We may earn an affiliate commission when you visit our partners.
Course image
Michael Whitman, Ph.D., CISM, CISSP, Dr. Traci Carte, Herbert J. Mattord, Ph.D., CISM, CISSP, CDP, Andy Green, Ph.D., and Dr. Humayun Zafar, CEH, CISM, CRISC, PCIP

This course intends to make the student familiar with information security management. When you have finished with this course you will know more about:

• Governance: including the mission, roles and responsibilities of the InfoSec governance function, and the strategic planning process and InfoSec’s role in the organization’s strategic planning effort.

• You will understand the various types of InfoSec policies and how effective information security policy is created and used.

• Risk management and the risk management process

Read more

This course intends to make the student familiar with information security management. When you have finished with this course you will know more about:

• Governance: including the mission, roles and responsibilities of the InfoSec governance function, and the strategic planning process and InfoSec’s role in the organization’s strategic planning effort.

• You will understand the various types of InfoSec policies and how effective information security policy is created and used.

• Risk management and the risk management process

• Certain laws and ethical issues impacting information security in the organization. And some common information security management practices such as benchmarking and performance measures.

Enroll now

What's inside

Syllabus

Welcome to the Management of Information Security
This module provides a welcome to the course and describes the course modules that follow. The lecture and reading will introduce you to the broad topic of security management and establish the basic terminology needed for later modules. Also, you will begin learning about the case company that you will use in an extended simulation that spans the rest of this course as you build on your learning by engaging in real world analysis and reporting on cybersecurity topics.
Read more
Governance and Strategic Planning in Information Security
In this module, you will explore how organizations organize the cybersecurity function and engage in strategic planning. This will include coverage of where the information security management team is placed in the organizational hierarchy, what functions does the CSO of an organization fulfill, as well as some explanation of the strategic planning function.You will also develop a simulated organizational plan in a report to executive management as part of the ongoing case study.
Risk Management
This module will define risk management and explore the processes used by organizations to identify and control risk. This will include basic techniques used to identify and assess risk as well as exploration of the risk control strategies that can be used to help control risk. You will also experiment with reading an industry standard risk report that you will summarize and analyze as you assess operational risk for higher management as part of the ongoing case-based project.
Regulatory Compliance, Law and Ethics
In this module you will learn about how organizations must manage the complex issues emerging from the rapidly changing legal and regulatory environment. It will include a short overview of the laws and regulations you should plan to learn about as well as an introduction to how ethics is encountered in the workplace. Then you will engage on a discussion on compliance with industry standards and governmental regulation as a means to move closer to a more secure work environment. As part of the ongoing case study you will be asked to advise management on an ethical dilemma currently facing some of the management team at CHI.
Security Programs
This module explores some of the other important elements commonly found in information security management programs. While you will not cover every security management topic, you will explore performance measurement, managing technical controls, and contingency planning. Then, you will assess and report on the proposed incident response plans of the simulated company as part of the ongoing case study.
Conclusion
In this module, you will synthesize the content in the course, complete a final exam, and complete your Capstone Project.

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Explores information security management, which is standard in industry
Taught by Michael Whitman, Ph.D., CISM, CISSP, who is recognized for their work in information security
Develops governance, strategic planning, risk management, compliance, and security programs, which are core skills for information security management
Provides a comprehensive study of information security management
Requires learners to come in with extensive background knowledge first

Save this course

Save The Business of Cybersecurity Capstone to your list so you can find it easily later:
Save

Reviews summary

Comprehensive cybersecurity business overview

According to students, this self-learning course is valuable for anyone interested in Cybersecurity business concepts. Students say that those committed to actively applying themselves to the current materials will learn a lot. It may be best suited for learners seeking a career change into Cybersecurity.
Students found the course to be valuable.
"This is an excellent introduction to the overall business concepts of Cybersecurity."
"If you commit to doing all the work and really apply yourself to the materials, it will be hugely valuable in whatever area of business you are in."
"If you are looking to change careers and focus more in Cyber, this is the introductory series for you."
The course is primarily self-paced with minimal instructor interaction.
"This is very much a self-learning course with very little input, but again what you choose to learn you will."

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in The Business of Cybersecurity Capstone with these activities:
Connect with Industry Professionals
Gain insights and guidance from experienced professionals in the field.
Show steps
  • Identify industry professionals on LinkedIn or other platforms.
  • Reach out and request a meeting or informational interview.
Read Information Security Management Handbook
Build a stronger foundation of information security management practices.
Show steps
  • Acquire a copy of the Information Security Management Handbook.
  • Read Chapters 1-5
Attend an Information Security Conference
Stay up-to-date on the latest trends and best practices in information security management.
Browse courses on Governance
Show steps
  • Research and identify relevant information security conferences.
  • Register and attend the conference.
  • Participate in sessions and workshops.
Five other activities
Expand to see all activities and additional details
Show all eight activities
Create a Study Guide
Reinforce key concepts and improve retention.
Browse courses on Governance
Show steps
  • Review course notes and materials.
  • Identify key concepts.
  • Summarize key concepts in a study guide.
CISSP Practice Exam
Practice and test knowledge covered in the course.
Browse courses on Governance
Show steps
  • Identify an online CISSP practice exam.
  • Take the practice exam under timed conditions.
  • Review incorrect answers.
Discussion Group
Engage in discussions with peers to clarify concepts and expand perspectives.
Browse courses on Governance
Show steps
  • Join or create a discussion group related to information security management.
  • Participate in discussions on relevant topics.
  • Contribute to the discussion by sharing knowledge and insights.
NIST Cybersecurity Framework Assessment
Gain practical experience in assessing an organization's cybersecurity framework.
Browse courses on Risk Management
Show steps
  • Download the NIST Cybersecurity Framework Assessment Tool.
  • Identify an organization to assess.
  • Conduct the assessment.
Develop an Information Security Policy
Apply knowledge of information security management principles to create a practical deliverable.
Browse courses on Governance
Show steps
  • Identify the scope and objectives of the information security policy.
  • Research industry best practices and relevant regulations.
  • Draft the information security policy.
  • Review and refine the policy with feedback from stakeholders.

Career center

Learners who complete The Business of Cybersecurity Capstone will develop knowledge and skills that may be useful to these careers:
Information Security Analyst
Information Security Analysts realize a secure environment by analyzing data to help organizations manage cybersecurity threats. Gaining knowledge from The Business of Cybersecurity Capstone, you will learn to execute preventative actions to protect against potential threats, working with a team of IT specialists to establish a secure network. Moreover, you will learn methods to improve the security of applications and provide counsel to clients concerning security guidelines.
Security Architect
Security Architects design, build, and maintain the security infrastructure of an organization. The Business of Cybersecurity Capstone will provide you with the foundation to understand the principles of information security management. This course will help you develop the skills necessary to design and implement security solutions that meet the needs of your organization.
Chief Information Security Officer (CISO)
Chief Information Security Officers (CISOs) are responsible for the overall security of an organization's information systems. The Business of Cybersecurity Capstone will provide you with the knowledge and skills you need to be successful in this role. You will learn about the latest information security threats and trends, as well as the best practices for protecting your organization's information assets.
Cybersecurity Engineer
Cybersecurity Engineers design, implement, and maintain cybersecurity systems. The Business of Cybersecurity Capstone will provide you with the foundation you need to be successful in this role. You will learn about the latest cybersecurity technologies and trends, as well as the best practices for protecting your organization's information assets.
Cybersecurity Auditor
Cybersecurity Auditors assess the security of an organization's information systems. The Business of Cybersecurity Capstone will provide you with the knowledge and skills you need to be successful in this role. You will learn about the latest cybersecurity auditing techniques and tools, as well as the best practices for assessing the security of your organization's information assets.
Penetration Tester
Penetration Testers identify vulnerabilities in an organization's security systems. The Business of Cybersecurity Capstone will provide you with the skills you need to be successful in this role. You will learn about the latest penetration testing techniques and tools, as well as the best practices for identifying and exploiting vulnerabilities.
Incident Responder
Incident Responders investigate and respond to cybersecurity incidents. The Business of Cybersecurity Capstone will provide you with the skills you need to be successful in this role. You will learn about the latest incident response techniques and tools, as well as the best practices for investigating and responding to cybersecurity incidents.
Security Consultant
Security Consultants provide advice and guidance to organizations on how to improve their cybersecurity posture. The Business of Cybersecurity Capstone will provide you with the knowledge and skills you need to be successful in this role. You will learn about the latest cybersecurity threats and trends, as well as the best practices for protecting your organization's information assets.
Security Analyst
Security Analysts monitor and analyze security data to identify threats and vulnerabilities. The Business of Cybersecurity Capstone will provide you with the skills you need to be successful in this role. You will learn about the latest security monitoring and analysis techniques and tools, as well as the best practices for identifying and responding to threats and vulnerabilities.
Vulnerability Manager
Vulnerability Managers identify and manage vulnerabilities in an organization's software and systems. The Business of Cybersecurity Capstone will provide you with the skills you need to be successful in this role. You will learn about the latest vulnerability management techniques and tools, as well as the best practices for identifying and managing vulnerabilities.
Privacy Analyst
Privacy Analysts help organizations comply with privacy laws and regulations. The Business of Cybersecurity Capstone will provide you with the knowledge and skills you need to be successful in this role. You will learn about the latest privacy laws and regulations, as well as the best practices for protecting your organization's customer data.
Compliance Analyst
Compliance Analysts ensure that organizations comply with industry regulations and standards. The Business of Cybersecurity Capstone will provide you with the knowledge and skills you need to be successful in this role. You will learn about the latest industry regulations and standards, as well as the best practices for ensuring your organization's compliance.
Risk Analyst
Risk Analysts assess the risks to an organization's information systems. The Business of Cybersecurity Capstone will provide you with the skills you need to be successful in this role. You will learn about the latest risk assessment techniques and tools, as well as the best practices for assessing the risks to your organization's information assets.
Information Security Manager
Information Security Managers oversee the security of an organization's information systems. The Business of Cybersecurity Capstone will provide you with the knowledge and skills you need to be successful in this role. You will learn about the latest cybersecurity threats and trends, as well as the best practices for protecting your organization's information assets.
IT Auditor
IT Auditors assess the security and efficiency of an organization's IT systems. The Business of Cybersecurity Capstone may be useful for this role, as it will provide you with a foundation in information security management. You will learn about the latest IT auditing techniques and tools, as well as the best practices for auditing IT systems.

Reading list

We've selected 13 books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in The Business of Cybersecurity Capstone.
This framework provides a set of best practices for managing cybersecurity risks. It valuable resource for organizations of all sizes.
Provides a comprehensive overview of cybersecurity risk management. It covers topics such as risk assessment, risk management, and risk mitigation.
Valuable resource for students preparing for the CISSP certification exam. It covers all of the domains of the exam, and provides practice questions.
Provides insights into the human element of security. It valuable resource for students and practitioners alike.
Provides a practical guide to penetration testing. It valuable resource for students and practitioners alike.
Provides a comprehensive overview of secure coding principles and practices. It valuable resource for students and practitioners alike.
Provides a comprehensive overview of cryptography and network security principles and practices. It valuable resource for students and practitioners alike.
Provides a comprehensive overview of network security essentials. It valuable resource for students and practitioners alike.
Provides an introduction to security analysis. It valuable resource for students and practitioners alike.
Provides a comprehensive overview of security engineering best practices. It valuable resource for cybersecurity professionals.
Provides a comprehensive overview of cloud security principles and practices. It valuable resource for students and practitioners alike.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to The Business of Cybersecurity Capstone.
The GRC Approach to Managing Cybersecurity
Most relevant
Information and Cyber Security Literacy: Governance, Risk...
Most relevant
Information Security Risk Management Program for CGRC
Most relevant
Security and Risk Management: Concepts and Principles for...
Most relevant
Maturing Risk Management
Most relevant
Selection and Approval of Security and Privacy Controls...
Most relevant
Assessment/Audit of Security and Privacy Controls for CGRC
Most relevant
Scope of the Information System for CGRC
Most relevant
Security Principles
Most relevant
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser