• Online, Self-Paced

If a threat agent exploits an IT asset's vulnerability, then the consequences for a business could be detrimental. In IT security terms, the likelihood of this happening and the potential impact if it did constitutes the concept of risk.

Those responsible for the operational security of assets need to know how to reduce risk sufficiently. Use this course to learn the many ways to identify, assess, and manage risk related to IT infrastructure.

Explore, in detail, various risk management techniques, such as risk visibility and reporting, threat modeling, and risk treatment. Examine legal and regulatory concerns when managing risk. And see how to implement organizational security awareness and training.

Upon completion, you'll know how to bring risk magnitude down to a pre-defined acceptable level. You'll also be further prepared to sit the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

Learning Objectives

{"discover the key concepts covered in this course"}

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Operational Planning
  • Cyber Defense Infrastructure Support
  • Cybersecurity Management
  • Executive Cyber Leadership
  • Risk Management
  • Systems Analysis
  • Systems Development
  • Threat Analysis
  • Vulnerability Assessment and Management

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.