Skip to main content

Cybersecurity: Technology, Application and Policy

Discover how to protect yourself and your company with MIT Professional Education’s Cybersecurity course.

Start Date: Mar 14, 2017
Duration: Six Weeks
Price: $595

Course Description

Are you and your organization safe from cyberattacks? Discover how to protect yourself and your company with MIT Professional Education’s Cybersecurity course. In partnership with MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL), this fast-paced, 6-week online course provides a holistic look at cybersecurity technologies, techniques, and systems.

Taught by a team of world-renowned security experts in hardware, software, cryptography, and policy from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL), the Cybersecurity course provide a comprehensive view of key technologies and techniques. Through video lectures and case studies, you will develop a broad understanding of technological advances in cybersecurity and how they apply to today’s systems. By the end of the course, you’ll be equipped with new tools to help develop and implement your own cybersecurity solutions.

What You'll Learn

  • The main causes of security breaches
  • How and where cybersecurity challenges arise in a number of domains
  • How we think about security when architecting hardware systems
  • Operating systems security
  • Computational approaches for verifying the security of systems
  • Secure programming languages
  • Fundamentals of public key cryptography
  • New approaches to secure computation including multi-party computing, secret sharing, and distributed trust
  • New methods for computing on encrypted data
  • Network security and protocol design
  • Case studies such as Bitlocker, web security, and mobile phone security
  • Architecting resilient software
  • The landscape of cybersecurity policy

Instructors

Daniela Rus

Daniela Rus Professor, Electrical Engineering and Computer Science

Howard Shrobe

Howard Shrobe Principal Research Scientist, MIT Computer Science and Artificial Intelligence Laboratory

Adam Chlipala

Adam Chlipala Assistant Professor, MIT Computer Science and Artificial Intelligence Laboratory

David Clark

David Clark Senior Research Scientist, MIT Computer Science and Artificial Intelligence Laboratory

Srini Devadas

Srini Devadas Professor, MIT Computer Science and Artificial Intelligence Laboratory

Shafi Goldwasser

Shafi Goldwasser Professor, MIT Computer Science and Artificial Intelligence Laboratory

Daniel Jackson

Daniel Jackson Professor, MIT Computer Science and Artificial Intelligence Laboratory

Frans Kaashoek

Frans Kaashoek Professor, MIT Computer Science and Artificial Intelligence Laboratory

Martin Rinard

Martin Rinard Professor, MIT Computer Science and Artificial Intelligence Laboratory

Ronald Rivest

Ronald Rivest Professor, MIT Computer Science and Artificial Intelligence Laboratory

Armando Solar-Lezama

Armando Solar-Lezama Assistant Professor, MIT Computer Science and Artificial Intelligence Laboratory

Vinod Vaikuntanathan

Vinod Vaikuntanathan Associate Professor, MIT Computer Science and Artificial Intelligence Laboratory

Danny Weitzner

Danny Weitzner Principal Research Scientist, MIT Computer Science and Artificial Intelligence Laboratory

Nickolai Zeldovich

Nickolai Zeldovich Associate Professor, MIT Computer Science and Artificial Intelligence Laboratory

Michael Siegel

Michael Siegel Principal Research Scientist, Sloan School of Management
Associate Director of MIT’s Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity (IC)3

Course Description

Taught by a team of world-renowned security experts in hardware, software, cryptography, and policy from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL), the Cybersecurity course provide a comprehensive view of key technologies and techniques. Specifically, it focuses on three areas:

  • Prevention – Creating systems that are harder to hack
  • Resilience – Developing systems that can offer secure transactions even after they’ve been compromised
  • Regeneration – Designing systems that can repair themselves when breaches are detected

Through video lectures and case studies, you will develop a broad understanding of technological advances in cybersecurity and how they apply to today’s systems. In addition, you’ll learn about important new developments that will likely shape the industrial landscape in years to come. By the end of the course, you’ll be equipped with new tools to help develop and implement your own cybersecurity solutions.

Course Overview

The course is held over six weeks and will provide the following:

  • Five modules covering 14 topic areas with 12 hours of video
  • Assessments to reinforce key learning concepts of each module
  • Case studies
  • Discussion forums for participants to discuss thought-provoking questions posed by the MIT faculty teaching the course; share, engage, and ideate with other participants
  • Community Wiki for sharing additional resources, suggested readings, and related links

Participants will also take away:

  • Program materials: PDFs of faculty PowerPoint presentations, and resources presented in the course Wiki.
  • 90 day access to the archived course (includes videos, discussion boards, content, and Wiki)
  • Complete Course Transcript: In addition to synchronized video transcripts, participants will also receive a compiled transcript of all course lectures.

Time Requirement/Commitment
Taking into consideration various time zones, this course is self-paced with online accessibility 24/7. Lectures are pre-taped and you can follow along when you find it convenient as long as you finish by the course end date. You may complete all assignments before the course end date, however, you may find it more beneficial to adhere to a weekly schedule so you can stay up-to-date with the discussion forums. There are approximately two hours of video every week. Most participants will spend about four hours a week on course-related activities.

Please note that the edX platform uses Coordinated Universal Time (UTC), which is 5 hours ahead of Eastern Standard Time (EST) and 4 hours ahead of Eastern Daylight Time (EDT). To convert times to your local time zone, please use the following tool: http://www.timeanddate.com/worldclock/converter.html

Browser/Technical Requirements
In order to access our courses, you must have a connection to the Internet. Videos are only available via online streaming - you will not be able to download videos for viewing offline. Please take note of your company's restrictions for viewing content and/or firewall settings.

Our courseware works best with current versions of Chrome, Firefox, or Safari, or with Internet Explorer version 10 and above. For the best possible experience, we recommend switching to an up-to-date version of Google Chrome. If you do not have Chrome installed you can get it for free here:http://www.google.com/chrome/browser/

We are unable to fully support access with mobile devices at this time. While many components of your courses will function on a mobile device, some may not.

Key Benefits

The Cybersecurity course is offered on a convenient, flexible schedule with platform access 24 hours a day, from anywhere in the world. Specifically, it will enable you to:  

  • Become a subject matter expert on how major security technologies can both impact and protect your business
  • Engage confidently with management (since potential participants could include management, other words may be better here – perhaps “other corporate players or participants) on cybersecurity challenges, emerging technologies, and how those technologies can address business problems
  • Gain the tools and knowledge to develop a concrete strategic cybersecurity action plan for your organization

Following the completion of the course, you’ll earn a Certificate of Completion and 1.2 CEUs from MIT Professional Education. In addition, past participants have been able to immediately put their newfound knowledge into action by:  

  • Making their organization more resilient to cyber-induced failures
  • Safeguarding their systems by evaluating them from a cyberattacker’s perspective
  • Implementing security measures during the coding, testing, and deployment phases
  • Planning their short-and long-term cybersecurity roadmap
MIT Professional Education Alumni Benefits

After completing this course, you’ll become an MIT Professional Education alumnus and will receive the following benefits:

  • Exclusive discounts on all future Short Programs and Digital Programs courses
  • Access to our restricted professional alumni networking group and invitations to join all MIT Professional Education social media platforms
  • Networking opportunities with global professionals who are also interested in cybersecurity, technology, computer science, entrepreneurship, science, research, and Big Data
  • Advance notice about upcoming courses, programs, and events and a subscription to our MIT Professional Education e-newsletter.

Earn a Certificate of Completion and CEUs

CERTIFICATE OF COMPLETION

To earn a Certificate of Completion in this course, participants should watch all the videos, and complete all assessments by the due date, with an overall average of 80 percent success rate. Keep in mind that the 80-percent pass rate is across all assessments, and is your overall average “grade” for the course.

Upon successful completion of the course and all assessments, a Certificate of Completion will be awarded by MIT Professional Education after the course has ended.

Sample Certificate of Completion

Continuing Education Units (CEUs)

Participants of this course who successfully complete all course requirements in order to earn a Certificate of Completion are eligible to receive 1.2 Continuing Education Units (1.2 CEUs).

CEUs are a nationally recognized means of recording noncredit/non-degree study and are accepted by many employers, licensing agencies, and professional associations as evidence of a participant’s serious commitment to the development of a professional competence.

Acceptance of CEUs depends on the organization to which one is submitting them. If your employer requires any additional information, MIT Professional Education can answer questions and provide information, but we cannot guarantee that any particular organization will accept our CEUs.

CEUs are based on hours of instruction. For example: One CEU = 10 hours of instruction. CEUs may not be applied toward any MIT undergraduate or graduate level course.

Who Should Participate

This course is suitable for anyone with a bachelor’s level education in computer science. Because the application of the course is broad, it can apply to both early career professionals as well as senior technical managers. To ensure participants understand how the concepts apply to business, at least three years of work experience is recommended. Teams of individuals from the same organization are also encouraged to apply.

Participants may include:

  • Engineers who need a greater understanding of the latest cybersecurity technologies
  • Technical managers who want to familiarize themselves with emerging technologies
  • Entrepreneurs who would like to gain insights into trends and future capabilities of cybersecurity technology
  • Managers/C-level executives with a background in computer science who would like a greater understanding of the cybersecurity landscape

Learning Objectives

The Cybersecurity course will introduce you to the most recent concepts and technologies in this rapidly expanding field. After completing the course, you’ll understand:

  • The main causes of security breaches
  • How and where cybersecurity challenges arise in a number of domains
  • How we think about security when architecting hardware systems
  • Operating systems security
  • Computational approaches for verifying the security of systems
  • Secure programming languages
  • Fundamentals of public key cryptography
  • New approaches to secure computation including multi-party computing, secret sharing, and distributed trust
  • New methods for computing on encrypted data
  • Network security and protocol design
  • Case studies such as Bitlocker, web security, and mobile phone security
  • Architecting resilient software
  • The landscape of cybersecurity policy

Course Outline

Modules, Topics, and Faculty

MODULE ONE: Introduction
The introductory module aims to give a broad survey of the course and of cybersecurity challenges and opportunities.

Introduction: Cybersecurity (Howard Shrobe)

  • Learning from the past: Multics
  • Examples of what can go wrong
  • Capability architectures
  • Tagged architectures, including Memory safety, Type safety, Information flow, and “Zero Kernel”

Security Overview (Srini Devedas)

  • Why security is a hard goal to achieve
  • Broad strategies that one can employ to create secure systems

 
MODULE TWO: Systems Security
The systems security module surveys the system development side of cybersecurity.

Hardware Architectures for Security (Howard Shrobe)

  • How novel hardware architectures can help to enforce the security properties that Operating Systems and Programming Languages expect, including memory safety, type safety, information flow, and access control
  • How to enforce properties in hardware can be much more systematic and dramatically more efficient than enforcement by software alone

Operating Systems Security (Frans Kaashoek)

  • Taking a global, systems-wide view of security. Viewing security as a "negative goal," considering all possible paths to security breaches- permissions, access, trojans, bugs, and many others
  • Discussion of various design approaches to securing systems, including complete mediation, separation privilege, and minimizing the trusted computer base

Verifying Systems (Adam Chlipala)

  • How to formulate requirements on secure behavior of C-like programs as rigorous logical formulas
  • How to argue that programs meet such requirements

Secure Programming Languages (Armando Solar Lezama)

  • Languages and low-level security properties
  • Languages and high-level security properties
  • Type safety


MODULE THREE: Cryptography and Network
This module is on algorithms for secure computation and security challenges in network and protocol design.
 
Public Key Cryptography (Ron Rivest)

  • A quick overview of basic public-key cryptography, including the RSA and El-Gamal public-key cryptosystems, relevant number theory, security definitions, and complexity assumptions
  • A brief intro to more advanced notions, such as digital signatures, certificates, homomorphic encryption, and elliptic curves

Multi-party Computation, Secret Sharing, Distributed Trust (Shafi Goldwasser)

  • A cryptographic paradigm shift: from communication of private data to computation over private data
  • How to define secure multiparty computation and its applications
  • How to achieve multi-party secure computation through polynomial secret sharing and computation on shares
  • Using the principles of multiparty computation to distribute trust and power

Homomorphic and functional encryption (Vinod Vaikuntanathan)

  • Solving the all or nothing paradigm of encryption - how do we keep data secure, while allowing computations on underlying data: how to “have your cake and eat it too”
  • Discussion on the developments in homomorphic encryption from the ‘80s through today, and constructing partially and fully homomorphic crypto-systems
  • How functional encryption systems can grant third-party access to only the precise information it needs to perform a task

Network Security and Protocol Design (Dave Clark)

  • What the different aspects of network security are and what mechanisms are used to address them
  • Why the current state of network security is so poor

MODULE FOUR: Case Studies
This systems module discusses solutions to security in several domains.

Bitlocker (Nickolai Zeldovich)

  • Discussion of the challenges of building a disk encryption system using passwords, removable devices and trusted hardware methods
  • Overview of the Trusted platform method and case study of how BitLocker uses this method
  • How BitLocker actually encrypts data using the ‘poor man’s authentication’ method

Resilient Software (Martin Rinard)

  • An explanation of how errors can cause serious security vulnerabilities using examples of buffer and integer overflow errors
  • Overview of methods to automatically find and patch these errors, including transferring correct code from one application to another, and generating patches to identify errors and produce the correct output
  • Discussion of how automating these difficult and expensive manual tasks can produce software that is more reliable and secure, with enhanced functionality

Web security (Daniel Jackson)

  • What makes web applications especially vulnerable to attack
  • How attacks against web applications work: two broad classes
  • How to defend against attacks, at the design and implementation levels

Mobile Phone Security (Nickolai Zeldovich)

  • Discussion of the unique characteristics of a mobile phone that necessitate different applications from existing desktop or web applications
  • Case study of how computer system security works in mobile phones, using the Android's application model, and mechanisms used by Android to secure data while allowing applications to share information
  • A look back on Android’s development: What worked? What didn’t work? What changes have been made to overcome challenges?

MODULE FIVE: Policy
This systems module discusses policy aspects of cybersecurity.

Management, Strategy and Organizational Issues (Michael Siegel)

  • Security of conventional information systems is recognized as important, but is still not fully effective.
  • The number and magnitude of recent cyber-attacks (Target, Home Depot, SONY, etc.) is growing weekly. Also there is growing concerns for the security of our Cyber-Physical Infrastructure and increase exposure from the IoT (Internet of Things).
  • At the same time it has become more apparent that people represent the weakest link in the security stack. In this module we examines managerial, strategic and organizational issues that can help improve performance and reduce the growing cyber threat.

The Landscape of Cyber Policy (Danny Weitzner)

  • Inquiring into the role public policy plays in sustaining and securing the Internet
  • Reviewing six key policy goals embodied in today’s digital communications environment, how they arose, and what keeps them on track
  • Exploring the way progress requires policymakers to understand the background against which new rules are made

FAQs

REGISTRATION QUESTIONS

Who can register for this course?
Unfortunately, US sanctions do not permit us to offer this course to learners in or ordinarily residing in Iran, Cuba, Sudan, and the Crimean region of Ukraine. MIT Professional Education truly regrets that US sanctions prevent us from offering all of our courses to everyone, no matter where they live.

What do I need to do to register for the course?
Go to mitprofessionalx.mit.edu and click on the program title. Then click “Enroll Now.” You may be prompted to first register for a mitprofessionalx account if you do not have one already. Complete this process, then continue with checkout and pay for the course. After you complete registration, you will receive a purchase receipt and confirmation/instructions via email.

How do I register a group of participants?
For a group of 5 or more individuals, you can pay via invoice. To be invoiced, please email mitprofessionalx@mit.edu with the number of individuals in your group, and instructions to register will be provided. Please note that our payment terms are net zero, and all invoices must be paid prior to the course start date. Failure to remit payment before the course begins will result in removal from the course. No extensions or exceptions will be granted.

What is the registration deadline? Individual registrations must be completed by March 14, 2017. For group sales, purchases can take place up until March 7, 2017. Please note that once registration has closed, no late registrations or cancellations will be granted.

How should I pay?
Individual registrants must complete registrations and pay online with a valid credit card at the time of registration. MIT Professional Education accepts globally recognized major credit or debit cards that have a Visa, MasterCard, Discover, American Express or Diner's Club logo.

Invoices will not be generated for individuals, or for groups of less than 5 people. However, all participants will receive a payment receipt. Payment must be received in full; payment plans are not available.

When will I get access to the course site?
Instructions for accessing the course site will be sent to all paid registrants via email prior to the program start date. If you have not received these instructions, visit your account dashboard to login and begin the course on the advertised start date.

I need to cancel my registration. Are there any fees?
Cancellation requests must be submitted to mitprofessionalx@mit.edu. Cancellation requests received after March 21, 2017 will not be eligible for a refund. To submit your request, please include your full name and order number in your email request. Refunds will be credited to the credit card used when you registered and may take up to two billing cycles to process. MIT Professional Education Digital Programs and edX have no obligation to issue a refund after March 21, 2017.

Can I transfer/defer my registration for another session or course?
Admission and fees paid cannot be deferred to a subsequent session; however, you may cancel your registration and reapply at a later date.

Can someone else attend in my place?
We cannot accommodate any substitution requests at this time. Please review the time commitment section and course schedule

COURSE QUESTIONS

How do I know if this course is right for me?
Carefully review the course description page, which includes a description of course content, objectives, and target audience, and any required prerequisites.

Are there prerequisites or advance reading materials?
MIT Professional Education strongly recommends a bachelor’s degree in computer science and three years’ minimum work experience, but the course is open to any interested participant. No advance reading is required.

What is the time commitment of this course? MIT Professional Education Digital Programs are designed to fit the schedules of busy professionals. That’s why each course is self-paced and available online 24 hours a day, 7 days a week. This course is held over six weeks, and is entirely asynchronous. Lectures are pre-taped and you can follow along when you find it convenient, as long as you finish all required assignments by assigned due date at the end of the course. While you may complete all the assignments in rapid succession, most participants find it beneficial to adhere to the weekly schedule and participate in online discussion forums along the way. There are approximately two hours of video every week. You will spend additional time on multiple choice assessments, readings, and discussion forums. Most participants will spend about 3 - 4 hours a week on course-related activities.

How many hours per week will I have class or homework? There are approximately two hours of video every week. You will spend additional time on multiple choice assessments, readings, and discussion forums. Most participants will spend about four hours a week on course-related activities.

How long will the course material be available online?
The materials will be available to registered and paid participants for 90 days after the course end date, April 25, 2017. No extensions may be granted.

What reference materials will be available at the end of the course? Participants will have 90-day access to the archived course (includes videos, discussion boards, content, and Wiki).

What materials will participants keep at the end of the course? Participants will take away program materials: PDFs of faculty PowerPoint presentations, and resources presented in the course Wiki.

Will I receive an MIT Professional Education Certificate?
Participants who successfully complete the course and all assessments will receive a Certificate of Completion. This course does not carry MIT credits or grades, however, an 80% pass rate is required in order to receive a Certificate of Completion.

Will I receive MIT credits?
This course does not carry MIT credits. MIT Professional Education offers non-credit/non-degree professional programs for a global audience. Participants may not imply or state in any manner, written or oral, that MIT or MIT Professional Education is granting academic credit for enrollment in this professional course. None of our Digital courses or programs award academic credit or degrees. Letter grades are not awarded for this course.

Will I earn Continuing Education Units (CEUs)?
Course participants who successfully complete all course requirements are eligible to receive Continuing Education Units (CEUs) from MIT Professional Education. CEUs are a nationally recognized means of recording non-credit/non-degree study. They are accepted by many employers, licensing agencies, and professional associations as evidence of a participant’s serious commitment to the development of a professional competence. CEUs are based on hours of instruction. For example: One CEU = 10 hours of instruction. CEUs may not be applied toward any MIT undergraduate or graduate level course.

CEUs are based on hours of instruction. For example: One CEU = 10 hours of instruction.

CEUs may not be applied toward any MIT undergraduate or graduate level course.

After I complete this course, will I be an MIT alum?
Participants who successfully complete a Digital Programs course are considered MIT Professional Education Alumni. Only those who complete an undergraduate or graduate degree are considered MIT alumni.

Are video captions available?
Each video for this course has been transcribed and the text can be found on the right side of the video when the captions function is turned on. Synchronized transcripts allow students to follow along with the video and navigate to a specific section of the video by clicking the transcript text. Students can use transcripts of media-based learning materials for study and review.

Browser/Technical Requirements Access our courses requires an Internet connection, as videos are only available via online streaming, and cannot be downloaded for offline viewing. Please take note of your company's restrictions for viewing content and/or firewall settings. Or courseware works best with current versions of Google Chrome, Firefox, or Safari, or with Internet Explorer version 10 and above. For the best possible experience, we recommend switching to an up-to-date version of Chrome. If you do not have Chrome installed, you can get it for free here: http://www.google.com/chrome/browser/ We are unable to fully support access with mobile devices at this time. While many components of your courses will function on a mobile device, some may not.

I have never taken a course on the edX platform before. What can I do to prepare?
Prior to the first day of class, participants can take a demonstration course on edx.org that was built specifically to help students become more familiar with taking a course on the edX platform.

What are the technical requirements to participate in this course? Our courseware works best with current versions of Google Chrome, Firefox, or Safari, or with Internet Explorer version 10 and above. For the best possible experience, we recommend switching to an up-to-date version of Chrome. If you do not have Chrome installed, you can get it for free here: http://www.google.com/chrome/browser/