We may earn an affiliate commission when you visit our partners.
Course image
Jason Dion • 1.8 Million+ Enrollments Worldwide and Dion Training Solutions • ATO for ITIL & PRINCE2

Have you ever wondered why your organization's executives or your manager made a decision to fund or not fund your project?

Read more

Have you ever wondered why your organization's executives or your manager made a decision to fund or not fund your project?

In this course, you will get an inside look at how cybersecurity and information technology (IT) managers determine which projects they will support with funding, and which they won't, based on a preliminary risk analysis. Over the past two decades, I have worked in the cybersecurity and information technology realm, fighting for my projects to be funded. Early in my career, I didn't understand why certain projects would be funded and executed, while others wouldn't. What I learned, is that it all came down to Risk Management by our executives and managers.

You will learn the terms used by executives and managers in discussing Risk Management, and how to apply the concepts of Risk Management to your networks, systems, and projects. This course is not an operational or tactical course that focuses on how you will secure your networks, but instead focuses on the mindset of managers and teaches you how to think like they do. Once you master these concepts, it is much easier to build your business case for your projects and justify your budgetary needs.

Throughout this course, we will discuss what comprises Risk (assets, threats, and vulnerabilities), providing numerous real-world examples along the way. We will also cover Qualitative and Quantitative Risk Measurements, showing how you can calculate the risk of an uncertainty due to vulnerabilities and threats.

This course also includes two case studies of what happens when risk management fails, as demonstrated by the Amazon Web Services outage and Equifax data breach that both occurred in 2017. You will learn to better understand these scenarios, what caused the outage/breach, and why managers may have made the decisions they did that led up to them.

Upon completion of this course, you will earn 3 CEUs towards the renewal of your CompTIA A+, Network+, Security+, Linux+, Cloud+, PenTest+, CySA+, or CASP+ certifications.

Enroll now

Here's a deal for you

We found an offer that may be relevant to this course.
Save money when you learn. All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.

What's inside

Learning objectives

  • Understand the foundations of risk management in the cybersecurity and information technology field
  • Be able to use qualitative risk measurement techniques when discussing networks and projects
  • Be able to use quantitative risk measurement techniques when discussing networks and projects
  • Discuss current events in the technology space in relation to risk management decisions

Syllabus

Introduction

This video contains a short introduction from your instructor, Jason.

This lesson includes the downloadable study guide as a resource for your offline studies and note taking.

Read more
What is Risk?

In this lecture, we will discuss the three major components of risk: assets, vulnerabilities, and threats.

In this lecture, you will learn the different types of risk that exist in the business world and in our IT networks.

In this lesson, we will discuss the different types of threats that our networks and businesses face.

In this lecture, we will breakdown what happens when Risk Management fails by examining the Amazon Web Services outage from 2017 that took down nearly the entire East Coast region!

What Can You Do With Risk?

In this video, we will introduce the concepts of mitigating, transferring, avoiding, and accepting risk.

In this video, we will dive deeper into the concept of Risk Mitigation.

In this video, we will dive deeper into the concept of Risk Transference.

In this video, we will dive deeper into the concept of Risk Avoidance.

In this video, we will dive deeper into the concept of Risk Acceptance.

In this video, we will discuss how risk controls are selected.

In this lesson, we will take a small detour into the world of project management (PMP and PRINCE2) to discuss additional risk responses that are available beyond the four basics we discussed above.

Calculating Risk

In this lesson, you will learn the different types of ways to calculate risk.

In this video, we will discuss the qualitative risk measurement methods.

In this video, we will discuss the quantitative risk measurement methods.

In this video, we will discuss the Equifax data breach of July 2017, what led up to it, and the management decisions that could have prevented it.

Student will get a real world perspective into the world of risk management through interviews with professionals in the field.

In this short video, students will receive an introduction to this section of interviews with industry professionals in the Government, Defense, Commercial, and Health Care sectors and how they implement Risk Management in the Real World. 

In this video, Jason interviews Mr. Randy Fuller who worked in the Government sector. Mr. Fuller's organization spans across 6 continents and hundreds of thousands of users.

In this video, Jason interviews Mr. Corey Charles who works as an IT Manager in the Vulnerability Management space in the Government sector. Mr. Charles' organization spans across 6 states and thousands of users.

In this video, Jason interviews Mr. David Anderson, the Director of Information Security Operations for a major health care provider in the United States. His organization spans 46 hospitals across numerous states, and gives us a unique inside look at how decisions made decades ago can still affect the risk posture of our networks today. (The audio quality is not the greatest, unfortunately, as we had to record it over a phone line connection, but it is well worth listening to because the discussion he provides us is outstanding!)

In this interview, we talk with Tu Laniyonu who works in the Government Sector as a digital forensic examiner working on cases of suspected insider threats.

Conclusion

In this video, we will provide a short conclusion and summary of the course.

BONUS: Where to go from here?

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Covers qualitative and quantitative risk measurement techniques, as well as case studies and industry examples
Course length is not provided
Taught by Jason Dion, an experienced IT and cybersecurity instructor
Objectives may be too general for some learners
Provides a comprehensive overview of risk management in IT and cybersecurity
Examines risk management failures through case studies, such as the Amazon Web Services outage and Equifax data breach

Save this course

Save Risk Management for Cybersecurity and IT Managers to your list so you can find it easily later:
Save

Reviews summary

Cyber risk fundamentals

Learners say this course provides a largely positive overview of risk management for cybersecurity and IT managers, with engaging assignments that help them understand key concepts. The course begins with a breakdown of the basic principles of vulnerability, threat, risk, and methodologies for dealing with them. Students highly value the interviews with industry experts offering insights on how they factor risk assessment into their organizations. Case studies are also called out as particularly effective in providing a practical lens to look at cybersecurity. Overall, students say this course is well organized and easy to understand, with a charismatic instructor, and they largely recommend it for anyone new to risk management or those looking for a refresher.
The course provides clear and concise explanations of risk concepts, making them easy to understand.
"I enjoyed the content and the method in which it was presented."
"The concepts are told with very good examples, making it easier for me to understand it well."
"Thank you for making the learning session fun!"
The course material is well-organized and easy to follow, with a logical progression of topics.
"This course is well structured."
"Its really a great course organized to understand practical way of risk management process and getting insights from experts of different industries really helping us to understands some real world examples and risk mitigation approaches and techniques to consider."
"Its very gd , to improve you."
The instructor, Jason Dion, is knowledgeable, engaging, and makes the material interesting.
"Jason has some of the best courses I've ever taken."
"I have taken other courses at Udemy but Jason is the only one who I prefer to enroll courses with."
"Jason is a very clear and effective teacher."
The course uses real-world examples and case studies to illustrate risk management concepts, making them more relatable and applicable.
"I learned a lot from you and I like the interview videos."
"I learnt quite a bit from the Risk Management for Cybersecurity and IT Managers course."
"This learning had covered wide array in terms of cybersecurity and the various cyber threats."
The course includes interviews with industry experts who provide valuable insights and perspectives on risk management.
"I appreciate that you conducted interviews with Corey Charles, David Anderson and Tu Laniyonu."
"Outstanding course."
"I would like to say, the topics are well consolidated with comprehensive content and the best part is the course include the industries use cases."
The course may lack depth for experienced risk management professionals.
"This course would be beneficial for any IT Managers worried about Security, which should be every manager."
"I am pretty well steeped in Risk Management from years in a project manager role and teaching PMBoK reviews for aspiring PMPs."
"Very, very basic content presented in a concise manner."
The course covers basic risk management concepts and may not be suitable for those with prior knowledge in the field.
"It has been a good course considering the contents, but the teacher speaking is too fast to be understood by who do not know english very well."
"This content was similar to other content that I received in other courses from the same instructor."
"I missed an element of interactivity during this course."
Some of the interviews have audio issues that can make it difficult to understand the speakers.
"The audio quality of the Risk Management in the Real World section could have been better though."
"The sound quality was horrendous on his end."
"David Anderson's part of the interview, it is strange that, as IT professionals, such part wasn't addressed before the recording."

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Risk Management for Cybersecurity and IT Managers with these activities:
Review Course Objectives
Help familiarize yourself with concepts and identify areas of focus.
Browse courses on Risk Management
Show steps
  • Read the course syllabus.
  • Review the course description.
Join a Cybersecurity Risk Management Study Group
Collaborate with peers to discuss concepts, share insights, and answer questions.
Browse courses on Risk Management
Show steps
  • Find a study group or create your own.
  • Set regular meeting times and discuss course materials.
Complete the SANS Risk Management for IT Professionals Tutorial
Gain structured guidance and deeper understanding of risk management principles.
Browse courses on Risk Management
Show steps
  • Enroll in the SANS Risk Management for IT Professionals Tutorial.
  • Complete the interactive modules and exercises.
Five other activities
Expand to see all activities and additional details
Show all eight activities
Attend a Risk Management Workshop
Engage with experts and practitioners to clarify concepts and learn best practices.
Browse courses on Risk Management
Show steps
  • Search for relevant risk management workshops.
  • Register and attend the workshop.
Solve Risk Management Case Studies
Apply concepts to real-world scenarios to test understanding and decision-making skills.
Browse courses on Case Studies
Show steps
  • Find risk management case studies online or in textbooks.
  • Analyze the case and identify risks.
  • Develop and evaluate mitigation strategies.
Create a Cybersecurity Risk Assessment Report
Reinforce understanding of risk analysis methods and documentation.
Browse courses on Risk Management
Show steps
  • Identify assets, threats, and vulnerabilities.
  • Assess likelihood and impact of risks.
  • Write an executive summary and recommendations.
Contribute to Risk Management Open Source Projects
Gain practical experience and contribute to the community while solidifying understanding.
Browse courses on Open Source
Show steps
  • Identify open source risk management projects.
  • Review the code and documentation.
  • Suggest improvements or contribute code.
Develop a Risk Management Plan for a Small Business
Integrate knowledge into a comprehensive plan that demonstrates practical application.
Browse courses on Risk Management Plan
Show steps
  • Identify business goals and objectives.
  • Conduct a risk assessment.
  • Develop risk mitigation strategies.
  • Create a risk management plan document.

Career center

Learners who complete Risk Management for Cybersecurity and IT Managers will develop knowledge and skills that may be useful to these careers:
Risk Manager
Risk Managers are responsible for identifying and mitigating risks to an organization. This course can help you develop the skills you need to succeed in this role. You will learn how to assess risks, develop risk management plans, and implement risk controls. You will also learn about the latest risk management trends and best practices.
Chief Risk Officer (CRO)
CROs are responsible for overseeing an organization's risk management program. This course can help you develop the skills you need to succeed in this role. You will learn how to assess risks, develop risk management plans, and implement risk controls. You will also learn about the latest risk management trends and best practices.
Chief Information Security Officer (CISO)
CISOs are responsible for overseeing an organization's information security program. This course can help you develop the skills you need to succeed in this role. You will learn how to assess risks, develop security plans, and implement security controls. You will also learn about the latest security trends and best practices.
Security Architect
Security Architects design and implement security solutions for organizations. This course can help you build a foundation in risk management, which is essential for designing secure systems. You will learn how to assess risks, develop security plans, and implement security controls. This knowledge will be invaluable in your career as a Security Architect.
Cybersecurity Analyst
Cybersecurity Analysts are responsible for protecting computer networks and systems from cyberattacks. This course can help you develop the skills you need to succeed in this role. You will learn how to identify and mitigate security risks, develop security plans, and implement security controls. You will also learn about the latest cybersecurity threats and trends.
Security Consultant
Security Consultants help organizations identify and mitigate security risks. This course can help you develop the skills you need to succeed in this role. You will learn how to assess risks, develop security plans, and implement security controls. You will also learn about the latest security trends and best practices.
Risk Consultant
Risk Consultants help organizations identify and mitigate risks. This course can help you develop the skills you need to succeed in this role. You will learn how to assess risks, develop risk management plans, and implement risk controls. You will also learn about the latest risk management trends and best practices.
IT Manager
IT Managers are responsible for planning, implementing, and managing an organization's IT systems. This course can help you develop the skills you need to succeed in this role. You will learn how to assess risks, develop IT plans, and implement IT controls. You will also learn about the latest IT trends and best practices.
Project Manager
Project Managers are responsible for planning, executing, and closing projects. This course can help you develop the skills you need to succeed in this role. You will learn how to assess risks, develop project plans, and implement project controls. You will also learn about the latest project management trends and best practices.
Information Security Analyst
An Information Security Analyst plays a vital role in protecting an organization's computer networks and systems. This course can help you build a foundation in risk management, which is essential for identifying and mitigating security risks. You will learn how to assess risks, develop security plans, and implement security controls. This knowledge will be invaluable in your career as an Information Security Analyst.
Compliance Consultant
Compliance Consultants help organizations comply with all applicable laws and regulations. This course can help you develop the skills you need to succeed in this role. You will learn how to assess risks, develop compliance plans, and implement compliance controls. You will also learn about the latest compliance trends and best practices.
IT Auditor
IT Auditors are responsible for reviewing and evaluating an organization's IT systems and controls. This course can help you develop the skills you need to succeed in this role. You will learn how to assess risks, develop audit plans, and perform IT audits. You will also learn about the latest IT audit trends and best practices.
Business Analyst
Business Analysts are responsible for understanding and analyzing business needs. This course can help you develop the skills you need to succeed in this role. You will learn how to assess risks, develop business plans, and implement business controls. You will also learn about the latest business analysis trends and best practices.
Compliance Manager
Compliance Managers are responsible for ensuring that an organization complies with all applicable laws and regulations. This course can help you develop the skills you need to succeed in this role. You will learn how to assess risks, develop compliance plans, and implement compliance controls. You will also learn about the latest compliance trends and best practices.
Privacy Officer
Privacy Officers are responsible for protecting an organization's privacy data. This course can help you develop the skills you need to succeed in this role. You will learn how to assess risks, develop privacy plans, and implement privacy controls. You will also learn about the latest privacy trends and best practices.

Reading list

We've selected ten books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Risk Management for Cybersecurity and IT Managers.
Provides a comprehensive overview of the risk management process, which can be helpful for learners who want to understand how to manage risks in a variety of contexts.
This document good resource for learning about the NIST Cybersecurity Framework, which can be helpful for learners who want to understand how to manage cybersecurity risks.
Provides a comprehensive overview of quantitative risk analysis, which can be helpful for learners who want to understand how to measure and evaluate risks in a variety of contexts.
Provides practical guidance for CISOs on how to manage information security risk. It covers a wide range of topics, including risk assessment, risk mitigation, and risk reporting.
Provides a comprehensive overview of risk analysis for IT professionals. It covers a wide range of topics, including risk assessment, risk mitigation, and risk management.
Provides guidance on how to conduct risk assessments. It valuable resource for anyone involved in the risk management process.
Provides a practical guide to computer and network security. It covers a wide range of topics, including risk assessment, risk mitigation, and risk management.
Provides a look at the human element of security. It covers a wide range of topics, including risk assessment, risk mitigation, and risk management.
Provides a look at the psychology of security. It covers a wide range of topics, including risk assessment, risk mitigation, and risk management.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to Risk Management for Cybersecurity and IT Managers.
Strategic Decisions for Project Leaders: Exploiting Risk...
Most relevant
Determining Ways of Working for Technical Project...
PMP Exam Prep: Ways of Working for Technical Projects
Persuasion and Presence for Program and Project Managers
Risk Models for Project Managers: Monte Carlo and Beyond
Persuasion and Presence for Program and Project Managers
Storytelling That Delivers Program and Project Outcomes
Storytelling That Delivers Program and Project Outcomes
Risk Management for Projects
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser