Cybersecurity Risk Management and Compliance for ISSOs
This course focuses the student on a broad range of topics relative to risk-based planning and implementation for enterprise cybersecurity, looking at both internal and external threats. External threats will consider a variety of threat actors including nation states, terrorists, hactivists and criminals. Internal threats will focus on insider threat, exploring what insider threat means from a cyber perspective, looking through the lens of historical and traditional forms of sabotage and espionage.
This course will also include analyzing systems development and system processes, exploring risk mitigation solutions through policies, best practices, operational procedures, and legal regulations. Students will be exposed to the national and international policy and legal considerations related to cybersecurity and cyberspace such as privacy, intellectual property, cybercrime, critical infrastructure protection and cyber-warfare.
Students should have taken UMBC Training Centers’ Information Systems Security for ISSOs course or have equivalent skills and experience.
Cybersecurity Risk Management is an informed approach to planning, implementing, and operating in a connected environment through a risk-based approach, informed by business/mission objectives. This approach recognizes that cybersecurity is not an isolated function within any organization, but rather requires coordination with other organizational and executive functions – human resources, legal, finance, operations, technology. Identifying critical assets, and prioritizing their protection involves questions of risk tolerance, budget, law and policy.
- Introduction to Cybersecurity Risk Management
- NIST Risk Management Framework and related special publications (SP) 800-series
- NIST Cybersecurity Framework
- External Threats – Prevent, Detect, and Respond
- Insider Threats – Prevent, Detect, and Respond
- Domestic and International Legal Considerations
- Cybersecurity as a Source of Intelligence
- Risk Assessment
- System Security Plans
- Continuous Monitoring Strategy
- Incident Response & Reporting
- Cloud Security and Compliance
- ISSO Documentation Requirements
Is there a discount available for current students?
UMBC students and alumni, as well as students who have previously taken a public training course with UMBC Training Centers are eligible for a 10% discount, capped at $250. Please provide a copy of your UMBC student ID or an unofficial transcript or the name of the UMBC Training Centers course you have completed. Asynchronous courses are excluded from this offer.
What is the cancellation and refund policy?
Student will receive a refund of paid registration fees only if UMBC Training Centers receives a notice of cancellation at least 10 business days prior to the class start date for classes or the exam date for exams.