Cyber threats come in all shapes, sizes, complexity and are ever-evolving. Attacks are causing great financial loss and serious damage to companies. It is essential for organizations to establish a baseline to identify critical components that must be incorporated into any cybersecurity risk management approach. Cybersecurity yields potential business opportunities for a firm to better serve its clients. This course will better prepare firms who conduct readiness assessments for their clients through consulting or advisory services. Participants will learn how to keep abreast of the latest cybersecurity trends, manage risks, and ensure that clients have a sound risk management program to safeguard their organization.
– Apply knowledge of an effective cybersecurity risk management program to Analyze an entity’s program and conduct a readiness assessment.
– Differentiate the various frameworks available (e.g., NIST, ISO, TSC, or combination thereof), considering when and how to use each framework, including pros and cons of each.
– Apply tests to an entity’s cybersecurity controls and other risk management activities based on existing frameworks.
– Identify recommendations for improvements based on procedures performed.
– Cybersecurity risks to businesses and firms
– Different cybersecurity controls frameworks (i.e., NIST, ISO, TSC, etc.)
– Internal controls and other risk management activities
– Components of a cybersecurity risk management program
Some knowledge of a cybersecurity risk management program