Cybersecurity Planning and Management (2020)

The intent of the Cybersecurity Planning and Management Knowledge Unit is to provide students with the ability to develop plans and processes for a holistic approach to cybersecurity for an organization.

Outcomes[edit]

To complete this KU, students should be able to:

1. Examine the placement of security functions in a system and describe the strengths and weaknesses
2. Develop contingency plans for various size organizations to include: business continuity, disaster recovery and incident response.
3. Develop system specific plans for:
   • The protection of intellectual property
   • The implementation of access controls
   • Patch and change management
4. Outline and explain the roles of personnel in planning and managing security, including:
   • The Board of Directors
   • Senior Management
   • The Chief Information Security Officer (CISO)
   • IT Management (CIO, IT Director, etc)
   • Functional Area Management
   • Information Security personnel
   • End users

Topics[edit]

1. Broad coverage of the cybersecurity Common Body of Knowledge (CBK) and how it affects planning and management.
2. Differentiate and provided examples of Operational, Tactical, and Strategic Planning and Management
3. Examine C-Level Functions which impact cybersecurity.
4. Making cybersecurity a strategic essential (part of core organizational strategy)
5. Identify requirements and create plans for Business Continuity / Disaster Recovery
6. Develop processes and procedures for incident response
7. Planning for protection of intellectual property
8. Managing the implementation of access controls
9. Managing patch and change control

Skills[edit]

1. Use resources to assemble and adjust plans for:
   • Security
   • Business continuity
   • Disaster recovery
   • Other related areas.

NICE Framework Categories[edit]

Specialization Areas[edit]

• Data Management Systems Security
• Industrial Control Systems-SCADA Security
• Security Incident Analysis and Response

See also[edit]

Related Knowledge Units

• Cybersecurity Planning and Management (2014)

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]

Contacts[edit]

Reference ID[edit]

CPM