CYBER RISK MANAGEMENT & INCIDENT RESPONSE
(LAWP-4020) - 2 UNITS

This course is intended to introduce students to the related disciplines of business continuity planning, incident response, and digital investigations. The business continuity portion of the course will train students in enterprise-level business/legal processes used to "get companies and agencies up and running" following a disruptive event (with an emphasis on cyber incidents). Topics will include business continuity processes developed by private industry and government organizations, as well as crisis communications and public relations. It is intended to prepare students to address strategic business, policy, and legal issues confronting senior business executives and legal counsel.

The incident response and investigations components of the class will evaluate the practical aspects of responding to, and proactively mitigating, the risks associated with a specific type of disruptive event: network intrusions and data breaches. Topics will include incident response investigative methodologies, attacker classification and behavioral profiling, tactical and strategic information security remediation recommendations, information security governance structures, statutory and regulatory disclosure considerations. It is intended to train students to join a tactical-level incident response team.

This course will include practical tabletop exercises based upon actual events, to analyze in-house and outside counsel responses. No technical background is required.

Prerequisites:
None