Objectives and Introduction to Systems Security Engineering
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
5 hours 58 minutes
Difficulty
Intermediate
CEU/CPE
6
Video Transcription
00:00
>> Welcome back to Cybrary ISSEP course.
00:00
I'm your instructor, Brad Rhodes.
00:00
We're starting with Domain 1,
00:00
Systems Security Engineering foundations for ISSEP.
00:00
This is Module 2 of 10.
00:00
Where are we in our course outline?
00:00
Well, we've completed Module 1,
00:00
the overview to level
00:00
set you as to where we're going with the ISSEP course.
00:00
Now we're going to jump into pretty good detail,
00:00
Domain 1 of ISSEP,
00:00
which is our foundations.
00:00
Our first lesson is going
00:00
to cover the objectives of the module,
00:00
and we're going to introduce
00:00
system security engineering.
00:00
What are we going to cover here?
00:00
We're going to look at the module
00:00
objectives for ISSEP Domain 1,
00:00
our foundations, then we're going to do
00:00
a brief overview of system security engineering.
00:00
That's going to come directly out of NIST,
00:00
the National Institute for Standards and Technology.
00:00
That is going to give you a good feel for
00:00
what system security engineering looks like.
00:00
What are our objectives for ISSEP Domain 1?
00:00
Well, we're going to cover the fundamentals.
00:00
You can't jump into a complex thing like
00:00
systems engineering or system security engineering
00:00
without some of the fundamentals.
00:00
We're going to review processes related to that,
00:00
we're going to talk about development methodologies.
00:00
This is development methodologies that you might
00:00
ascribe to software engineering,
00:00
but they are also applicable
00:00
to large-scale systems engineering.
00:00
In fact, these development methodologies were
00:00
originally built to handle systems engineering,
00:00
but they have since been
00:00
transformed and used for multiple things.
00:00
We're going to talk about
00:00
the technical management process.
00:00
You do as an ISSE a lot of technical management.
00:00
That is a huge part of
00:00
your work so you need to know that.
00:00
We're going to talk about acquisition,
00:00
which is really the buy-build decision points.
00:00
Sometimes as an ISSE,
00:00
you have to make a recommendation.
00:00
Am I going to buy something
00:00
or am I going to build it myself?
00:00
I'll tell you,
00:00
if you build it yourself, you own the zero days.
00:00
That's one of my mantras,
00:00
but sometimes you have to buy it because it's cheaper.
00:00
You're going to get to market with
00:00
whatever product you're working on faster.
00:00
Then we're going to talk about trusted systems networks
00:00
and why they're so important,
00:00
especially as it relates to
00:00
the US government and the US Department of Defense.
00:00
That's where you're going to see the conversation
00:00
about cots and gots initially.
00:00
Just keep that in mind, but we're going to get there.
00:00
From NIST, the National
00:00
Institute of Standards and Technologies,
00:00
we have this great overview.
00:00
This is you can see built,
00:00
buy, and cozy, and we've talked about and cozy before.
00:00
Systems engineering is the top-level management process
00:00
or top-level engineering process
00:00
for putting together complex systems.
00:00
One of the specialties of
00:00
systems engineering is system security engineering
00:00
or Information System Security Engineering,
00:00
ISSE, which is what we're talking about in this course.
00:00
A system security engineer, what do they do?
00:00
They apply the math,
00:00
the engineering, the concepts, methods.
00:00
They standardize what happens
00:00
as it gets integrated into the system as a whole.
00:00
The system security engineer
00:00
helps with other specialties.
00:00
For example, if you're doing a system
00:00
and you're exercising or executing defense in depths,
00:00
so think that onion layers of security,
00:00
you're going to have security specialist
00:00
in host-based systems, so computers.
00:00
You're going to have security specialists
00:00
in network-based security systems.
00:00
You're going to have specialists in data loss prevention.
00:00
Those are the security specialties and
00:00
other specialties that roll up into what we do
00:00
in system security engineering that
00:00
ultimately are then more modularly
00:00
into the system as
00:00
a whole from a systems engineering perspective.
00:00
Systems engineering and system security engineering are
00:00
both multi-disciplinary process as to
00:00
integrate pieces and parts into a system as a whole.
00:00
That's a basic overview of system security engineering.
00:00
What did we cover in this lesson?
00:00
We looked at the module objectives for Module 2,
00:00
which is our Domain 1 of the ISSEP foundations.
00:00
Then we did a brief overview of
00:00
the System Security Engineering Process
00:00
as framed by NIST. We'll see you next time.
Up Next
Similar Content
