When a security breach happens, the disruption and damage can vary widely. But one thing is for certain: the effects ripple through the entire organization, often having significant operational and financial implications. Creating a cybersecure organization is a necessary goal today. Decisions about cybersecurity have implications throughout your organization—not only for technology-focused teams, but for every team. Sophisticated phishing schemes, ransomware, and data breaches are on the rise, and their level of complexity is increasing. Therefore, all of us have a role to play in keeping our organization secure. In this program, you will learn • How to select and use the right frameworks to enhance cybersecurity decision-making in your organization • How to assess risk, improve defenses, and reduce vulnerabilities in your organization • How to speak the language of cybersecurity to enable informed conversations with your technology teams and colleagues, and ensure your organization is as cybersecure as possible
- Upon completion of the program, participants will be able to:
- • A framework that provides a strategic view of an organization’s cybersecurity risk management, including management mechanisms you can put in place immediately
- • A playbook with actionable next steps for improving a culture of cyber awareness within your organization.
- • The language and vocabulary to support informed conversation with your CISO, CTO, and other technology leaders
- • An appreciation of how decisions made by technologists may affect the business landscape within your organization
- • An awareness of the leading approaches to managing cybersecurity, including 'defense in depth' and the National Institute of Standards andTechnology (NIST) Cybersecurity Framework
- • A practical interpretation of the tradeoffs between security and privacy, and a method for understanding your organization's priorities
Industry examples cited in the program include:
• Financial services
• Insurance industry
• Government organizations
Cybersecurity for Managers: A Playbook is an engaging, interactive, and personalized learning experience, built upon learning tools that include:
Understanding the Threat Landscape
Gain an overview of the key concepts and practices in cybersecurity.
- Dispel common myths such as 'cybersecurity is just an IT problem'
- Cyber safety: applying accident research to prevent cyber incidents
- IoT: how expanding connectedness opens the door to cyber threats
Understanding the Threat Landscape
Use the High-Tek Sensors case to learn about the NIST Cybersecurity Framework and apply key concepts to individual organizations.
- Interactive case study: High-Tek Sensors (manufacturing)
- NIST Cybersecurity Framework
- Applying NIST to your organization
Measuring Risk Exposure
Identify risk and use frameworks for measuring risk.
- Overview of risk management practices
- Qualitative and quantitative frameworks for measuring risk
- Cyber insurance: risk transfer
Improving Defenses with Systems and Technology
Learn the basics of cybersecurity resource allocation and the concept of ‘defense in depth’.
- Vulnerabilities and security
- Simulation of cybersecurity funds budgeting
- Interview with a cloud cybersecurity expert on ‘defense in depth’
Building a Culture of Cybersecurity
Learn about management mechanisms for influencing cybersecurity culture within organizations.
- The Cybersecurity Culture Model
- Interactive case study: insurance company
- Practical steps for achieving organizational security
Exploring Ethics in Cybersecurity
Understand important tradeoffs between security and privacy.
- Considerations of ethics in cybersecurity using the Apple-FBI controversy as an example
- Faculty roundtable discussion