(Designed in part to help prepare for the EC-Council Secure Computer User [CSCU] certification.) Prerequisite: Any CMIS, CMIT, CMSC, CMST, CSIA, DATA, IFSM, or SDEV course. A survey of the cybersecurity principles, practices, and strategies required by leaders and managers to become strategic partners in the establishment, management, and governance of an enterprise's cybersecurity program. The aim is to develop both an understanding of how cybersecurity supports key business goals and objectives and the "soft skills" necessary for success in a leadership or managerial role. Topics include the fundamentals of cybersecurity practices and principles; enterprise IT governance processes and security controls; data security; the information life cycle; intellectual property protections; privacy laws and regulations; security education, training, and awareness; and the need for cooperation and collaboration between business units and the organization's cybersecurity program.

(Includes content designed to help in preparing for IAPP Certified Information Privacy Professional/US certification.) Prerequisite: CSIA 360. A study of the application of cybersecurity principles, frameworks, standards, and best practices to organization-level strategies, policies, programs, plans, procedures, and processes. The aim is to assist students in preparing to take an internationally recognized information privacy certification. Projects include writing security policies and plans, developing metrics and measures for information security programs, planning audits of compliance practices and processes, and developing organization-level security policies for enterprise IT governance. Discussion covers principles and best practices for protecting privacy and ensuring compliance with laws and regulations.