview
2 Information Security Framework
3 Risk Management
4 Information Classification and Asset Management
5 Human Resources Security
6 Physical and Environmental Security
7 Midterm (No Lecture)
8 Communications and Operations Management
9 Access Control
10 Systems Acquisition, development and Maintenance
11 Business Continuity
12 Incident Management and Review