Information security, often called InfoSec, consists of tools and processes used to protect data and sensitive information from threats and attacks. In this course, explore the history of information security and discover how to differentiate between cybersecurity and information security. Discover common myths and misconceptions about information security and learn about types of information security, such as infrastructure, cloud, application, and incident response. Next, you will explore security threats, including social media attacks, social engineering, malware, and misconfigurations, and common information security and data protection laws. Finally, you will investigate the responsibilities of a Chief Information Security Officer (CISO), including developing sound security practices, identifying security objectives, conducting awareness and training programs, and ensuring regulatory compliance. Upon completion, you'll be able to recognize the importance of information security and the key roles and responsibilities required to protect an organization

There are many elements to a successful InfoSec team, but its goal is always to protect the organization's electronic data and information technology systems. In this course, you will learn about the responsibilities of an IT security team and the many roles required for success. Explore the responsibilities of a chief information security officer and a chief information officer and discover the primary responsibilities of a network security engineer, which include ensuring hardware and software security and updating and patching resources. Next, you will differentiate between the roles of penetration tester, information owner, junior engineer, computer technician, forensic investigator, and digital forensic examiner. Then examine key stakeholder and decision-maker roles. Lastly, explore the role of DevSecOps and list ways it can have a positive impact on information security. Upon completion, you'll be able to recognize the elements of an InfoSec team.

Confidentiality, integrity, and availability, otherwise known as the CIA triad, is a common information security model used by organizations to design and implement their overall security policies and frameworks. In this course, you will learn the basics of confidentiality, integrity, and availability, and discover emerging challenges brought on by big data and the Internet of Things (IoT). Explore the stages of information security risk management (ISRM) and learn how to differentiate between various types of security controls. Discover techniques such as defense in depth, data classification, cryptography, access control, and governance, and the importance of having a sound incident response and management strategy in place. Lastly, learn about the role of investigations and forensics as well as the steps in a forensic investigation such as searching and seizing, acquisition, analysis, and reporting. After course completion, you'll be able to recognize common elements of information security.

Information security leaders must identify organizational goals and develop plans and strategies to attain them. In this course, you will explore information security planning, including how a good plan can offer economic benefits and provide a competitive advantage. Discover the importance of evaluating security risks, threats, and vulnerabilities, and learn how to conduct a security risk analysis. Then you will focus on data classification planning, various regulatory acts that apply to information security, and the importance of disaster recovery and incident management planning. Next, examine the value of properly training and evaluating employees in security awareness, and learn how to strengthen security culture through communications and awareness programs. Finally, you will investigate key considerations when planning for budgets and contingency.

Everything comes with pros and cons, and outsourced information security is no exception. Leaders contemplating outsourcing information security products and services will need to trade potential time and money savings for other potential gaps. In this course, explore information security outsourcing, security vendor relationships, and major considerations and challenges associated with outsourcing information security. Next, discover common downsides to outsourcing security services, key steps to consider when choosing a security vendor, and explore vendor risk management. Finally, learn about vendor contracts and the importance of having sound contract language when dealing with security vendors. Upon completion, you'll be able to identify common InfoSec vendors and providers and best practices for outsourcing InfoSec products or services.

There is no easy way to predict the future of information security. There are however strategies leaders can implement to better plan and prepare for future growth, security, and threats. In this course, examine potential information security threats, how complexity makes them challenging to predict and plan for, and the threats that ransomware, cybercrime, and the growing crime-as-a-service (CaaS) community pose. Next, discover how work shortages and voids created by skills gaps can cause major issues and the impact of recent global pandemics. Finally, explore operational technology, application container risks, and the evolving risks posed by artificial intelligence and machine learning. Upon completion, you'll be able to plan for the future as an InfoSec leader.