OpenCourser brand icon
Sign in
We may earn an affiliate commission when you visit our partners.
Course image
Udemy logo

ISO 27001 Cybersecurity manager guidelines

4.5 Filled star Filled star Filled star Filled star Half star
Based on 7,559 ratings
see reviews
Cristian Vlad Lupa, rigcert.education

The purpose of this course is to provide cybersecurity guidelines for the application of

After going through the lessons you will have a good understanding of the concepts, principles and requirements for an organization to design a cybersecurity system.

You will understand what are the typical security threats for different activities and processes and the recommended controls that an organization can implement in order to respond and protect itself.

The structure of the course includes:

- introductory aspects including definitions for the Cyberspace and Cybersecurity.

Read more

The purpose of this course is to provide cybersecurity guidelines for the application of

After going through the lessons you will have a good understanding of the concepts, principles and requirements for an organization to design a cybersecurity system.

You will understand what are the typical security threats for different activities and processes and the recommended controls that an organization can implement in order to respond and protect itself.

The structure of the course includes:

- introductory aspects including definitions for the Cyberspace and Cybersecurity.

- the concepts of Confidentiality, Integrity, Authentication and Non-Repudiation as critical elements for any security system;

- information classification - schemes, levels and labeling aspects

- Threats, vulnerability, risk assessment (quantiative and qualitative methods) and the options for an organization to treat security risks.

- Internal organization requirements including support from top management and segregation of duties;

- aspect on mobile devices - like BYOD (Bring Your Own Device) and COPE (Company Owned Personally Enabled)

- human resources security - from screening to employment, the contractual requirements and disciplinary process plus the termination and change of employment

- requirements for the use of removable media

- access controls and authentication aspects plus how to manage privileges so they won't generate security breaches

- cryptography - including basic elements and definitions, digital signature and the public key infrastructure

- a short description of most popular cryptograhpic attacks (brute force, rainbow tables or birthday attacks) and recommended controls

- controls that refer to physical security and equipment

- malware aspects (viruses, logic bombs, worms, trojans, spyware, adware and a detailed presentation of ransomware)

- denial of service attacks

- social engineering and phishing

- password management aspects including common password attacks and controls

- backup aspects

- requirements for the change management process in an organization so that security is not affected

- network security aspects - principles and controls + wireless attacks and how to prevent them

- requirements for email security

- security in development processes

- supplier relationships and risks associated to suppliers' access to information assets of the organization

- capacity management

- managing cybersecurity incidents - from detection to closure and root cause analysis

- business continuity aspects and how an organization should prepare for and respond to crisis situations

- compliance requirements that any organization must repsect.

The course uses easy to follow explanations and examples with a few case studies along the way (about the Barings bank collapse, the Target security breach or Edward Snowden) to illustrate the concepts described.

At the end of the course there is a quiz - with questions from the subject matter.

Get the information you need to design, coordinate and improve a cybersecurity system or audit organizations as per

Enroll now

What's inside

Learning objectives

  • Principles and concepts in cybersecurity
  • Threats and vulnerabilities
  • Risks and controls
  • Best practices for a succesful cybersecurity program
  • How iso/iec 27001 requirements apply to cybersecurity
  • Common attacks, how they work and how they can be prevented

Syllabus

Introduction

Definitions for the cyberspace. Stakeholders in the cyberspace. Changes brought by the digital world.

What is cybercrime and what are the costs of cybercrime to the global economy. What is the purpose of cybersecurity - protecting the confidentiality, integrity and availability of information. The three directions of cybersecurity: prevention, detection and response. Return of investment for cybersecurity. About Software as a Service, Platform as a Service and Infrastructure as a Service. About ISO 27001 and ISO 27017. Is there a difference between information security and cybersecurity?

Read more

Different positions in cybersecurity and a brief descriptions of the main responsibilities and authorities. CISO, cybersecurity manager, cybersecurity architect, security auditor ...

The three elements of the C-I-A triad - Confidentiality, Integrity, Availability and their definitions. Plus another important concept - Non-repudiation.

The purpose of information classification. Common classification schemes in military/ government organizations and the business environment. Information labeling.

Definitions and examples for threats and vulnerabilities.

Ingredients of risk - probability and impact. Quantitative and qualitative methods for risk assessment - details, examples and advantages for each category.

Common options for treating risk and their definitions. The concept of residual risk. Categories of controls - technical, procedural (administrative) and physical.

Why support from senior management is important. The cybersecurity policy.

Common internal organization for cybersecurity. The position of a Chief Information Security Officer (CISO).

The principle of duties segregation or separation. Why is it important and examples. Job rotation principle and mandatory vacations.

The story of the Barings bank collapse and how duties segregation can be a critical aspect.

What is BYOD. Benefits and risks that come along with BYOD. Aspects to be addressed in the BYOD policy. COPE - Company Owned Personally Enabled.

Rules for mobile devices. MDM (Mobile Device Management) and MAM (Mobile Application Management).

Security requirements and responsibilities for each position. Screening candidates. Contractual agreements (NDAs - Non Disclosure Agreements and NCA - Non-Compete Agreements). The disciplinary process. Security requirements for the termination or change of employment.

Security awareness - why it is important and methods. Cybersecurity training for company staff.

The asset inventory. Assigning owners to assets - why and how. Acceptable use policies.

Security risks associated to the use of removable media. Security controls for removable media.

A short presentation of Edward Snowden's story and the huge security breach he created by revealing NSA classified information to the public. The importance of removable media.

What does access control involve. Solutions for access controls. Common authentication factors - type 1, type 2 and type 3 authentication + multi-factor authentication. Disabling access rights of terminated employees.

The principle of least privileges. Guidelines for preventing security breaches due to special privileges

Definition and guidelines for logging. Protection of logs; log retention. Monitoring as the process of reviewing logs.

Brief history of cryptography. Concepts like the cipher and the algorithm. The Kerckhoffs principle. General aspects about symmetric and asymmetric cryptography.

The hash function. Requirements for the hash function. Definition of the digital signature.

Definition for a Public Key Infrastructure. Certification and registration authorities. About digital certificates.

Examples and short description of common cryptographic attacks: brute force, rainbow tables, birthday, man in the middle.

Multiple layers for physical security in a building. Fire protection. Public areas. Secure areas.

Security controls for company equipment. Controls for unattended equipment. Requirements for taking equipment off premises. Wiring closets. Server rooms. Cabling security. Electromagnetic emanation and TEMPEST.

Malware definition. Common types of malware: viruses, logic bombs, worms, trojan horses, worms, spyware, adware, ransomware

Ransomware - encrypting and blocking ransomware. How they work and factors that make certain organizations attractive for ransomware. Recommendation to protect against ransomware. Pay the ransom or not? Leakware or doxware.

Definition of phishing. Types of phishing: deceptive phishing, spear phishing, whaling, pharming. Controls against phishing.

Denial of service attacks - definition and how they work. Distributed Denial of Service (DDoS). DDoS mitigation.

What is social engineering and how it works. Training and awareness against social engineering.

Common password attacks: password guessing, dictionary attacks, keyloggers. Guidelines for password management.

The contents of a backup policy. Differential and incremental backups.

The change process in an organization. The steps for implementing changes in a controlled manner.

Principles and key elements for network security management - networks segregation, firewalls. Wireless networks and common wireless attacks: man in the middle, packet sniffing, evil twin attacks Guidelines for protecting wireless networks.

Contents for an email security policy. Controls for protecting data in emails.

The development lifecycle. The contents of the secure development policy. Outsourcing software development.

Screening suppliers. Security requirements in supplier contracts. Security of the supply chain. Monitoring supplier performance.

The security breach that hit the Target corporation in 2013. How it happened and why.

Capacity management definition. The contents of the capacity plan.

The stages of incident management - detection, response, communication, recovery, root cause analysis for corrective and preventive actions, learning from incidents.

The story of the Uber security breach of 2016. Dealing with the hackers.

The most relevant business continuity activities - business impact analysis; risk assessment; the emergency team; business continuity strategy and business continuity plans. Testing and improving business continuity arrangements.

Security legal compliance. Privacy and the GDPR most relevant requirements. Compliance with other requirements.

The future of cybersecurity. Big data will grow bigger. The Internet of Things.

Traffic lights

Read about what's good
what should give you pause
and possible dealbreakers
Explores ISO 27001, which is a widely recognized international standard for information security management systems, making it highly relevant for professionals in the field
Covers risk assessment methodologies, including quantitative and qualitative approaches, which are essential for making informed decisions about security investments and resource allocation
Discusses various types of malware, denial-of-service attacks, and social engineering techniques, providing a comprehensive overview of the threat landscape that organizations face
Examines security considerations for mobile devices, including BYOD and COPE policies, which are increasingly important in today's mobile-first work environments
Requires learners to understand the principles of ISO/IEC 27001, which may necessitate additional study for those without prior exposure to this standard
Uses case studies, such as the Barings Bank collapse and the Target security breach, to illustrate key concepts, which may be dated and not reflect the current threat landscape

Save this course

Create your own learning path. Save this course to your list so you can find it easily later.
Save

Reviews summary

Practical iso 27001 cybersecurity overview

According to learners, this course provides a solid introduction and clear overview of ISO 27001 guidelines for cybersecurity managers. Many found the explanations easy to follow and the structure logical, making complex topics accessible. Students particularly appreciated the inclusion of real-world examples and case studies, which helped illustrate concepts effectively. The course is generally seen as a strong starting point or refresher. Some noted it offers practical insights, though a few felt it could benefit from deeper dives into specific technical controls or implementation details, suggesting it's better for those new to ISO 27001 or in managerial roles rather than deeply technical practitioners.
Content aligns well with managerial roles.
"As a manager, I found this course perfectly targeted to the level of understanding I needed for overseeing cybersecurity."
"The focus on guidelines and policies is very relevant for a management perspective."
"It helps frame the cybersecurity challenges from an organizational and risk management point of view, ideal for my role."
"This course is definitely geared towards the strategic and managerial aspects rather than hands-on technical work."
Excellent for beginners or as a review.
"This course is an excellent starting point for anyone new to ISO 27001 or cybersecurity management."
"For me, this course served as a great refresher on the core principles of ISO 27001 and cybersecurity."
"It provides a solid foundation without getting bogged down in excessive technical jargon."
"I felt much more confident discussing ISO 27001 after completing this course as a relative newcomer."
Real-world examples aid understanding.
"The case studies and examples given throughout the course were extremely helpful in understanding the practical application of the concepts."
"Using real-world examples like the Barings bank case made the material much more engaging and memorable."
"I found the examples of common attacks and controls particularly relevant to my work."
"The inclusion of specific company breaches illustrated the importance of the guidelines clearly."
Explanations are easy to understand.
"The course provided a very clear and concise overview of the ISO 27001 guidelines. It was easy to follow the explanations."
"I really appreciated how complex topics were broken down into digestible, easy-to-understand sections."
"The content is well-structured and the explanations are clear, making it a great introduction."
"The information was presented in a straightforward manner, which made learning the concepts much easier."
Some topics lack sufficient detail.
"While the overview is good, I felt some sections could have gone into more technical depth regarding specific controls."
"It's a high-level look, which is great for managers, but those seeking deep technical implementation details might find it lacking."
"I wish there were more practical exercises or detailed implementation examples included."
"Some topics felt only briefly touched upon, requiring me to seek additional resources for deeper understanding."

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in ISO 27001 Cybersecurity manager guidelines with these activities:
Review Networking Fundamentals
Reinforce your understanding of networking concepts, which are crucial for grasping network security aspects covered in the course.
Browse courses on Network Security
Show steps
  • Review the OSI model and TCP/IP suite.
  • Study common networking protocols like HTTP, DNS, and SMTP.
  • Familiarize yourself with network devices such as routers, switches, and firewalls.
Review 'The Practice of System and Network Administration'
Gain a deeper understanding of system and network administration practices to better implement cybersecurity controls.
View The Practice of System and Network... on Amazon
Show steps
  • Read the chapters related to network and system administration.
  • Take notes on key concepts and best practices.
  • Reflect on how these practices relate to cybersecurity management.
Implement a Home Network Security Plan
Apply the concepts learned in the course by creating and implementing a security plan for your home network.
Show steps
  • Assess the vulnerabilities of your home network.
  • Develop a security plan that includes password management, firewall configuration, and wireless security.
  • Implement the plan and monitor its effectiveness.
Four other activities
Expand to see all activities and additional details
Show all seven activities
Create a Presentation on a Cybersecurity Threat
Deepen your understanding of specific cybersecurity threats by researching and presenting on a chosen topic.
Show steps
  • Choose a cybersecurity threat (e.g., ransomware, phishing, DDoS).
  • Research the threat, its impact, and mitigation strategies.
  • Create a presentation summarizing your findings.
Review 'NIST Cybersecurity Framework'
Familiarize yourself with a widely recognized framework for managing cybersecurity risk.
View Internet of Things (IoT) Trust Concerns: Draft... on Amazon
Show steps
  • Download and review the NIST Cybersecurity Framework document.
  • Identify the core functions and categories of the framework.
  • Consider how the framework can be applied to different organizational contexts.
Develop an Incident Response Plan Template
Solidify your understanding of incident management by creating a template for an incident response plan.
Show steps
  • Research best practices for incident response planning.
  • Outline the key components of an incident response plan (e.g., roles, communication, containment).
  • Create a template document that can be customized for different scenarios.
Volunteer at a Local Cybersecurity Event
Gain practical experience and network with professionals by volunteering at a cybersecurity event.
Show steps
  • Search for local cybersecurity events or conferences.
  • Contact the organizers and offer to volunteer your time.
  • Participate in the event and network with attendees.

Career center

Learners who complete ISO 27001 Cybersecurity manager guidelines will develop knowledge and skills that may be useful to these careers:
Cybersecurity Manager
A Cybersecurity Manager is responsible for planning, coordinating, and directing an organization's cybersecurity activities. This course on ISO 27001 cybersecurity manager guidelines is fundamental to this career as it provides an in-depth understanding of the key principles and requirements for designing and managing a cybersecurity system. The course directly covers the topics a cybersecurity manager will work with daily, including risk assessment, information classification, access controls, incident management, and compliance. Studying these lessons helps provide the necessary skills to effectively lead cybersecurity efforts within an organization.
See salaries and explore the career path for Cybersecurity Manager
Information Security Analyst
An Information Security Analyst is responsible for protecting an organization's sensitive data and systems. This role involves identifying vulnerabilities, assessing risks, and implementing security measures. This course provides a comprehensive understanding of cybersecurity principles, threats, and risk mitigation strategies. It also covers important topics such as information classification, access controls, and cryptography. A course like this will help build a strong foundation for an information security analyst to understand the various aspects of information security and how to implement effective security measures. The course provides a structure for setting up a cybersecurity program.
See salaries and explore the career path for Information Security Analyst
Cybersecurity Consultant
A Cybersecurity Consultant advises organizations on how to improve their security posture. This usually involves conducting security assessments, developing security policies, and implementing security solutions. The course's exploration of ISO 27001 requirements as they apply to cybersecurity aligns perfectly with this role. This course helps a cybersecurity consultant understand the complexities of building a robust cyber security system. It also helps with frameworks, standards, and best practices. The course also addresses important aspects like business continuity and legal compliance, which are critical for consulting.
See salaries and explore the career path for Cybersecurity Consultant
IT Risk Manager
An IT Risk Manager identifies, manages, and mitigates risks associated with information technology. This course on ISO 27001 cybersecurity manager guidelines aligns perfectly with the role, which requires a strong knowledge of cybersecurity principles as well as risk management strategies. The course covers risk assessment, risk treatment options, and controls, all of which are crucial for an IT Risk Manager. The course's focus on threats, vulnerabilities, and risk provides the expertise needed to protect an organization's assets, making it a highly relevant course. Lessons on business continuity and compliance are also useful.
See salaries and explore the career path for IT Risk Manager
IT Security Manager
An IT Security Manager oversees an organization's overall IT security strategy and implementation. This role requires a broad understanding of various security domains and the ability to manage security teams. This course offers insight into these diverse domains, such as incident management, business continuity, and compliance, which are critical for an IT Security Manager. The course helps a manager understand how to design, coordinate, and improve a cybersecurity system. The course also discusses the role of the chief information security officer.
See salaries and explore the career path for IT Security Manager
Security Auditor
A Security Auditor evaluates the effectiveness of an organization's security controls and compliance with standards and regulations. They examine cybersecurity practices to locate vulnerabilities and identify areas for improvement. This course will be useful in an auditor's work, as the material emphasizes cybersecurity best practices and how ISO/IEC 27001 requirements apply to cybersecurity. The course helps the auditor understand what a good system looks like, and how well an organization adheres to industry standards. The case studies presented in this course may help a security auditor identify potential red flags.
See salaries and explore the career path for Security Auditor
Chief Information Security Officer
A Chief Information Security Officer, or CISO, is responsible for overseeing the entire cybersecurity program of an organization. This course provides an excellent overview for those aspiring to become a CISO as it covers the core concepts, principles, and requirements of establishing a cybersecurity system. The course details threats, vulnerabilities, risk management, and controls, all of which are essential for a CISO. The curriculum touches on incident response, business continuity and compliance, which are all elements of a robust security program that a CISO would manage. This course may be beneficial for anyone looking to understand the fundamentals of cybersecurity in an organization.
See salaries and explore the career path for Chief Information Security Officer
Data Security Analyst
A Data Security Analyst is tasked with implementing and managing systems that protect an organization's data from unauthorized access or misuse. This course on ISO 27001 cybersecurity manager guidelines provides crucial background by covering essential elements like data classification, access controls, and cryptography. It covers a range of threats, vulnerabilities, and risk assessment techniques which are all important to this role. The course helps learners understand different methods of protecting data through controls, and it also provides insights into how to respond when security incidents occur. It is a useful course for those looking to secure organizational data.
See salaries and explore the career path for Data Security Analyst
Compliance Officer
A Compliance Officer ensures that an organization adheres to relevant laws, regulations, and industry standards. This role often involves regular internal audits, policy reviews, and training programs. This course examines legal compliance and critical requirements, such as GDPR. The course also covers ISO 27001, which provides a framework for information security management. The content on information classification and security policies may be useful for a compliance officer's work. The course also discusses common threats and vulnerabilities.
See salaries and explore the career path for Compliance Officer
Incident Responder
An Incident Responder is responsible for handling security incidents, from detection to containment, eradication, and recovery. They analyze security breaches to identify the root cause and develop future preventive measures. This course helps prepare for this role, since it covers the end-to-end process of managing cybersecurity incidents, from detection to closure and analysis. The course also addresses business continuity aspects which are crucial during and after an incident. This course also touches on typical security threats, which an incident responder will likely face.
See salaries and explore the career path for Incident Responder
IT Auditor
An IT Auditor assesses the effectiveness of an organization's information technology controls, including those related to cybersecurity. The course on ISO 27001 cybersecurity manager guidelines can be directly useful to an IT Auditor. The course covers risk assessment strategies, access controls, and compliance requirements, which are crucial elements for this role. The course delves into the importance of policies and procedures related to security, which enables auditors to thoroughly evaluate security configurations. This course provides a strong foundation for assessing an organization's security and adherence to standards.
See salaries and explore the career path for IT Auditor
Risk Analyst
A Risk Analyst assesses and analyzes potential risks to an organization, including cybersecurity threats. This involves understanding the likelihood and impact of various risks and developing mitigation strategies. This course may be useful as it covers risk assessment methods, risk treatment options, and the concept of residual risk. The course covers both quantitative and qualitative methods for risk assessment, which is valuable to a risk analyst. The course also discusses different types of security threats and controls.
See salaries and explore the career path for Risk Analyst
Data Protection Officer
A Data Protection Officer is responsible for overseeing an organization's data protection strategy and ensuring compliance with relevant privacy laws and regulations. This includes managing data breaches and working with authorities to report incidents. This course may be useful to a data protection officer, because it covers important data privacy requirements such as GDPR. The course also discusses other compliance requirements, data classification, and access controls, all relevant to data protection. The framework for information security helps a data protection officer understand where their work fits.
See salaries and explore the career path for Data Protection Officer
Security Architect
A Security Architect designs and implements security systems that align with an organization's business requirements. This role requires a deep understanding of security principles, technologies, and architectures. This course may be useful because it helps one learn how to design a cybersecurity system and understand cybersecurity principles, threats, and vulnerabilities. While it does not cover all aspects of architecture, it forms the basis for designing security systems. The course also covers key areas like cryptography, access controls, and network security, which are crucial for an architect's work.
See salaries and explore the career path for Security Architect
Network Security Engineer
A Network Security Engineer is responsible for designing, implementing, and maintaining an organization's network security infrastructure. This includes configuring firewalls, intrusion detection systems, and other security devices. This course may be useful because it covers network security principles, controls, and common wireless attacks. The course's description of controls for protecting wireless networks may be very helpful in the work of a network security engineer. The course also touches on change management processes, important for implementing changes in network security.
See salaries and explore the career path for Network Security Engineer
Business Continuity Planner
A Business Continuity Planner develops strategies to ensure that an organization can continue operations during and after a disruptive event, and this course reviews the basics of those practices. This role needs some understanding of the range of threats that might affect business continuity, including those discussed in this course. This course may be useful as it provides insights into incident management and business continuity planning, and it offers a broad overview of security. The course can help a Business Continuity Planner consider the security aspects of their planning. The course is helpful for those who need to understand the security aspects alongside business continuity planning.
See salaries and explore the career path for Business Continuity Planner
Security Awareness Trainer
A Security Awareness Trainer educates staff on cybersecurity best practices and policies. This course on ISO 27001 cybersecurity manager guidelines may be useful for this role, as it covers a wide range of cybersecurity topics that are important to share with others, like threats, vulnerabilities, and password management. The course discusses topics that one can present to others for training, like social engineering and how to secure mobile devices. The section on security awareness is also directly helpful. By understanding the basics of security, a trainer can present useful and relevant information to help an organization secure its assets. This course may be a helpful introduction to security concepts for those interested in this role.
See salaries and explore the career path for Security Awareness Trainer
System Administrator
A System Administrator maintains and manages an organization's computer systems and networks. They are also often responsible for basic security measures. This course may be useful for a system administrator looking to increase their knowledge of cybersecurity since it covers common threats, vulnerabilities, and risks, and how to prevent them. The course also discusses how to manage user privileges and implement access controls. The course also touches on some network security including wireless network attacks and how to protect networks.
See salaries and explore the career path for System Administrator
Software Developer
A Software Developer creates and maintains applications and software. This role can benefit greatly from an understanding of secure coding practices. This course may be useful because it discusses secure development processes and policies. The course also explains concepts like cryptography, which are useful in secure application development. Understanding of common attacks such as phishing and denial of service can also help a software developer build secure software. The course also touches on the concepts of the CIA triad, which can be applied in software development.
See salaries and explore the career path for Software Developer
Privacy Analyst
A Privacy Analyst focuses on data privacy and compliance with regulations such as GDPR. This course on ISO 27001 cybersecurity manager guidelines may be helpful because it addresses relevant topics such as legal compliance, privacy, and data protection. The course covers how organizations can meet the different compliance requirements, which is an area of interest for Privacy Analysts. The insights into different controls and security measures may also be useful because of their relevance to privacy. This course may be useful for those looking to understand the different security requirements that are needed in order to meet privacy regulations.
See salaries and explore the career path for Privacy Analyst
Penetration Tester
A Penetration Tester evaluates the security of computer systems by simulating cyberattacks. This course on ISO 27001 cybersecurity manager guidelines may be useful as it covers a range of cybersecurity concepts and can help one to understand risks and vulnerabilities. While the course does not teach penetration testing specifically, the knowledge of common attacks, like denial of service or phishing, and recommended controls will be beneficial. It is also useful to understand how an organization can effectively manage security practices. This course may help a penetration tester by providing a broader understanding of security systems.
See salaries and explore the career path for Penetration Tester
Business Analyst
A Business Analyst analyzes an organization's processes and systems to identify areas for improvement. This often involves understanding business needs and translating them into functional and technical requirements. Business analysts support important business projects, and an understanding of IT security will help them do their job better. This course may be useful because it discusses risks and controls, including access controls, which are elements of projects that require business analysis. The course also covers business continuity and change management, which may be relevant to projects that business analysts support.
See salaries and explore the career path for Business Analyst
Help Desk Technician
A Help Desk Technician provides support to end users of computer systems, and this course may be useful, as it introduces some of the basics of cyber security. This role does not directly engage with security design, but it still benefits from an awareness of security best practices and common threats. This course may be useful in providing a high level overview of what cybersecurity means, with material on common attacks and password management. The course might help a Help Desk Technician better understand what to look for when troubleshooting or helping end users. The course should be seen as a high level overview rather than detailed training.
See salaries and explore the career path for Help Desk Technician
Project Manager
A Project Manager is responsible for planning, executing, and closing projects. This requires understanding various aspects of an organization's operations, including security. This course may be useful because it covers cybersecurity in general, and it also discusses change management. The course also discusses supplier relationships and risks, which are important aspects of project management. This course helps a project manager understand some of the risks involved in their work, and how to address them. The course provides a broader perspective to plan a project.
See salaries and explore the career path for Project Manager
IT Support Specialist
An IT Support Specialist provides technical assistance to users, troubleshooting hardware and software issues. They may also be involved in basic security protocols. This course may be useful because it introduces foundational cybersecurity concepts. The course examines security aspects related to mobile devices, password management, and backups. This could be useful for an IT support specialist who is regularly involved in providing such help to end-users. An IT support specialist will be better prepared to assist with common IT issues that involve security.
See salaries and explore the career path for IT Support Specialist
Sales Representative
A Sales Representative sells products or services to clients, and this course may be useful in helping a sales representative understand the value of cybersecurity products. This role does not typically require technical knowledge of cybersecurity, but an understanding of the concepts may be useful. This course may be useful in giving a salesperson an overview of risks, threats, and the importance of security systems. The course may help a Sales Representative better understand what they are selling. However, this is not a course to advance one's career as a sales representative. The information is intended to serve as an overview.
See salaries and explore the career path for Sales Representative

Reading list

We've selected two books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in ISO 27001 Cybersecurity manager guidelines.
Internet of Things (IoT) Trust Concerns
Save
The NIST Cybersecurity Framework widely recognized set of guidelines and best practices for managing cybersecurity risk. It provides a structured approach to identifying, protecting, detecting, responding to, and recovering from cybersecurity incidents. This framework is essential for cybersecurity managers as it offers a comprehensive and adaptable model for building and improving cybersecurity programs. It is commonly used as a reference tool by industry professionals and academic institutions.
Internet of Things (IoT) Trust Concerns: Draft...
Kindle Edition
$
Cover image
The Practice of System and Network Administration
Save
Provides a comprehensive overview of system and network administration practices. It is useful for understanding the practical aspects of managing IT infrastructure, which is essential for implementing cybersecurity controls. It offers insights into real-world scenarios and best practices, making it a valuable reference for cybersecurity managers. While not directly focused on cybersecurity, it provides the necessary context for understanding security challenges in IT environments.
The Practice of System and Network Administration,...
Paperback
$$
Practice of System and Network Administration, The:...
Kindle Edition
$$

Share

Help others find this course page by sharing it with your friends and followers:
Facebook
LinkedIn
Reddit
X
Link
Email

Similar courses

Similar courses are unavailable at this time. Please try again later.
Course image
Rating
4.5 Filled star Filled star Filled star Filled star Half star
Effort
4 total hours
Via
Udemy
Instructor
Cristian Vlad Lupa, rigcert.education
Language
English
Traffic lights
Read about what's good
what should give you pause
and possible dealbreakers
Explores ISO 27001, which is a widely recognized international standard for information security management systems, making it highly relevant for professionals in the field
Covers risk assessment methodologies, including quantitative and qualitative approaches, which are essential for making informed decisions about security investments and resource allocation
Discusses various types of malware, denial-of-service attacks, and social engineering techniques, providing a comprehensive overview of the threat landscape that organizations face
Examines security considerations for mobile devices, including BYOD and COPE policies, which are increasingly important in today's mobile-first work environments
Requires learners to understand the principles of ISO/IEC 27001, which may necessitate additional study for those without prior exposure to this standard
Uses case studies, such as the Barings Bank collapse and the Target security breach, to illustrate key concepts, which may be dated and not reflect the current threat landscape
Share this
Share to help others discover this course.
Facebook LinkedIn X Reddit Link Email
Begin learning today
Enroll now to gain full access to ISO 27001 Cybersecurity manager guidelines.
Enroll now
Save for later
Add this course to your list. Find it anytime.
Save
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2025 OpenCourser