Welcome to ISEC-690/695
Information Security Management Project (Capstone)


The management of information security has been a cornerstone for all the technological and advances that enabled business organizations to thrive in the past few decades. With significant investments in information security management, organizations can protect their key assets including data, information, and knowledge, while maintaining a competitive advantage. Thus, it is imperative that graduate students finishing their Master program in Cybersecurity (MSIS) or those with concentration in Information Security Management (MMIS & MSIT w/InfoSec) will be able to demonstrate for potential employers a quality industry-level research project.

This capstone project course is designed to mesh all prior knowledge acquired during the Master (MSIS, MMIS, & MSIT) program with concentration in Cybersecurity and Information Security Management (InfoSec). Moreover, this capstone project course will enable students to develop in small teams of two students an industry-level project, where selected top quality projects will be posted on the Center for Information Protection, Education, and Research (CIPhER) Website to showcase and provide a platform for outstanding students to demonstrate for potential employers their outstanding work. The course includes three key deliverable assignments.



ISEC-690/695 - Information Security Management Project (3 credits)
Winter 2018 - January 8, 2018 - May 6, 2018

 PROFESSOR'S INFORMATION:

   

Name:

Dr. Yair Levy
Professor of Information Systems and Cybersecurity

Address:

Nova Southeastern University
College of Engineering and Computing (CEC)
The DeSantis Building, room 4058
3301 College Avenue
Ft. Lauderdale, FL 33314

E-mail:

levyy@nova.edu (please send all correspondence via e-mail)

Phone:

954-262-2006 (for faster respond, send me your phone number via e-mail & I will be happy to call you back)

Fax:

954-262-3915

Prof.'s Web Site:

http://cec.nova.edu/~levyy/

Levy CyLab:

http://CyLab.nova.edu/

Class Web Site:

In BlackBoard via https://sharklearn.nova.edu/

Office Hours: 

As needed, just drop me an e-mail to schedule.

 

 

 E-MAIL COMMUNICATION:

Send me all correspondence to levyy@nova.edu. When sending me e-mail, please make sure to:

  • Send me e-mail from your NSU e-mail address ONLY -- this is CEC policy! (Also note that e-mails sent from non-NSU e-mail address maybe detected as spam and will not be received or answered!)
  • Type "ISEC-695" in the subject line.
  • Type your full name in the message.
  • Type your BlackBoard username in the message.
  • Type your NSU e-mail address in the message.
  • When sending issues about team work, please clearly indicate the team letter you're in and CC your teammate.

E-mails usually are answered within one business day, although in most cases, I will answer you even before. If I'm out of town, then I will probably answer it when I get back or have access to the Internet while on travel.

 COURSE DESCRIPTION:

This project course integrates all of the knowledge accumulated through the previous courses and serves as a capstone for the Cybersecurity/IA program or concentration. The course focuses on integrating best practices for protecting critical information infrastructures through national cybersecurity standards and systems assessments in order to help students develop a final information security capstone project focusing on Information Security Policy Development and Compliance (MMIS/InfoSec or MSIT/InfoSec) or Network Security Engineering (MSIS or MSIT/InfoSec). Students may enroll in this class only after completing all of the information security core courses. Upon request, the course may be taken concurrently with one of the prerequisite courses. Such a request will only be approved in the last term of a student's matriculation, and students taking a prerequisite concurrently are subject to the same expectations as those who have completed all prerequisites.

Prerequisites (MSIS/MSIT): CISC650, CISC680, MSIT630, ISEC600, ISEC620, ISEC640, ISEC650, ISEC655, and ISEC660.
Prerequisites (MMIS/InfoSec): MMIS621, MMIS630, MMIS653, MMIS660, ISEC615, ISEC635, ISEC655, and ISEC675.
Upon request, the course may be taken concurrently with one of the prerequisite courses. Such a request will only be approved in the last term of a student's matriculation, and students taking a prerequisite concurrently are subject to the same expectations as those who have completed all prerequisites. For approval, please contact the academic advisor in the Programs Office.

 ┬áLEARNING OUTCOMES:

ISEC690 for MSIS or MSIT/InfoSec Students:
Students completing the ISEC690 capstone project course will be able to:
1) Be able to identify and evaluate possible threats to network and system security
2) Be able to design an information security audit
3) Be able to assess security threats and vulnerabilities of information systems
4) Demonstrate an understanding of leading edge practices in protecting digital information, security audits, reaction and recovery procedures
5) Be able to evaluate the problems surrounding network security engineering
6) Have the ability to implement national cybersecurity standards in order to provide organizations the ability to identify, protect, detect, respond, and recover from cyber threats

ISEC695 for MSIT/InfoSec or MMIS/InfoSec Students:
Students completing the ISEC695 capstone project course will be able to:
1) Be able to identify and evaluate possible threats to network and system security
2) Be able to compose a information security policy and compliance draft
3) Be able to assess security threats and vulnerabilities of information systems
4) Demonstrate an understanding of leading edge practices in protecting digital information, security audits, reaction and recovery procedures
5) Be able to evaluate the problems surrounding information security policy development and compliance
6) Have the ability to implement national cybersecurity standards in order to provide organizations the ability to identify, protect, detect, respond, and recover from cyber threats

This is a “capstone” project course, in that student's work should reflect the culmination of their entire educational experience to this point.

  RECOMMENDED TEXTBOOKS:

 

 

No required textbook for this information security management project capstone, however, you are highly encouraged to consult the textbooks that you have used during the prerequisites and the highly recommended book below.

Harkins, M. (2012). Managing risk and information security - protect to enable. New York, NY: Apress Open.

ISBN-10: 1430251131
ISBN-13: 978-1430251132

 

 

 EXIT COMPETENCIES:

Upon successful completion of this course, the student will have a the ability to apply the principles of information security in the design and development of solutions for complex information systems. This is a “capstone” project course, in that student's work should reflect the culmination of their entire educational experience to this point.

 INSTRUCTION METHODS AND TOOLS:

This course will utilize BlackBoard as the delivery tool. Assignments and class discussions will take place in the BlackBoard site assigned to this course.

 ASSIGNMENTS:

Students will work in small groups of two students each team (not more than two, but if you wish to work by yourself, ensure you get my approval for it!). Each team will be responsible for three assignments all part of one major final capstone project (project proposal, poster draft, & final project package) in this course. Students will be responsible to form their own groups during the first week of the term, so they can get their project started early in the term given each team will need to identify an information security management topic, an industry, a company, and a business advisor from that company to provide feedback on the project.

Assignment No. 1 will be a proposal for the Information Security Management Project. Assignment No. 2 will include a completed draft of the capstone project poster. Assignment No. 3 will include a set of deliverables that will comprise the final capstone project "package." Top preforming projects will be posted on the Center for Information Protection, Education, and Research (CIPhER) Website to showcase and provide a platform for students to demonstrate for potential employers their work completed. The final capstone project "package" will include a
n executive summary and a professional poster, and an on-campus (or online via GoTo Meeting) project presentation. Additional information on each assignment is provided under the assignment guidelines in the "Course Content" section of the course's BlackBoard site or within the appropriate area. Moreover, industry standard Weekly Progress Reports (WPR) will be required throughout the term to track the project progress.

NOTE: This course does not include programming assignments.

 GRADING:

 

 

 

 

Student introduction/bio post and team formation

5%

 

Assignment No. 1 - Information Security Management Capstone Project Proposal

10%

 

Assignment No. 2 - Information Security Management Capstone Project Poster Draft

15%

 

Assignment No. 3 - Information Security Management Capstone Project Final “Package”

60%

 

Weekly Progress Reports (10 WPRs x 1% each) 10%  

 

 

100%

 

Grading Scale:

[93-100]

=A

 

[83-86)

=B

 

[73-76)

=C

[90-92)

=A-

 

[80-82)

=B-

 

[70-72)

=C-

[87-89)

=B+

 

[77-79)

=C+

 

Below 70

=F

 

 

 

 

 

 

 

 

 CLASS/COURSE RULES:

  • Mutual respect and courtesy.
  • Professional quality in the organization, completeness, neatness, and timeliness of any material submitted will be expected.
  • Late assignments will not be accepted! However, the professor realizes that exceptional situations (such as justified emergencies or medical situations) do occur. In such cases, please inform your professor via e-mail to obtain special permission for late submission, prior to the deadline.
  • A student may not do additional work or repeat an examination to raise a final grade.
  • All papers and assignments should include a certificate of authorship signed by the student.
  • The professor is not obligated to communicate with students via e-mail or telephone about the course or assignments after final grades have been submitted. However, official Challenge of Course Grade and Student Grievance Procedure, as outlined in the graduate catalog, will be processed.
  • Students should be aware that any submitted work for this course may be subjected to detection of breach of copyright.
  • No incompletes will be provided unless the student compleated at least 75% of the course assignments.
 NOTE:

Although some sections above are parts of this course's syllabus, this is not the course syllabus. The purpose of this page is to allow students and prospective students to gain understanding on the nature of this course and the professor. The course syllabus will be provided via WebCT and will be available for all students who register for this course.

Looking forward "seeing" you in my class!

NSU
Yair Levy, Ph.D. (levyy@nova.edu)
Professor of Information Systems and Cybersecurity
Director, Center for Information Protection, Education, and Research (CIPhER)
College of Engineering and Computing
Nova Southeastern University
Copyright ©  - Dr. Yair Levy, all rights reserved worldwide.
Modified  December 15, 2017