Cybersecurity Risk Management

Learn key principles of risk analysis, risk assessment and risk mitigation for information security using both qualitative and quantitative methodologies. Cybersecurity risk management guides a growing number of IT decisions. Cybersecurity risks continue to have critical impacts on overall IT risk modeling, assessment and mitigation. In this course, you will learn about the general information security risk management framework and its practices and how to identify and model information security risks and apply both qualitative and quantitative risk assessment methods. Understanding this framework will enable you to articulate the business consequences of identified information security risks. These skills are essential for any successful information security professional. The goal of this course is to teach students the risk management framework with both qualitative and quantitative assessment methods that concentrate on the information security (IS) aspect of IT risks. The relationship between the IT risk and business value will be discussed through several industry case studies.

Course syllabus:

  1. Evolution of Information Security

  2. Risk Management Process, Framework and Life Cycle

  3. Quantitative versus Qualitative Risk Assessment

  4. Defining Information Security Metrics

  5. Analysis Techniques