Information Security: Context and Introduction

Start Date: 07/05/2020

Course Type: Common Course

Course Link: https://www.coursera.org/learn/information-security-data

About Course

In this course you will explore information security through some introductory material and gain an appreciation of the scope and context around the subject. This includes a brief introduction to cryptography, security management and network and computer security that allows you to begin the journey into the study of information security and develop your appreciation of some key information security concepts. The course concludes with a discussion around a simple model of the information security industry and explores skills, knowledge and roles so that you can determine and analyse potential career opportunities in this developing profession and consider how you may need to develop personally to attain your career goals. After completing the course you will have gained an awareness of key information security principles regarding information, confidentiality, integrity and availability. You will be able to explain some of the key aspects of information risk and security management, in addition, summarise some of the key aspects in computer and network security, including some appreciation of threats, attacks, exploits and vulnerabilities. You will also gain an awareness of some of the skills, knowledge and roles/careers opportunities within the information security industry.

Coursera Plus banner featuring three learners and university partner logos

Course Introduction

Information Security: Context and Introduction Welcome to Information Security! We're delighted to have you in the class and look forward to your contributions to the knowledge base. In this course we'll focus on a particular area of information security: the information security industry. We hope that you'll have a great understanding of what information security is and what it is all about. We'll also invite you to explore the subject in more depth with more depth and more in-depth detail, provided you have basic knowledge of computer science and basic math skills. Our goal is to develop you to a point where you can consider and assess information security and determine how it’s implemented in various information technology systems and applications. We'll cover various aspects of information security, such as information technology systems, information technology applications, information security management, information security policy, security architecture, data protection, operations security, cryptography, authentication, and machine learning. We’ll also cover the basics of information theory and how these aspects are connected. These topics should prove especially useful to you if you're new to cybersecurity. We'll walk you through the basics of cryptography, authentication, and machine learning as they relate to cybersecurity. We’ll even introduce the topics of your choice: we’ll cover basic concepts, give a brief overview, and then you can explore the topic in depth with more depth and more in-depth detail, if you so choose. We’ll use an Open Source programming environment (

Course Tag

Cybersecurity Cryptography Information Security (INFOSEC) Security Management

Related Wiki Topic

Article Example
Information security institutes from 157 countries, coordinated through a secretariat in Geneva, Switzerland. ISO is the world's largest developer of standards. ISO 15443: "Information technology - Security techniques - A framework for IT security assurance", ISO/IEC 27002: "Information technology - Security techniques - Code of practice for information security management", ISO-20000: "Information technology - Service management", and ISO/IEC 27001: "Information technology - Security techniques - Information security management systems - Requirements" are of particular interest to information security professionals.
Information security awareness Information security awareness is one of several key principles of information security. Information security awareness seeks to understand and enhance human risk behaviors, beliefs and perceptions about information and information security while also understanding and enhancing organizational culture as a countermeasure to rapidly evolving threats. For example, the OECD's "Guidelines for the Security of Information Systems and Networks" include nine generally accepted principles: awareness, responsibility, response, ethics, democracy, risk assessment, security design and implementation, security management, and reassessment. In the context of the Internet, this type of awareness is sometimes referred to as cyber security awareness, which is the focus of multiple initiatives, including the U.S. Department of Homeland Security's National Cyber Security Awareness Month and President Obama's 2015 White House Summit on Cybersecurity and Consumer Protection.
Security information and event management In the field of computer security, security information and event management (SIEM) software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by network hardware and applications.
Chief information security officer Independent organizations such as Holistic Information Security Practitioner Institute (HISPI) and EC-Council provide training, education and certification by promoting a holistic approach to Cybersecurity to Chief Information Security Officers (CISOs), Information Security Officers (ISOs), Information Security Managers, Directors of Information Security, Security Analysts, Security Engineers and Technology Risk Managers from major corporations and organizations.
Information security An important aspect of information security and risk management is recognizing the value of information and defining appropriate procedures and protection requirements for the information. Not all information is equal and so not all information requires the same degree of protection. This requires information to be assigned a security classification.
Information security The field of information security has grown and evolved significantly in recent years. It offers many areas for specialization, including securing networks and allied infrastructure, securing applications and databases, security testing, information systems auditing, business continuity planning and digital forensics.
Information security In 1992 and revised in 2002, the OECD's "Guidelines for the Security of Information Systems and Networks" proposed the nine generally accepted principles: awareness, responsibility, response, ethics, democracy, risk assessment, security design and implementation, security management, and reassessment. Building upon those, in 2004 the NIST's "Engineering Principles for Information Technology Security" proposed 33 principles. From each of these derived guidelines and practices.
Information security Employee’s behavior has a big impact to information security in organizations. Cultural concept can help different segments of the organization to concern about the information security within the organization.″Exploring the Relationship between Organizational Culture and Information Security Culture″ provides the following definition of information security culture: ″ISC is the totality of patterns of behavior in an organization that contribute to the protection of information of all kinds.″
Information security Information security culture needs to be improved continuously. In ″Information Security Culture from Analysis to Change″, authors commented, ″It′s a never ending process, a cycle of evaluation and change or maintenance.″ To manage the information security culture, five steps should be taken: Pre-evaluation, strategic planning, operative planning, implementation, and post-evaluation.
Information security The Institute of Information Security Professionals (IISP) is an independent, non-profit body governed by its members, with the principal objective of advancing the professionalism of information security practitioners and thereby the professionalism of the industry as a whole. The Institute developed the IISP Skills Framework©. This framework describes the range of competencies expected of Information Security and Information Assurance Professionals in the effective performance of their roles. It was developed through collaboration between both private and public sector organisations and world-renowned academics and security leaders.
Federal Chief Information Security Officer Independent organizations such as Holistic Information Security Practitioner Institute (HISPI) and EC-Council provide training, education and certification by promoting a holistic approach to Cybersecurity to Chief Information Security Officers (CISOs), Information Security Officers (ISOs), Information Security Managers, Directors of Information Security, Security Analysts, Security Engineers and Technology Risk Managers from major corporations and organizations.
Information security The German Federal Office for Information Security (in German "Bundesamt für Sicherheit in der Informationstechnik (BSI)") BSI-Standards 100-1 to 100-4 are a set of recommendations including "methods, processes, procedures, approaches and measures relating to information security". The BSI-Standard 100-2 "IT-Grundschutz Methodology" describes how an information security management can be implemented and operated. The Standard includes a very specific guide, the IT Baseline Protection Catalogs (also known as IT-Grundschutz Catalogs). Before 2005 the catalogs were formerly known as "IT Baseline Protection Manual". The Catalogs are a collection of documents useful for detecting and combating security-relevant weak points in the IT environment (IT cluster). The collection encompasses as of September 2013 over 4.400 pages with the introduction and catalogs. The IT-Grundschutz approach is aligned with to the ISO/IEC 2700x family.
Certified Information Security Manager The intent of the certification is to provide a common body of knowledge for information security management. The CISM focuses on information risk management as the basis of information security. It also includes material on broader issues such as how to govern information security as well as on practical issues such as developing and managing an information security program and managing incidents.
Certified Information Security Manager Certified Information Security Manager (CISM) is a certification for information security managers awarded by ISACA (formerly the Information Systems Audit and Control Association).
Information Security Forum The 2016 standard covers current information security 'hot topics' such as Threat Intelligence, Cyber Attack Protection and Industrial Control Systems, as well as, significant enhancement of existing topics including: Information Risk Assessment, Security Architecture and Enterprise Mobility Management. It can be used to build a comprehensive and effective information security management system. In addition to covering information security-related standards such as COBIT 5 for Information Security, SANS Top 20 Critical Security Controls for Effective Cyber Defense, the 2016 standard covers ISO/IEC 27002:2013 as well as PCI DSS 3.1 and the NIST cyber security framework.
Automated information systems security In information security, automated information systems security is a synonym for computer security.
Information security The rapid growth and widespread use of electronic data processing and electronic business conducted through the Internet, along with numerous occurrences of international terrorism, fueled the need for better methods of protecting the computers and the information they store, process and transmit. The academic disciplines of computer security and information assurance emerged along with numerous professional organizations – all sharing the common goals of ensuring the security and reliability of information systems.
Security information management Security information management is also referred to as log management and is different from SEM (security event management), but makes up a portion of a SIEM (security information and event management) solution.
Information Technology Security Assessment Information Technology Security Assessment (IT Security Assessment) is an explicit study to locate IT security vulnerabilities and risks.
Center for Information Security Technologies Graduate School of Information Management and Security(Former Graduate School of Information Security)