RFC: Advance Information Security

[aayushsinha0706]

Problem:
OSSU does not have an information security track for students.

Duration:
16 June 2022

Background:

OSSU lacks an advanced cybersecurity track for students

CS2013 recommends following areas to be offered as an elective in the field of information security (A description of the relevant CS2013 Knowledge Area can be found here)

• Web Security
• Security Policy and Governance
• Digital Forensics
• Secure Software Engineering

AND

• OSSU should lead students towards a professional training program in field of cyber security (but that will be behind a paywall)

I have taken following points for this RFC.

• For free education no single course provider (university or organisation) is providing all cyber security courses.
• Courses are taken in consideration according to ACM CS 2013 IAS elective recommendations

AND

• For the professional education, a professional organisation has been selected that prepares for certification exam.

Proposal:
My recommendation for advanced information security

• Web Security Fundamentals by Katholieke Universiteit Leuven in Belgium on edx
• System Security & Governance by UCI on Coursera
• Digital Forensics Concepts by Infosec on Coursera
• Secure Software Development: Requirements, Design, and Reuse by Open Source Security Foundation (Linux Foundation) on edx
• Secure Software Development: Implementation by Open Source Security Foundation (Linux Foundation) on edx
• Secure Software Development: Verification and More Specialized Topics by Open Source Security Foundation (Linux Foundation) on edx

AND

(ISC)² Systems Security Certified Practitioner (SSCP)

The SSCP Professional Training Certificate shows employers you have the IT security foundation to defend against cyber attacks – and puts you on a clear path to earning SSCP certification. (ISC)² certifications are accredited, recognized and endorsed by leading organizations around the world.

Read More about SSCP examination here: Systems Security Certified Practitioner

All the courses in the specialisation are behind a paywall and can be audited only through payment or financial aid,

Conclusion
OSSU should provide a choice for its students to learn advance information security by free auditable courses or train themselves for a professional examination.

• The RFC also closes down RFC: Add IBM Cybersecurity Analyst Professional Certificate to the Final Project section #1027 which is also on the same lines

[waciumawanjohi]

Seeing no objections and with the comment period complete, this is ready for addition.

[waciumawanjohi]

@aayushsinha0706 Can you open a PR that reflects the changes above?

[aayushsinha0706]

Since this is merged through pull request #1056, I am closing this issue.