2023-2024 Academic Catalog 
    
    Dec 30, 2024  
2023-2024 Academic Catalog [ARCHIVED CATALOG]

CSEC 2360 - Threat and Risk Assessment (TRA)


The first part of this course provides an introduction to the fundamentals of Cybersecurity Risk Planning and Management. Students will learn cybersecurity risk management principles, as well as the tools and techniques for detecting cyberattacks, with the goal of understanding, managing, and reducing cybersecurity risk and protect data and networks in an organization. Topics covered will include Cybersecurity Risk management as an ongoing process of identifying, analyzing, evaluating, and addressing an organization’s cybersecurity threats. The Cybersecurity Risk Planning and Management portion of this course is based on the National Institutes of Standard and Technology (NIST) Cybersecurity Framework.

In the second part of this course, students will learn the foundations of Threat Modeling, which is a commonly used security practice for identifying and classifying assets, their potential vulnerabilities and threats, and prioritizing each threat. Threat Modeling plays a complementary role in Threat and Risk Assessment.

Prerequisites: CSEC 1000 - Foundations of Cybersecurity  

Anticipated Terms Offered: spring