Presentación

The Maria Cano University Foundation offers the postgraduate program in Cybersecurity Specialization on-site mode, in accordance with Law 30 of 1992. Cybersecurity is a strategic organizational element where it is intended that one of the objectives of the area responsible for information technology and communications is to assume responsibility for safeguarding information through mechanisms and technological tools and the power granted by national legislation in line with international postulates.

Undoubtedly, in the whole process of expansion and evolution of industries that is currently taking place, information takes a fundamental and strategic value, becoming a vital piece for the development of these, this forces organizations to make an efficient work in the process of managing information and technologies associated with this in a comprehensive and effective way.

In a world that has become dependent on information and technology, the Internet has become an environment that allows sending and receiving information from anywhere in the world, without restrictions of time or space, with high speeds in data transfer, but all this is faced with a number of risks that can reach their vulnerabilities, significantly increasing the number of latent threats. Organizations, understanding all the dangers present on the Web, have begun to make large investments to seek a secure environment for information and for the technologies associated with it, to keep protected what today has become one of the most important assets in organizations, as information is, especially now that companies are undergoing major transformations towards industries 4.0, where connectivity, the use of technologies and  digital information transfer are essential for the achievement of the objectives.

Taking into account the above, the Specialization in Cybersecurity aims to give added value to the organization so that it creates a strong enough link between the areas of systems and security to make the right decisions in personnel selection and appropriate technological tools to ensure the integrity, availability and confidentiality of the company’s information.

Admission profile

The academic program is aimed at professionals working in the areas of operation of information and communication technologies, information systems operation technology, systems auditing and information security or cybersecurity, as well as information technology management, risk, information security or cybersecurity. It is also aimed at professionals working in the fields of data networks, telecommunications, telematics and electronics, among others.

Professional profile

The Cybersecurity Specialist will be a responsible, creative person, with initiative and assertiveness. He/she will be proactive in the prevention and neutralization of risks that may affect the security of information, as well as apply methods for the recovery of information in the event of security incidents that may occur in the organization. Likewise, he/she will be a leader in the implementation, development and application of techniques, methods and tools aimed at providing protection to business information.

Occupational profile

The following are performance fields of the Cybersecurity Specialist:

• Design and execute strategies to face cyber-attacks.
• Protect the information assets of companies.
• Implement cyber resilience in critical organizational processes to ensure business continuity.

Similarly, to solve information security problems, the Cybersecurity Specialist must, from the Identification function, develop an organizational understanding to manage cybersecurity risk for systems, people, assets, data and capabilities. This first function will be obtained with the Risk Management course, which will allow him/her to know and apply the most used methods for the identification and treatment of security risks present in cyberspace.

The Protection function supports the ability to limit or contain the impact of a potential cybersecurity event; this function includes: identity management and access control; awareness and training; data security; information protection processes and procedures; maintenance; and protection technology. The Threat Intelligence course aims to provide the specialist with the skills to control and predict incidents through a series of investigations and log analysis, enabling them to understand the Cyber Intelligence process and helping to protect critical information and infrastructure of organizations.  A second subject: Cybersecurity Protection Controls will allow the student to learn how to implement controls that will help to keep information and infrastructure safe by responding to the protection process of the Cybersecurity Framework.

As for the third function of Detect, it is intended to develop and implement appropriate activities to detect the occurrence of a cybersecurity event, through the contents of the subject of Intrusion Detection, where the student will learn and apply the different techniques and tools that allow the detection of intrusions in cyberspace, which will give tools to mitigate and control any cyberattack that occurs and puts at risk the infrastructure and information of organizations.

On the other hand, the Response function aims to develop and implement appropriate activities to take action with respect to a detected cybersecurity incident, this function includes: response planning, communications, analysis, mitigation, and improvements.  The Incident Management and Cyber Defense course seeks that the student learns to respond to each incident and cyber-attack that occurs in the critical infrastructure of the organization in such a way that its impact is mitigated and a more agile process of business recovery is achieved by acquiring the skills that will allow him to perform an assessment based on norms, standards and best practices, as well as the application of a series of procedures and policies.

Finally, the Recover function requires you to develop and implement appropriate activities to maintain cyber resilience plans and restore any capabilities or services that have been impaired due to a cybersecurity incident. With the Business Continuity course, the student seeks to acquire the competencies that will allow him/her to prevent, protect and react to the different security incidents that may affect and negatively impact organizations. The purpose of this course is to provide students with the necessary knowledge to establish recovery plans to ensure business continuity and maintain the critical infrastructure of the organization in a state of reliable security.