Welcome to ISEC-765
Doctoral Seminar on: Information Security Risk Management

The significant advancements in information technology (IT) over the past few decades have made it a critical component of practically everyone, from pre-elementary kids to professionals. IS has a profound impact on the way humans operate in their daily lives both personally and professionally. The combination of IT, people, and processes leads to what is known as information systems (IS). Given the nature of IS to enable business continuity and connecting employees, vendors, customers, suppliers, contractors, etc., IS is susceptive to significant cybersecurity and information security risks. Risk, vulnerabilities assessments, threat vector mitigation, and the ability to manage risk are not new. All have been studied significantly in other fields such as healthcare, construction, engineering, finance, human resources, insurance, to name a few.

This doctoral seminar will emphasize current issues and future directions in managing risks in the context of information system security, and research opportunities for students in this field.

This doctoral seminar is designed to stimulate theoretical and practical thinking relative to doctoral research in the area of Information Security Risk Management. This doctoral seminar includes lectures, class activities and discussions, student presentations, as well as assignments.

ISEC-765 - Information Security Risk Management (4 credits)
Winter 2019 - January 7, 2019 - May 5, 2019
On-Campus: Check Cluster Schedule for Room assigned - DeSantis Building
8am - 12pm




Dr. Yair Levy
Professor of Information Systems and Cybersecurity


Nova Southeastern University
College of Engineering and Computing
The DeSantis Building, Room 4058
3301 College Avenue
Ft. Lauderdale, FL 33314


levyy@nova.edu (please send all correspondence via e-mail)


954-262-2006 (for faster respond, send me an e-mail...)



Prof.'s Web Site:


Levy's CyLab:


Class Web Site:

In Canvas via https://sharklearn.nova.edu/

Office Hours: 

By appointment only via e-mail.




Send me all correspondence to levyy@nova.edu. *** Please do NOT use the Canvas internal e-mail system to communicate with me, only the NSU regular e-mail!!! ***
When sending me e-mail, please make sure to:

  • Send me e-mail from your NSU e-mail address ONLY -- this is college policy! (Also note that e-mails sent from non-NSU e-mail address maybe detected as spam and will not be received or answered!)
  • Type "ISEC-765" in the subject line.
  • Type your full name in the message.
  • Type your NSU e-mail address in the message.

E-mails usually are answered within one business day, although in most cases, I will answer you even before. If I'm out of town, then I will probably answer it when I get back or have access to the Internet while on travel.


Study of the theory and practice of information security risk management. This course will focus on the research related to current tools, best practices, theories, and frameworks available in mitigating system vulnerabilities and the accepted methodologies for managing residual risks. Topics include exploring risk management theories in information security, the role of risk management theories from other fields on research in this field, understanding quality research in risk management, techniques to develop stronger research proposals in the context of cybersecurity and information security risk management with emphasis on developmental research. An emphasis will be placed on current issues and future directions of research related managing information systems security risks.

Learning how to conduct high quality and valid research is extremely exciting. By all means, to get the most out of this course, strive to have fun, both when participating in class and when working on assignments. I think and hope that you will enjoy it.


Students completing the course will be able to:
1) Acquire advanced knowledge and deeper understanding of the field of information security risk management
2) Communicate professionally and ethically about information security risk management research issues
3) Identify, analyze, and synthesize scholarly literature related to information security risk management
4) Propose a new research plan to generate new knowledge in the field of information security risk management by producing a written document that propose a plan for an original contribution to the field of information security risk management


Harkins, M. (2012). Managing risk and information security - protect to enable. New York, NY: Apress Open.

ISBN-10: 1430251131
ISBN-13: 978-1430251132

APA (2009). Publication manual of the American psychological association (APA)  (6th ed.).

ISBN#: 978-1-4338-0561-5

Davis, G. B., Parker, C. A., & Straub, D. W. (2013). Writing the doctoral dissertation: A systematic approach (3rd ed). Hauppauge, NY: Barrons Educational Series.

ISBN-10: 0764147870
ISBN-13: 978-0764147876

Additional articles, Internet resources and notes will be provided in class or via the Canvas site assigned to this course. Please check the Canvas site regularly!


This course will utilize Canvas as supplement for in-class activities. Assignments, projects and class discussions will take place in the Canvas site assigned to this course.


There will be four major assignments in this course. Additional information will be provided during the class meetings as noted in the calendar. Moreover, additional information on each assignment is also provided under each of the assignment guidelines in the "Course Content" section of the course's Canvas site. All assignments should be uploaded into the Dropbox area in Canvas. Additional information on the uploading process will be provided in our first class meeting.

Note: Please allow yourself enough time prior to due date to upload your assignment to the Canvas's dropbox.

Assignment Due Date Grade Weight
Student homepage/profile 01/13 5%
Theory focused paper (including: summary table, and preliminary reference list) - (ISEC-765 Assignment #1) 01/27 25%
Research article, theory review, and initial research idea presentation (ISEC-765 Assignment #2) 02/28 10%
Dissertation Review post (ISEC-765 Assignment #3) 03/24 15%
Research pre-idea paper (ISEC-765 Assignment #4) 04/21 35%
Class Participation (in-class activities & discussions - No makeup!) N/A 10%

Grading Scale:

[93-100] =A   [83-86) =B   [73-76) =C
[90-92) =A-   [80-82) =B-   [70-72) =C-
[87-89) =B+   [77-79) =C+   Below 70 =F
  • Class attendance is MANDATORY at all class meetings.
  • Mutual respect and courtesy.
  • Professional quality in the organization, completeness, neatness, and timeliness of any material submitted will be expected.
  • Late assignments will not be accepted! However, the professor realizes that exceptional situations (such as justified emergencies or medical situations) do occur. In such cases, please inform your professor via e-mail to obtain special permission for late submission, prior to the deadline.
  • A student may not do additional work or repeat an examination to raise a final grade.
  • All papers and assignments should include a certificate of authorship signed by the student.
  • The professor is not obligated to communicate with students via e-mail or telephone about the course or assignments after final grades have been submitted. However, official Challenge of Course Grade and Student Grievance Procedure, as outlined in the graduate catalog, will be processed.
  • Students should be aware that any submitted work for this course may be subjected to detection of breach of copyright.
  • No incomplete will be provided unless the student completed at least 75% of the course assignments.


Although some sections above are parts of this course's syllabus, this is not the course syllabus. The purpose of this page is to allow students and prospective students to gain understanding on the nature of this course. The course syllabus will be provided via Canvas and will be available for all students who register for this course.

Looking forward to seeing you in my class!

Yair Levy, Ph.D. (levyy@nova.edu)
Professor of Information Systems and Cybersecurity
Director, Center for Information Protection, Education, and Research (CIPhER)
College of Engineering and Computing
Nova Southeastern University
Copyright © 2018 - Dr. Yair Levy, all rights reserved worldwide.

Modified December 17, 2018