This is a self-paced course that provides an introduction to information security and cybersecurity. Among the topics covered are Security Design Principles, Threat Modeling, and Security Policy. Students gain a broad overview of Information Security and Privacy (ISP) through high-level ISP concepts. We discuss both traditional design principles and principles that were developed to design secure systems. We'll talk about several examples of insecure design and techniques to improve the design. We take an in-depth dive into creating models to measure potential threats. We also talk about risk and ways of managing and measuring the risk to assets. We conclude by taking an in-depth look at different security policy models, including the Bell-La Padula (BLP) Model, the Biba Integrity Model, Lipner's Model, and Clark-Wilson Integrity Model. Next, we consider the practical aspects of the implementation of the policy models.