Understanding and measuring the risk involved with real and potential cybersecurity threats and vulnerabilities are fundamental for an organization or enterprise to invest in and to protect its information and operational infrastructure, its constituents, its relationships, and its reputation. Students will learn and apply various modeling techniques to identify and quantify risk and how they are used to determine the value and criteria for managing that risk. Risk management concepts and standards will be explored including its essential elements, effective governance, understanding the appetite for risk, and the need for developing appropriate policies and procedures to mitigate risk. These concepts and standards will be addressed across different industries and environments.
CYBERSEC 503: Cybersecurity Risk Management