Security Governance, Risk & Privacy Topics
Governance, compliance frameworks, regulatory requirements, compliance implementation, and compliance-driven risk management. Covers compliance frameworks (SOX, GDPR, HIPAA, FCPA, etc.), regulatory interpretation, compliance control design, audit and control effectiveness evaluation, and compliance process management. For operational security implementation and technical threat mitigation, see Security Engineering & Operations.
Security Clearance and Background Investigation Readiness
Preparing for clearance-gated roles: clearance levels and what each requires, the background-investigation process, factors affecting eligibility, maintaining and transferring an existing clearance, and discussing clearance status appropriately in interviews.
Cryptographic Standards and Compliance
Compliance and standards governing the use of cryptography: approved algorithms and key lengths, FIPS 140 validation, key management standards, and regulatory expectations for encryption of data at rest and in transit. Covers how cryptographic choices are constrained by standards and how to demonstrate cryptographic compliance. Standards-and-governance view of crypto, not cryptographic design or attacks.
Privacy in Emerging Technologies
Privacy challenges raised by newer technologies and business models: AI and machine learning, biometrics, IoT, and other data-intensive innovations, plus how regulators are responding. Covers anticipating future privacy risks and adapting practices ahead of formal rules. Includes reasoning about privacy in novel data uses where guidance is still forming.