CYBERSECURITY RISK MANAGEMENT AND COMPLIANCE FOR ISSOS

Posted on by

OVERVIEW

This 5-Day course focuses the student on a broad range of topics relative to risk-based planning and implementation for enterprise cybersecurity, looking at both internal and external threats. External threats will consider a variety of threat actors including nation-states, terrorists, hacktivists and criminals. Internal threats will focus on insider threat, exploring what insider threat means from a cyber perspective, looking through the lens of historical and traditional forms of sabotage and espionage.

This course will also analyze systems development and system processes, exploring risk mitigation solutions through policies, best practices, operational procedures, and legal regulations.  Students will be exposed to national and international policy and legal considerations related to cybersecurity and cyberspace such as privacy, intellectual property, cybercrime, critical infrastructure protection and cyber-warfare.

WHO SHOULD TAKE THIS COURSE

PREREQUISITES

Students should have taken our Information Systems Security for ISSOs course or have equivalent skills and experience.

WHY YOU SHOULD TAKE THIS COURSE

Cybersecurity Risk Management is an informed approach to planning, implementing, and operating in a connected environment through a risk-based approach, informed by business/mission objectives.  This approach recognizes that cybersecurity is not an isolated function within any organization, but rather requires coordination with other organizational and executive functions – human resources, legal, finance, operations, and technology.  Identifying critical assets, and prioritizing their protection involves questions of risk tolerance, budget, law and policy.

COURSE OUTLINE

  • Introduction to Cybersecurity Risk Management
  • NIST Risk Management Framework and related special publications (SP) 800-series
  • NIST Cybersecurity Framework
  • External Threats – Prevent, Detect, and Respond
  • Insider Threats – Prevent, Detect, and Respond
  • Domestic and International Legal Considerations
  • Cybersecurity as a Source of Intelligence
  • Risk Assessment
  • System Security Plans
  • Continuous Monitoring Strategy
  • Incident Response & Reporting
  • Cloud Security and Compliance
  • ISSO Documentation Requirements

Related posts:

  1. Enterprise Linux Security Administration Training
  2. Services
  3. Product support by Alliance Micro Solutions
  4. RHEL Clustering and Storage Management

Leave a Reply