The objective is to educate and train lawyers and business professionals seeking greater expertise on cybersecurity, cyber threats and vulnerabilities, and related “best practices” (technical, personnel, and policy solutions).
In-person classes dates
Monday, October 23
09.00 – 10.15: Welcome and Keynote Speaker
10.30 – 13.00: Introduction to Cybersecurity
Professor(s): Eduardo di Monte, Michelle Alexandra Vázquez Ricciardi
Technical basics – cryptography, operating system security, web and network security, data security, encryption, cloud security.
14.30 – 17.30: Introduction to Cybersecurity
Professor(s): Eduardo di Monte, Michelle Alexandra Vázquez Ricciardi
Background of the internet, its evolution, optics of network infrastructure and communication, advent of the digitalized interconnected economy, reliance on third-parties for processing, data storage.
18.00 – 20.30: Deloitte SOC visit and demonstration
Professor(s): Eduardo di Monte, Michelle Alexandra Vázquez Ricciardi
Tuesday, October 24
09.00 – 12.00: Introduction to Cybersecurity
Professor(s): Eduardo di Monte, Michelle Alexandra Vázquez Ricciardi
Information technology and the changing face of business, overview of information security “best practices”.
12.15 – 13.30: Threats and Vulnerabilities
Professor(s): Eduardo di Monte, Michelle Alexandra Vázquez Ricciardi
Assessment of risks and vulnerabilities inherent in digital communications. Attribution issues, exploits, and the C-I-A Triad concept will be emphasized.
15.00 – 18.15: Threats and Vulnerabilities
Professor(s): Jeffrey Batt
Overview of threat actors (advanced persistent threats, cyber criminals, hacktivists), vectors (such as spear phishing), and motivation (insider threats, espionage, hacktivism).
Wednesday, October 25
09.00 – 12.00: Threats and Vulnerabilities
Professor(s): Jeffrey Batt
Continued discussion of threat vectors and types, followed by an assessment of organizational vulnerabilities, such as data assets (IP, sensitive business records, PHI, PCI) and human error.
12.15 – 13.30: Threats and Vulnerabilities
Professor(s): Marina Nogales
Industry / sector impacts, including retail, critical infrastructure, health care, and education.
15.00 – 18.15: Threats and Vulnerabilities
Professor(s): Marina Nogales
Continued discussion of industry / sector impacts, analytical modeling.
Threat demonstration and response practice.
Research paper instructions and meetings.
19.30 – 22.30: Networking Dinner
Thursday, October 26
09.00 – 10.30: Cybersecurity “Best Practices” – People, Process, and Technology
Professor(s): Adolfo Pedriza
Overview of IT, information security, and the corporation. Emphasis on cybersecurity as an enterprise-wide risk, not just IT issue.
10.45 – 13.30: Cybersecurity “Best Practices” – Technology
Professor(s): Adolfo Pedriza
Technological solutions (managing passwords and credentials, data backups, system architecture, encryption). Pen testing, review of critical controls, vendor access.
15.00 – 18.15: Cybersecurity “Best Practices” – Technology
Professor(s): Adolfo Pedriza
Pen testing, review of critical controls, vendor access, and other resiliency measures.
Friday, October 27
09.00 – 12.15: Cybersecurity “Best Practices” – Process
Professor(s): Adolfo Pedriza
Policy-related cybersecurity – records management, access restriction, privacy program, corporate organization structure.
12.30 – 13.30: Cybersecurity “Best Practices” – Process
Professor(s): Adolfo Pedriza
ISO, NIST, and other frameworks.
15.00 – 18.15: Cybersecurity “Best Practices” – People
Professor(s): Adolfo Pedriza
Internal training, phishing prevention, and other ways to limit or prevent human error.
18.15 – 19.15: Research paper instructions and meetings.
eLearning dates
Introduction to Cybersecurity – Weeks of October 30, November 6, November 13, November 20, and November 27.
Total course hours: 10 hours (in person), 15 hours (eLearning). 25 hours combined.
Threats and Vulnerabilities – Weeks of October 30, November 6, November 13, and November 20.
Total course hours: 12 hours (in person), 12 hours (eLearning). 24 hours combined.
Cybersecurity “Best Practices” – People, Process, and Technology – Weeks of November 20, November 27, and December 4.