We may earn an affiliate commission when you visit our partners.
Michael Whitman, Ph.D., CISM, CISSP,
Dr. Traci Carte,
Herbert J. Mattord, Ph.D., CISM, CISSP, CDP,
Andy Green, Ph.D.,
and
Dr. Humayun Zafar, CEH, CISM, CRISC, PCIP
This course intends to make the student familiar with information security management. When you have finished with this course you will know more about:
• Governance: including the mission, roles and responsibilities of the InfoSec governance function, and the strategic planning process and InfoSec’s role in the organization’s strategic planning effort.
• You will understand the various types of InfoSec policies and how effective information security policy is created and used.
• Risk management and the risk management process
Read more
This course intends to make the student familiar with information security management. When you have finished with this course you will know more about:
• Governance: including the mission, roles and responsibilities of the InfoSec governance function, and the strategic planning process and InfoSec’s role in the organization’s strategic planning effort.
• You will understand the various types of InfoSec policies and how effective information security policy is created and used.
• Risk management and the risk management process
Read more
This course intends to make the student familiar with information security management. When you have finished with this course you will know more about:
• Governance: including the mission, roles and responsibilities of the InfoSec governance function, and the strategic planning process and InfoSec’s role in the organization’s strategic planning effort.
• You will understand the various types of InfoSec policies and how effective information security policy is created and used.
• Risk management and the risk management process
• Certain laws and ethical issues impacting information security in the organization. And some common information security management practices such as benchmarking and performance measures.
Register for this course and see more details by visiting:
OpenCourser.com/course/1v74ad/the
Two deals to help you save
Save money when you learn. Here are two deals and offers that may be relevant to this course.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Valid until July 14
Coursera Plus Annual
Work toward what's next for your career with access to 10,000+ programs. Discover emerging skills and save.
Up to
40%
off
Get offer
Valid until August 30
Google AI App Builder
Learn how to use Gemini API and API Studio with a three-course series from Google DeepMind
Take
100%
off
Get offer
What's inside
Syllabus
Welcome to the Management of Information Security
This module provides a welcome to the course and describes the course modules that follow. The lecture and reading will introduce you to the broad topic of security management and establish the basic terminology needed for later modules. Also, you will begin learning about the case company that you will use in an extended simulation that spans the rest of this course as you build on your learning by engaging in real world analysis and reporting on cybersecurity topics.
Read more
Syllabus
Welcome to the Management of Information Security
This module provides a welcome to the course and describes the course modules that follow. The lecture and reading will introduce you to the broad topic of security management and establish the basic terminology needed for later modules. Also, you will begin learning about the case company that you will use in an extended simulation that spans the rest of this course as you build on your learning by engaging in real world analysis and reporting on cybersecurity topics.
Read more
Traffic lights
Traffic lights
Read about what's good
what should give you pause and
possible dealbreakers
Explores information security management, which is standard in industry
Taught by Michael Whitman, Ph.D., CISM, CISSP, who is recognized for their work in information security
Develops governance, strategic planning, risk management, compliance, and security programs, which are core skills for information security management
Provides a comprehensive study of information security management
Requires learners to come in with extensive background knowledge first
Save this course
Create your own learning path.
Save this course to your list so you can find it easily later.
Save
Save
Reviews summary
Business-focused cybersecurity management overview
According to learners, this course provides a good overview of the non-technical, business aspects of cybersecurity. Students appreciate the focus on governance, risk management, and compliance, finding it relevant for strategic and leadership roles. The syllabus covers key topics like policy, law, ethics, and security programs, often structured around a case study simulation. Many students found the case study helpful for applying concepts in a practical way. However, a common point raised is the course's emphasis on high-level management concepts, meaning it lacks technical depth, which may not suit those seeking hands-on security skills. It serves well as an introduction to the strategic side of Information Security.
Helps apply concepts to real-world scenarios.
"The case study really helped tie everything together and apply the theoretical frameworks we learned."
"Working through the simulated company issues made the concepts feel more real and practical."
"The case study was a valuable way to synthesize information from across the modules."
"While sometimes challenging, the case study was a highlight for applying the material."
Provides a broad intro to core concepts.
"Provides a solid foundation on the key pillars of information security management from a business perspective."
"A good first step for understanding the strategic and compliance side of InfoSec."
"Covers a comprehensive range of topics from governance to security programs."
"It gives a broad stroke view across essential management areas in cybersecurity."
Valuable for understanding management aspects.
"This course was exactly what I needed to understand the management side of cybersecurity, not the technical one."
"I appreciated the focus on governance and risk management; it's crucial for leadership roles."
"It's less about tools and more about strategy, policy, and compliance, which is a key part of the business."
"The content is highly relevant for anyone in or aspiring to a cybersecurity management position."
Some regulations may need external verification.
"Laws and regulations evolve quickly; some specific examples might need cross-referencing for current applicability."
"The course provides the fundamental understanding, but staying current on specific regulations requires ongoing effort."
"While the concepts are evergreen, students should verify specific regulatory details mentioned."
Course is managerial, not technically focused.
"Do not expect to learn technical security skills here; this is purely about management and policy."
"I was hoping for more integration with actual technical controls, but it stayed high-level."
"This course is great for managers but likely too theoretical or basic for someone hands-on in a technical role."
"Needed more examples of how the policies and governance translate into technical implementation details."
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in The Business of Cybersecurity Capstone with these
activities:
Connect with Industry Professionals
Show steps
Gain insights and guidance from experienced professionals in the field.
Show steps
-
Identify industry professionals on LinkedIn or other platforms.
-
Reach out and request a meeting or informational interview.
Read Information Security Management Handbook
Show steps
Build a stronger foundation of information security management practices.
View
Information Security Management Handbook,...
on Amazon
Show steps
-
Acquire a copy of the Information Security Management Handbook.
-
Read Chapters 1-5
Attend an Information Security Conference
Show steps
Stay up-to-date on the latest trends and best practices in information security management.
Browse courses on
Governance
Show steps
-
Research and identify relevant information security conferences.
-
Register and attend the conference.
-
Participate in sessions and workshops.
Five other activities
Expand to see all activities and additional details
Show all eight activities
Create a Study Guide
Show steps
Reinforce key concepts and improve retention.
Browse courses on
Governance
Show steps
-
Review course notes and materials.
-
Identify key concepts.
-
Summarize key concepts in a study guide.
CISSP Practice Exam
Show steps
Practice and test knowledge covered in the course.
Browse courses on
Governance
Show steps
-
Identify an online CISSP practice exam.
-
Take the practice exam under timed conditions.
-
Review incorrect answers.
Discussion Group
Show steps
Engage in discussions with peers to clarify concepts and expand perspectives.
Browse courses on
Governance
Show steps
-
Join or create a discussion group related to information security management.
-
Participate in discussions on relevant topics.
-
Contribute to the discussion by sharing knowledge and insights.
NIST Cybersecurity Framework Assessment
Show steps
Gain practical experience in assessing an organization's cybersecurity framework.
Browse courses on
Risk Management
Show steps
-
Download the NIST Cybersecurity Framework Assessment Tool.
-
Identify an organization to assess.
-
Conduct the assessment.
Develop an Information Security Policy
Show steps
Apply knowledge of information security management principles to create a practical deliverable.
Browse courses on
Governance
Show steps
-
Identify the scope and objectives of the information security policy.
-
Research industry best practices and relevant regulations.
-
Draft the information security policy.
-
Review and refine the policy with feedback from stakeholders.
Connect with Industry Professionals
Show steps
Gain insights and guidance from experienced professionals in the field.
Show steps
Show steps
Show steps
- Identify industry professionals on LinkedIn or other platforms.
- Reach out and request a meeting or informational interview.
Read Information Security Management Handbook
Show steps
Build a stronger foundation of information security management practices.
View
Information Security Management Handbook,...
on Amazon
Show steps
Show steps
Show steps
- Acquire a copy of the Information Security Management Handbook.
- Read Chapters 1-5
Attend an Information Security Conference
Show steps
Stay up-to-date on the latest trends and best practices in information security management.
Browse courses on
Governance
Show steps
Show steps
Show steps
- Research and identify relevant information security conferences.
- Register and attend the conference.
- Participate in sessions and workshops.
Five other activities
Expand to see all activities and additional details
Show all eight activities
Create a Study Guide
Show steps
Reinforce key concepts and improve retention.
Browse courses on
Governance
Show steps
Show steps
Show steps
- Review course notes and materials.
- Identify key concepts.
- Summarize key concepts in a study guide.
CISSP Practice Exam
Show steps
Practice and test knowledge covered in the course.
Browse courses on
Governance
Show steps
Show steps
Show steps
- Identify an online CISSP practice exam.
- Take the practice exam under timed conditions.
- Review incorrect answers.
Discussion Group
Show steps
Engage in discussions with peers to clarify concepts and expand perspectives.
Browse courses on
Governance
Show steps
Show steps
Show steps
- Join or create a discussion group related to information security management.
- Participate in discussions on relevant topics.
- Contribute to the discussion by sharing knowledge and insights.
NIST Cybersecurity Framework Assessment
Show steps
Gain practical experience in assessing an organization's cybersecurity framework.
Browse courses on
Risk Management
Show steps
Show steps
Show steps
- Download the NIST Cybersecurity Framework Assessment Tool.
- Identify an organization to assess.
- Conduct the assessment.
Develop an Information Security Policy
Show steps
Apply knowledge of information security management principles to create a practical deliverable.
Browse courses on
Governance
Show steps
Show steps
Show steps
- Identify the scope and objectives of the information security policy.
- Research industry best practices and relevant regulations.
- Draft the information security policy.
- Review and refine the policy with feedback from stakeholders.
Career center
Learners who complete The Business of Cybersecurity Capstone will develop knowledge and skills
that may be useful to these careers:
Information Security Analyst
Information Security Analyst
Information Security Analysts realize a secure environment by analyzing data to help organizations manage cybersecurity threats. Gaining knowledge from The Business of Cybersecurity Capstone, you will learn to execute preventative actions to protect against potential threats, working with a team of IT specialists to establish a secure network. Moreover, you will learn methods to improve the security of applications and provide counsel to clients concerning security guidelines.
Security Architect
Security Architect
Security Architects design, build, and maintain the security infrastructure of an organization. The Business of Cybersecurity Capstone will provide you with the foundation to understand the principles of information security management. This course will help you develop the skills necessary to design and implement security solutions that meet the needs of your organization.
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
Chief Information Security Officers (CISOs) are responsible for the overall security of an organization's information systems. The Business of Cybersecurity Capstone will provide you with the knowledge and skills you need to be successful in this role. You will learn about the latest information security threats and trends, as well as the best practices for protecting your organization's information assets.
Cybersecurity Engineer
Cybersecurity Engineer
Cybersecurity Engineers design, implement, and maintain cybersecurity systems. The Business of Cybersecurity Capstone will provide you with the foundation you need to be successful in this role. You will learn about the latest cybersecurity technologies and trends, as well as the best practices for protecting your organization's information assets.
Penetration Tester
Penetration Tester
Penetration Testers identify vulnerabilities in an organization's security systems. The Business of Cybersecurity Capstone will provide you with the skills you need to be successful in this role. You will learn about the latest penetration testing techniques and tools, as well as the best practices for identifying and exploiting vulnerabilities.
Cybersecurity Auditor
Cybersecurity Auditor
Cybersecurity Auditors assess the security of an organization's information systems. The Business of Cybersecurity Capstone will provide you with the knowledge and skills you need to be successful in this role. You will learn about the latest cybersecurity auditing techniques and tools, as well as the best practices for assessing the security of your organization's information assets.
Incident Responder
Incident Responder
Incident Responders investigate and respond to cybersecurity incidents. The Business of Cybersecurity Capstone will provide you with the skills you need to be successful in this role. You will learn about the latest incident response techniques and tools, as well as the best practices for investigating and responding to cybersecurity incidents.
Vulnerability Manager
Vulnerability Manager
Vulnerability Managers identify and manage vulnerabilities in an organization's software and systems. The Business of Cybersecurity Capstone will provide you with the skills you need to be successful in this role. You will learn about the latest vulnerability management techniques and tools, as well as the best practices for identifying and managing vulnerabilities.
Security Analyst
Security Analyst
Security Analysts monitor and analyze security data to identify threats and vulnerabilities. The Business of Cybersecurity Capstone will provide you with the skills you need to be successful in this role. You will learn about the latest security monitoring and analysis techniques and tools, as well as the best practices for identifying and responding to threats and vulnerabilities.
Security Consultant
Security Consultant
Security Consultants provide advice and guidance to organizations on how to improve their cybersecurity posture. The Business of Cybersecurity Capstone will provide you with the knowledge and skills you need to be successful in this role. You will learn about the latest cybersecurity threats and trends, as well as the best practices for protecting your organization's information assets.
Privacy Analyst
Privacy Analyst
Privacy Analysts help organizations comply with privacy laws and regulations. The Business of Cybersecurity Capstone will provide you with the knowledge and skills you need to be successful in this role. You will learn about the latest privacy laws and regulations, as well as the best practices for protecting your organization's customer data.
Compliance Analyst
Compliance Analyst
Compliance Analysts ensure that organizations comply with industry regulations and standards. The Business of Cybersecurity Capstone will provide you with the knowledge and skills you need to be successful in this role. You will learn about the latest industry regulations and standards, as well as the best practices for ensuring your organization's compliance.
Risk Analyst
Risk Analyst
Risk Analysts assess the risks to an organization's information systems. The Business of Cybersecurity Capstone will provide you with the skills you need to be successful in this role. You will learn about the latest risk assessment techniques and tools, as well as the best practices for assessing the risks to your organization's information assets.
Information Security Manager
Information Security Manager
Information Security Managers oversee the security of an organization's information systems. The Business of Cybersecurity Capstone will provide you with the knowledge and skills you need to be successful in this role. You will learn about the latest cybersecurity threats and trends, as well as the best practices for protecting your organization's information assets.
IT Auditor
IT Auditor
IT Auditors assess the security and efficiency of an organization's IT systems. The Business of Cybersecurity Capstone may be useful for this role, as it will provide you with a foundation in information security management. You will learn about the latest IT auditing techniques and tools, as well as the best practices for auditing IT systems.
For more career information including salaries, visit:
OpenCourser.com/course/1v74ad/the
Reading list
We've selected 13 books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
The Business of Cybersecurity Capstone.
This framework provides a set of best practices for managing cybersecurity risks. It valuable resource for organizations of all sizes.
Provides a comprehensive overview of cybersecurity risk management. It covers topics such as risk assessment, risk management, and risk mitigation.
Valuable resource for students preparing for the CISSP certification exam. It covers all of the domains of the exam, and provides practice questions.
Save
Provides insights into the human element of security. It valuable resource for students and practitioners alike.
Provides a hands-on guide to malware analysis. It valuable resource for students and practitioners alike.
Provides a practical guide to penetration testing. It valuable resource for students and practitioners alike.
Save
Provides a comprehensive overview of secure coding principles and practices. It valuable resource for students and practitioners alike.
Provides a comprehensive overview of cryptography and network security principles and practices. It valuable resource for students and practitioners alike.
Provides a comprehensive overview of network security essentials. It valuable resource for students and practitioners alike.
Provides an introduction to security analysis. It valuable resource for students and practitioners alike.
Provides a comprehensive overview of security engineering best practices. It valuable resource for cybersecurity professionals.
Save
Provides a comprehensive overview of applied cryptography. It valuable resource for students and practitioners alike.
Provides a comprehensive overview of cloud security principles and practices. It valuable resource for students and practitioners alike.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/1v74ad/the
Share
Similar courses
Similar courses are unavailable at this time. Please try again later.
Level
Introductory
Via
Coursera
Institution
University System of Georgia
Instructors
Michael Whitman, Ph.D., CISM, CISSP
Dr. Traci Carte
Herbert J. Mattord, Ph.D., CISM, CISSP, CDP
Andy Green, Ph.D.
Dr. Humayun Zafar, CEH, CISM, CRISC, PCIP
Language
English
Transcripts
Español
Français
Português
Deutsch
Italiano
中文
العربية
한국어
日本語
हिंदी
Nederlands
Svenska
Pусский
Türkçe
Polski
Ελληνικά
українська мова
magyar nyelv
Bahasa Indonesia
ไทย
қазақша
اُردُو,
فارسی
বাংলা
tiếng Việt
پښتو
آذربایجان دیلی
This course belongs to a
collection
called
Cybersecurity: Developing a Program for Your Business. It's comprised of four courses:
- Cybersecurity and Mobility
- The Business of Cybersecurity Capstone (viewing)
- Cybersecurity and the Internet of Things
- Cybersecurity and the X-Factor
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2025 OpenCourser