In this course we will examine the aviation and Internet infrastructures, and various policies that have been developed to help guide and strengthen their cybersecurity programs. The aviation and Internet infrastructures are also considered "lifeline infrastructure" as part of the transportation and communications sectors. Both subsectors are overseen by the Department of Homeland Security National Protection and Programs Directorate which manages the DHS National Infrastructure Protection Program. SSA responsibility for the aviation subsector is shared between the Transportation Security Administration and Federal Aviation Administration under the auspices of the Department of Homeland Security and Department of Transportation respectively. The Department of Homeland Security retains sole responsibility as the Sector-Specific Agency for the Internet subsector. While TSA and FAA have regulatory over the aviation subsector, DHS has no regulatory authority whatsoever over the Internet. In response to Executive Order 13636 issued by President Obama in February 2013, both sets of SSAs recommended continuing with voluntary cybersecurity measures. TSA and FAA reported they were working to implement the Transportation Roadmap across all transportation subsectors, including aviation. DHS reported that it was working with Internet providers to implement the Cyber Assessment Risk Management Approach. Despite some differences, the Transportation Roadmap and CARMA are very similar to the NIST Cybersecrity Framework and ES-C2M2 examined previously. That is to say, they are predicated on a continuous improvement process that engages the whole organization in identifying and implementing incremental changes to enhance cybersecurity practices based on prevailing standards. This module will examine both the aviation and Internet lifeline infrastructure subsectors, and elements and application of the Transportation Roadmap and CARMA.
In this module will examine the aviation subsector and the Transportation Roadmap for strengthening this infrastructure's resistance to cyber attack.
Module 10: Applied Transportation Roadmap
In this module we will examine the difference between cybersecurity for fixed versus mobile assets, and take a closer look at the Transportation Roadmap and apply its tenets to different hypothetical situations. Also included in this module is course exam #5. Good luck!
Module 11: Internet Infrastructure & CARMA
In this module will examine the Internet subsector and the Cyber Assessment Risk Management Approach for strengthening this infrastructure's resistance to cyber attack.
Module 12: Applied CARMA
In this module we will take a closer look at the Cyber Assessment and Risk Management Approach and apply its tenets to different hypothetical situations. Also included in this module is the course exam #6 and related project assignment. Good luck!