• Online, Self-Paced
Course Description

Description
The Management's Guide to Understanding Risk Management Decisions in Cyber-security and Information Technology (IT)!

Have you ever wondered why your organization's executives or your manager made a decision to fund or not fund your project? In this course, you will get an inside look at how cyber-security and information technology (IT) managers determine which projects they will support with funding and which they won't based on a preliminary risk analysis. Over the past two decades, I have worked in the cyber-security and information technology realm, fighting for my projects to become funded. Early in my career, I didn't understand why certain projects would be funded and executed, while others wouldn't. What I learned, it all came down to risk management by our executives and managers. You will learn the terms used by executives and managers in discussing risk management, and how to apply the concepts of risk management to your networks, systems, and projects. This course is not an operational or tactical course that focuses on how you will secure your networks, but instead focuses on the mindset of managers and teaches you how to think like they do. Once you master these concepts, it is much easier to build your business case for your projects and justify your budgetary needs. This course also includes two case studies of what happens when risk management fails, as demonstrated by the Amazon Web Services outage and Equifax data breach that both occurred in 2017.

About the Author

Jason Dion, CISSP No. 349867, is a Adjunct Instructor at Liberty University’s College of Engineering and Computational Science and Anne Arundel Community College’s Department of Computing Technologies with multiple information technology professional certifications, including Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Network Defense Architect (CNDA), Digital Forensic Examiner (DFE), Digital Media Collector (DMC), Security+, Network+, A+, PRINCE2, and Information Technology Infrastructure Library v3. With networking experience dating back to 1992, Jason has been a network engineer, Deputy Director of a Network Operations Center, and an Information Systems Officer for large organizations around the globe. He holds a Master’s of Science degree in Information Technology with a specialization in Information Assurance from University of Maryland University College, a Master’s of Arts and Religion in Pastoral Counseling, and a Bachelor’s of Science in Human Resources Management from New School University. He lives in the greater Washington D.C./Baltimore, Maryland area with his wife and two children.

Learning Objectives

Understand the foundations of risk management in the cyber-security and information technology field. Be able to use qualitative risk measurement techniques when discussing networks and projects. Be able to use quantitative risk measurement techniques when discussing networks and projects. Discuss current events in the technology space in relation to risk management decisions

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.