Risk Management for Cybersecurity and IT Managers
4.5 (3,718 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
10,515 students enrolled

Risk Management for Cybersecurity and IT Managers

The management's guide to understanding Risk Management decisions in cybersecurity and information technology (IT)!
Bestseller
4.5 (3,718 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
10,515 students enrolled
Last updated 6/2020
English
English, Italian [Auto], 1 more
  • Polish [Auto]
Current price: $69.99 Original price: $99.99 Discount: 30% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 3 hours on-demand video
  • 1 article
  • 2 downloadable resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Understand the foundations of Risk Management in the cybersecurity and information technology field
  • Be able to use qualitative risk measurement techniques when discussing networks and projects
  • Be able to use quantitative risk measurement techniques when discussing networks and projects
  • Discuss current events in the technology space in relation to risk management decisions
Requirements
  • No special tools are required, just a willingness to learn about Risk Management in the Cybersecurity and Information Technology (IT) field
Description

Have you ever wondered why your organization's executives or your manager made a decision to fund or not fund your project?

In this course, you will get an inside look at how cybersecurity and information technology (IT) managers determine which projects they will support with funding and which they won't based on a preliminary risk analysis. Over the past two decades, I have worked in the cybersecurity and information technology realm, fighting for my projects to become funded. Early in my career, I didn't understand why certain projects would be funded and executed, while others wouldn't. What I learned, is that it all came down to Risk Management by our executives and managers.

You will learn the terms used by executives and managers in discussing Risk Management, and how to apply the concepts of Risk Management to your networks, systems, and projects. This course is not an operational or tactical course that focuses on how you will secure your networks, but instead focuses on the mindset of managers and teaches you how to think like they do. Once you master these concepts, it is much easier to build your business case for your projects and justify your budgetary needs.

Throughout this course, we will discuss what comprises Risk (assets, threats, and vulnerabilities), providing numerous real world examples along the way. We will also cover Qualitative and Quantitative Risk Measurements, showing how you can calculate the risk of an uncertainty due to vulnerabilities and threats.

This course also includes two case studies of what happens when risk management fails, as demonstrated by the Amazon Web Services outage and Equifax data breach that both occurred in 2017. You will learn to better understand these scenarios, what caused the outage/breach, and why managers may have made the decisions they did that led up to them.

Who this course is for:
  • Information Technology mangers
  • Cybersecurity managers
  • Aspiring managers
Course content
Expand all 24 lectures 03:04:54
+ Introduction
2 lectures 05:44

This video contains a short introduction from your instructor, Jason.

Preview 05:37

This lesson includes the downloadable study guide as a resource for your offline studies and note taking.

Download the Study Guide
00:07
+ What is Risk?
4 lectures 29:39

In this lecture, we will discuss the three major components of risk: assets, vulnerabilities, and threats.

Preview 07:10

In this lecture, you will learn the different types of risk that exist in the business world and in our IT networks.

Preview 13:24

In this lesson, we will discuss the different types of threats that our networks and businesses face.

Types of Threats
05:21

In this lecture, we will breakdown what happens when Risk Management fails by examining the Amazon Web Services outage from 2017 that took down nearly the entire East Coast region!

When Risk Management Fails
03:44
+ What Can You Do With Risk?
7 lectures 22:13

In this video, we will introduce the concepts of mitigating, transferring, avoiding, and accepting risk.

What can you do with Risk?
01:14

In this video, we will dive deeper into the concept of Risk Mitigation.

Risk Mitigation
03:53

In this video, we will dive deeper into the concept of Risk Transference.

Preview 02:13

In this video, we will dive deeper into the concept of Risk Avoidance.

Preview 02:24

In this video, we will dive deeper into the concept of Risk Acceptance.

Preview 03:34

In this video, we will discuss how risk controls are selected.

Preview 04:31

In this lesson, we will take a small detour into the world of project management (PMP and PRINCE2) to discuss additional risk responses that are available beyond the four basics we discussed above.

Risk Responses
04:24
+ Calculating Risk
4 lectures 23:47

In this lesson, you will learn the different types of ways to calculate risk.

Calculating Risk
03:08

In this video, we will discuss the qualitative risk measurement methods.

Preview 06:15

In this video, we will discuss the quantitative risk measurement methods.

Preview 08:23

In this video, we will discuss the Equifax data breach of July 2017, what led up to it, and the management decisions that could have prevented it.

Case Study: Equifax Data Breach (July 2017)
06:01
+ Risk Management in the Real World
5 lectures 01:37:36

In this short video, students will receive an introduction to this section of interviews with industry professionals in the Government, Defense, Commercial, and Health Care sectors and how they implement Risk Management in the Real World. 

Preview 00:58

In this video, Jason interviews Mr. Randy Fuller who worked in the Government sector. Mr. Fuller's organization spans across 6 continents and hundreds of thousands of users.

Randy Fuller - Government Sector
27:58

In this video, Jason interviews Mr. Corey Charles who works as an IT Manager in the Vulnerability Management space in the Government sector. Mr. Charles' organization spans across 6 states and thousands of users.

Corey Charles - IT Manager (Vulnerability Management)
20:07

In this video, Jason interviews Mr. David Anderson, the Director of Information Security Operations for a major health care provider in the United States. His organization spans 46 hospitals across numerous states, and gives us a unique inside look at how decisions made decades ago can still affect the risk posture of our networks today. (The audio quality is not the greatest, unfortunately, as we had to record it over a phone line connection, but it is well worth listening to because the discussion he provides us is outstanding!)

David Anderson - Health Care Industry
26:42

In this interview, we talk with Tu Laniyonu who works in the Government Sector as a digital forensic examiner working on cases of suspected insider threats.

Tu Laniyonu - Insider Threat
21:51
+ Conclusion
2 lectures 05:55

In this video, we will provide a short conclusion and summary of the course.

Conclusion
01:50

In this video, you will receive a special thank you message from Jason with tips on how to get the best price for ANY of our other courses on Udemy!

BONUS: Where to go from here?
04:05