• Online, Self-Paced
Course Description

This course presents the concept of managing cyber risk from a technical perspective. An overview of cyber risk management opens the class, followed by foundational material on conducting a risk assessment of considerations such as threats, vulnerabilities, impacts, and likelihood. Various technical methods for conducting a risk assessment are presented, to include vulnerability assessments and penetration tests, with a focus on continuous monitoring of security controls and how to assess those security controls using the National Institute of Standards and Technology Special Publication 800-53 and 800-53a as a guide.

Learning Objectives

  • Understand key concepts and issues in risk management.
  • Survey multiple risk management frameworks.
  • Understand risk assessment and analysis methodologies.
  • Identify information security controls and countermeasures to mitigate risks to acceptable levels.
  • Understand concepts and methods of 'continuous monitoring'.

Framework Connections