Cybersecurity Risk Management Frameworks 專項課程

In order to manage the cybersecurity function business, you must first understand its language and its environment. This course covers the foundations of cybersecurity, including threats and vulnerabilities as well as the tools, technologies, and strategies used to manage it.

After completing this course, a learner will be able to: ● Define key concepts and terminology in Cybersecurity ● Identify threats to cybersecurity ● Identify strategies to identify and remediate vulnerabilities in information assets ● Identify the systemic components (including personnel) necessary for an effective cybersecurity program

Every organization uses its information to support its business operations. When there are threats in the internal and external environments, they create the risk of information loss or damage. This course examines the design and construction of a risk management program, including policies and plans, to support the identification and treatment of risk to the organization’s information assets.

Organizations with little experience in risk management will want to look to national and international organizations for guidance in designing and implementing their risk management efforts. There are two dominant organizations that offer guidance in this area: the U.S. National Institute for Standards in Technology (NIST) and the International Standards Organization.

This course examines the risk management frameworks and standards offered by these organization and then discusses other available approaches. The course concludes with a discussion of applications and tools to support the organization’s risk management effort.