This section will focus on helping students define key cybersecurity concepts, introduce them to common cybersecurity roles, and examine cyberthreats. It will also help students explore real-world examples of attacks that have disrupted organizations globally, explore cyber defense measures used to prevent common threats, and conclude with a lab that assists students in examining phishing emails, analyzing malware behavior, and building a threat checklist.

Lab: Students will examine various forms of phishing examples, including sample QR-encoded emails, Adversary-in-the-Middle (AiTM) platforms, and credential harvesters. They will also conduct hands-on analysis of malware samples using the ANY.RUN platform and learn to build a cyberthreat checklist that addresses these and other cyberattacks.

Topics covered:

• CIA Triad (confidentiality, integrity, availability) and an introduction to cybersecurity roles and practices.
• Phishing, malware, ransomware, and social engineering explained using real-world examples.
• Introduction to GDPR, CCPA, and their relevance to cybersecurity and AI.
• Basics of threat detection, firewalls, antivirus, and intrusion detection systems.
• Analyzing phishing emails, identifying malware characteristics, and creating a threat checklist.

This section will help students better understand the central role of data within AI solutions. It will focus on labeled versus unlabeled datasets, data modeling concepts, regression models, core data governance roles, and best practices for data security. The section concludes with a lab exploring the use of Python via NumPy, Scikit-learn, and Pandas to cleanse data sets by decreasing duplication, inconsistencies, and other issues that can negatively affect AI solutions. Lab: Students will examine the importance of data cleansing, including finding missing or inconsistent values, duplicates, outliers, and other principles required for AI platforms to return valuable data. They will also explore obtaining and cleansing sample email data, which will be used for the lab 4 exercise.

Topics covered:

• Structured and unstructured data, labeled vs. unlabeled data, and datasets in cybersecurity.
• Sampling methods, dataset creation, and statistical concepts for AI.
• Introduction to regression models and their application in cybersecurity use cases.
• Data stewards, administrators, and governance considerations for AI projects.
• Ensuring data privacy and integrity, preventing data breaches, and introducing anonymization.
• Cleaning and labeling a dataset and preparing data for AI applications using Python.

This section will teach students how the use of AI in cybersecurity enhances efforts in malware analysis, spam email filtering, and cyberthreat prevention using pre-trained capabilities. Students will learn to identify potential challenges impacting pre-trained AI capabilities, such as bias or ethical implications, as well as the mitigating controls to consider. This section emphasizes both theoretical understanding and applied skills, concluding with a lab leveraging a cleansed data set from section three to perform email filtering and explore further concepts useful for increasing true positive detection accuracy for spam emails.

Lab: This lab will leverage additional Python libraries to perform URL extraction in email bodies or headers and use text processing features via the Natural Language Toolkit (NLTK) or spaCy and WhoIs features to determine sender reputation and quality of message contents to identify spam.

Topics covered:

• AI applications in malware detection, spam filtering, and fraud prevention.
• Overview of pre-trained tools like Scikit-learn, their benefits, and applications in security tasks.
• Applying pre-trained AI tools for spam detection and malware analysis.
• Bias, generalization limitations, and ethical challenges in using pre-trained tools.
• Testing a spam classifier on email datasets and optimizing detection accuracy.

This section will show students how to leverage GenAI solutions like ChatGPT and DALL·E for image creation, managing complicated reports and threat intelligence. Students will explore ethical challenges associated with GenAI solutions, the potential for their misuse, and how to use them securely and responsibly. The section will conclude with a lab that explores how GenAI tools can be used to support security and awareness training scenarios for organizational users.

Lab: This lab will leverage ChatGPT to create realistic phishing simulations that can be used to strengthen internal security and awareness training campaigns.

Topics covered:

• Overview of generative AI tools (ChatGPT, DALL·E) and their applications in text and image generation.
• Applications of generative AI in creating simulations, generating reports, and enabling proactive threat intelligence.
• Ethical challenges, misuse of AI (e.g., phishing, deepfakes), and regulatory concerns.
• Guidelines for the responsible and secure use of generative AI tools.
• Using ChatGPT to build phishing simulations and analyze the ethical implications of generated content.

This section will help students understand potential control weaknesses and the required protections that must be considered to ensure the safe operation of organizational AI solutions. It will explore vulnerabilities in AI models, such as dataset poisoning, trainer bias, and model theft. Approaches for securing AI solutions, such as continuous monitoring, data access control, and other controls, will be addressed.

Lab: This lab will explore the use of TextAttack and Locust.io to simulate model data poisoning and Denial of Service (DoS) against the spam classifier program created earlier in sections three and four. Defensive measures based on the results of these AI attacks will be explored to counter future attacks.

Topics covered:

• Threats to AI systems (data poisoning, model theft) and securing AI pipelines.
• Vulnerabilities in models (bias, overfitting), assessment tools and practices, and the OWASP Top 10
• Hardening models, securing datasets, and monitoring systems for anomalies.
• Simulating attacks and implementing defenses in an AI environment.

This section will emphasize how to leverage AI for threat identification or other defensive capabilities like anomaly detection. This lab will explore how AI can help flag and alert users to suspicious logins and other unusual network anomalies that may impact a network. This lab will build upon the datasets and capabilities of the lab 4 email classifier to identify and filter phishing emails with malicious content.

Labs: 1. Analyzing network traffic for anomalies using Python and visualization tools such as Matplotlib.
2. Using pre-trained classifiers and refining rules to improve phishing detection accuracy.

Topics covered:

• Simulating attacks and implementing defenses in an AI environment.
• Overview of AI techniques for cybersecurity (anomaly detection, threat identification).
• Phishing detection, malware analysis, and spam filtering using AI techniques.
• Basics of anomaly detection in network traffic (e.g., unusual login attempts).
• Using pre-trained classifiers and refining rules to improve phishing detection accuracy.
• Analyzing network traffic for anomalies using Python and visualization tools.

This section will review and reinforce key concepts covered in the previous sections. Trends impacting the intersection of AI and cybersecurity will also be discussed. This AI certification course will conclude with a final lab that combines the various tools built throughout each section and creates a basic monitoring dashboard to review real-time results from the various tools.

Lab: Using Streamlit to visualize phishing and anomaly detection tools in a single pane of glass.

Topics covered:

• Reviewing key concepts, emphasizing the integration of AI and security tools.
• Future trends like AI-driven threat intelligence and predictive analytics.
• Addressing AI biases, regulatory frameworks, and transparency in cybersecurity.
• Building and testing a phishing detection tool using pre-trained AI models.
• Combining multiple tools into a dashboard and visualizing threats using Streamlit or similar platforms.