XBUS-606 - Cybersecurity Strategy

Course Description

The Certificate in Cybersecurity Strategy is crafted for leaders across various sectors who are responsible for defining and executing their organization's strategic direction. This program equips professionals with the essential knowledge and skills to protect their organizations against the rapidly evolving landscape of cyber threats. Through a series of comprehensive modules, participants will learn to seamlessly integrate cybersecurity practices into their strategic planning, ensuring robust protection of their digital assets and information systems.

In the module on Information Technology and Networking with Data, Information, and Knowledge Considerations, participants will explore the components of information technology, understanding their functions and roles in collecting, processing, and storing diverse types of information. They will also evaluate methods and tools for manipulating information systems, and examine analysis and synthesis techniques for informed decision-making.

The Threat, Vulnerability, and Attack Spectrum module guides participants through the major types of threats and vulnerabilities in current systems, methods of risk assessment, and the motivations of primary threat actors such as hacktivists, nation-states, and insiders. They will develop high-level plans to train users in minimizing specific risks or vulnerabilities.

In the Technical Countermeasures and Risk Assessments module, participants will operationalize various technical countermeasures, including antivirus software, firewalls, and encryption. They will interpret security risk assessments, manage organization-wide risk assessments, and prioritize and remediate identified risks.

The Legal, Regulatory Guidance, and Frameworks for Cybersecurity module will have participants itemize major federal legislation and international agreements affecting information security for U.S. entities. They will appraise national and international efforts to combat cybercrime, and assess the efficacy of cybersecurity standards and guidelines.

In the Cybersecurity Controls & Management module, participants will assess key roles and responsibilities for information security within an organization or agency, and evaluate management's role in reviewing key security technology trends. They will create and apply effective metrics for cybersecurity, and employ integrative strategies such as the balanced scorecard and performance measurement.

Finally, the Strategy, Leadership, and Cyber Simulation module will enable participants to design a cybersecurity strategy that enhances security while aligning with business needs. They will develop training programs, make critical cybersecurity decisions under pressure, and manage executive communication and external stakeholder demands effectively.

Course Outline

Course Objectives

• Understand the major types of threats and vulnerabilities in current systems (Scan)
• Describe the major threat actors (e.g., hacktivists, nation-states, insiders) and their motivations to attack (Focus)
• Define the major vulnerabilities exploited by the threat actors 
• Develop a high-level plan to train users to minimize a specific risk or vulnerability (Act)
• Operationalize a variety of technical countermeasures, including antiviruses, firewalls, and encryptions
• Initiate and manage an organization-wide risk assessment 
• Prioritize and remediate identified risks
• Assess the efficacy and effectiveness of the broad spectrum of cybersecurity standards and guidelines for containing threats and vulnerabilities and for applying countermeasures
• Assess key roles and responsibilities for information security in an organization or agency.
• Assess the role of management in reviewing key security technology trends affecting the enterprise.
• Create and apply effective metrics for cybersecurity 
• Design a cybersecurity strategy that both increases security and aligns with business needs
• Develop a training program
• Triage and make cybersecurity decisions under pressure with limited information
• Document an incident response
• Manage upward, executive communication and expectations under pressure

Applies Towards the Following Certificates

• Certificate in Cybersecurity Strategy : Required