Cybersecurity Planning and Management (2020)

The intent of the Cybersecurity Planning and Management Knowledge Unit is to provide students with the ability to develop plans and processes for a holistic approach to cybersecurity for an organization.

1 Outcomes
2 Topics
3 Skills
4 NICE Framework Categories
5 CSEC 2017 Categories
6 Specialization Areas
7 See also
8 Further reading
- 8.1 Suggested textbooks
- 8.2 Suggested academic readings
9 Sample knowledge test
10 Sample skills test
11 Sample abilities test
12 Additional notes or materials
13 Contacts
14 Reference ID

Outcomes[edit]

After completing the KU, students will be able to:

Assess the placement of security functions in a system and describe the strengths and weaknesses.
Formulate contingency plans for various size organizations to include: business continuity, disaster recovery and incident response.
Create system specific plans for:
- The protection of intellectual property
- The implementation of access controls
- Patch and change management
Outline and evaluate the roles of personnel in planning and managing security, including:
- The Board of Directors
- Senior Management
- The Chief Information Security Officer (CISO)
- IT Management (CIO, IT Director, etc)
- Functional Area Management
- Information Security personnel
- End users

Topics[edit]

Broad coverage of the cybersecurity Common Body of Knowledge (CBK) and how it affects planning and management.
Differentiate and provided examples of Operational, Tactical, and Strategic Planning and Management
Examine C-Level Functions which impact cybersecurity.
Making cybersecurity a strategic essential (part of core organizational strategy)
Identify requirements and create plans for Business Continuity / Disaster Recovery
Develop processes and procedures for incident response
Planning for protection of intellectual property
Managing the implementation of access controls
Managing patch and change control

Skills[edit]

Use resources to assemble and adjust plans for:
- Security
- Business continuity
- Disaster recovery
- Other related areas.

NICE Framework Categories[edit]

Securely Provision (SP)	Operate and Maintain (OM)	Oversee and Govern (OV)	Protect and Defend (PR)
Analyze (AN)	Collect and Operate (CO)	Investigate (IN)

CSEC 2017 Categories[edit]

Component Security
Human Security	Organizational Security

Specialization Areas[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]

Contacts[edit]

Reference ID[edit]

CPM

Cybersecurity Planning and Management (2020)

Contents

Outcomes[edit]

Topics[edit]

Skills[edit]

NICE Framework Categories[edit]

CSEC 2017 Categories[edit]

Specialization Areas[edit]

See also[edit]

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]

Contacts[edit]

Reference ID[edit]

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

main

Navigation

Current Set to Edit

2019 Approved Set

All Sets of Knowledge Units

CAE-CO Knowledge Units

CyberEd

Tools