Booking options
£22.99
£22.99
On-Demand course
2 hours 8 minutes
All levels
The Management's Guide to Understanding Risk Management Decisions in Cybersecurity and Information Technology (IT)!
Have you ever wondered why your organization's executives or your manager made a decision to fund or not fund your project? In this course, you will get an inside look at how cybersecurity and information technology (IT) managers determine which projects they will support with funding and which they won't based on a preliminary risk analysis. Over the past two decades, I have worked in the cybersecurity and information technology realm, fighting for my projects to become funded. Early in my career, I didn't understand why certain projects would be funded and executed, while others wouldn't. What I learned, it all came down to risk management by our executives and managers. You will learn the terms used by executives and managers in discussing risk management, and how to apply the concepts of risk management to your networks, systems, and projects. This course is not an operational or tactical course that focuses on how you will secure your networks, but instead focuses on the mindset of managers and teaches you how to think like they do. Once you master these concepts, it is much easier to build your business case for your projects and justify your budgetary needs. This course also includes two case studies of what happens when risk management fails, as demonstrated by the Amazon Web Services outage and Equifax data breach that both occurred in 2017.
Understand the foundations of risk management in the cybersecurity and information technology field. Be able to use qualitative risk measurement techniques when discussing networks and projects. Be able to use quantitative risk measurement techniques when discussing networks and projects. Discuss current events in the technology space in relation to risk management decisions
Information Technology mangersCybersecurity managersAspiring managers
Throughout this course, we will discuss what comprises risk (assets, threats, and vulnerabilities), providing numerous real world examples along the way. We will also cover qualitative and quantitative risk measurements, showing how you can calculate the risk of an uncertainty due to vulnerabilities and threats.
You will learn to better understand these scenarios, what caused the outage/breach.Why managers may have made the decisions they did that led up to them.
https://github.com/packtpublishing/risk-management-for-cybersecurity-and-it-managers
Jason Dion, CISSP No. 349867, is an adjunct instructor at Liberty University's College of Engineering and Computational Science and Anne Arundel Community College's Department of Computing Technologies with multiple information technology professional certifications, including Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Network Defense Architect (CNDA), Digital Forensic Examiner (DFE), Digital Media Collector (DMC), Security+, Network+, A+, PRINCE2, and Information Technology Infrastructure Library v3. He has been a deputy director of a network operations center, and an information systems officer for large organizations around the globe.
1. Introduction
1. Introduction In this video, there is a short description from the author. |
2. What is Risk?
1. What is Risk? We will discuss the three major components of risk: assets, vulnerabilities, and threats. |
2. Types of Risk You will learn the different types of risk that exist in the business world and in our IT networks. |
3. Types of Threats We will discuss the different types of threats that our networks and businesses face. |
4. When Risk Management Fails We will breakdown what happens when Risk Management fails by examining the Amazon Web Services outage from 2017 that took down nearly the entire East Coast region! |
3. What Can You Do With Risk?
1. What can you do with Risk? In this video, we will introduce the concepts of mitigating, transferring, avoiding, and accepting risk. |
2. Risk Mitigation In this video, we will dive deeper into the concept of Risk Mitigation. |
3. Risk Transference In this video, we will dive deeper into the concept of Risk Transference. |
4. Risk Avoidance We will dive deeper into the concept of Risk Avoidance. |
5. Risk Acceptance We will dive deeper into the concept of Risk Acceptance. |
6. Risk Controls We will discuss how risk controls are selected. |
4. Calculating Risk
1. Calculating Risk In this video, we will look into calculating risk while performing. |
2. Qualitative Risk Management We will discuss the qualitative risk measurement methods. |
3. Quantitative Risk Management We will discuss the quantitative risk measurement methods. |
4. Case Study: Equifax Data Breach (July 2017) We will discuss the Equifax data breach of July 2017, what led up to it, and the management decisions that could have prevented it. |
5. Risk Management in the Real World
1. Risk Management in the Real World In this short video, students will receive an introduction to this section of interviews with industry professionals in the Government, Defence, Commercial, and Health Care sectors and how they implement Risk Management in the Real World. |
2. Corey Charles - IT Manager (Vulnerability Management) In this video, Jason interviews Mr. Corey Charles who works as an IT Manager in the Vulnerability Management space in the Government sector. Mr. Charles' organization spans across 6 states and thousands of users. |
3. David Anderson - Health Care Industry In this video, Jason interviews Mr. David Anderson, the Director of Information Security Operations for a major health care provider in the United States. His organization spans 46 hospitals across numerous states, and gives us a unique inside look at how decisions made decades ago can still affect the risk posture of our networks today. |
4. Tu Laniyonu - Insider Threat In this interview, we talk with Tu Laniyonu who works in the Government Sector as a digital forensic examiner working on cases of suspected insider threats. |
6. Conclusion
1. Conclusion We will provide a short conclusion and summary of the course. |
2. BONUS: Special Offer for My Students In this bonus video, you will receive an exclusive discount coupon code to take any of my other course. |