Module #1 Introduction to Cybersecurity Risk Management Overview of the importance of risk management in cybersecurity and the course objectives
Module #2 Understanding Cybersecurity Risks Defining cybersecurity risks, threats, and vulnerabilities, and the impact on organizations
Module #3 Risk Management Frameworks Overview of popular risk management frameworks, including NIST, ISO 27001, and COBIT
Module #4 Risk Assessment Methodologies Qualitative and quantitative risk assessment methodologies, including likelihood-impact and Delphi
Module #5 Identifying Assets and Threats Inventorying assets, identifying threats, and prioritizing assets based on risk
Module #6 Vulnerability Management Identifying, classifying, and remediating vulnerabilities in systems and applications
Module #7 Risk Analysis and Evaluation Analyzing and evaluating risk using threat modeling, attack trees, and risk matrices
Module #8 Risk Treatment and Mitigation Strategies Risk avoidance, transfer, mitigation, and acceptance strategies, including cost-benefit analysis
Module #9 Implementing Security Controls Designing and implementing security controls to mitigate identified risks
Module #10 Risk Monitoring and Review Ongoing risk monitoring and review, including continuous improvement and risk reporting
Module #11 Cybersecurity Governance and Compliance Cybersecurity governance, compliance, and regulatory requirements, including GDPR and HIPAA
Module #12 Incident Response and Crisis Management Incident response planning, crisis management, and disaster recovery
Module #13 Cloud Security Risk Management Managing risks in cloud computing, including security, compliance, and vendor management
Module #14 Network Security Risk Management Managing risks in network security, including firewalls, segmentation, and network access control
Module #15 Endpoint Security Risk Management Managing risks in endpoint security, including endpoint protection, detection, and response
Module #16 Application Security Risk Management Managing risks in application security, including secure coding, testing, and deployment
Module #17 Data Security Risk Management Managing risks in data security, including data loss prevention, encryption, and access control
Module #18 Human Factor in Cybersecurity Risk Management The role of humans in cybersecurity risk management, including awareness, training, and behavioral change
Module #19 Third-Party Risk Management Managing risks associated with third-party vendors, partners, and suppliers
Module #20 Cybersecurity Risk Management Tools and Technologies Overview of risk management tools and technologies, including GRC platforms and risk assessment software
Module #21 Risk Management in Agile and DevOps Environments Managing risks in agile and DevOps environments, including integrating security into development processes
Module #22 Measuring and Reporting Cybersecurity Risks Measuring and reporting cybersecurity risks, including metrics, dashboards, and board reporting
Module #23 Cybersecurity Risk Management in OT Environments Managing risks in operational technology (OT) environments, including industrial control systems and IoT
Module #24 Cybersecurity Risk Management in Supply Chain Managing risks in supply chain, including risk management in procurement and vendor selection
Module #25 Course Wrap-Up & Conclusion Planning next steps in Cybersecurity Risk Management career