Curriculum
- 24 Sections
- 142 Lessons
- 12 Weeks
Expand all sectionsCollapse all sections
- Week 1Introduction to Information Security Governance8
- 1.0Understanding Information Security Governance60 Minutes
- 1.1The Role of a CISO in Governance60 Minutes
- 1.2Aligning Security with Business Objectives60 Minutes
- 1.3The CIA Triad: Confidentiality, Integrity, and Availability
- 1.4Security Frameworks (ISO 27001, NIST, CIS Controls)
- 1.5Building an Information Security Governance Program
- 1.6Compliance and Legal Considerations
- 1.7Security Policies and Standards
- Week 2Regulatory and Legal Compliance8
- 2.0Understanding Global Compliance Standards60 Minutes
- 2.1GDPR, HIPAA, PCI-DSS, SOX, FISMA, CCPA Overview60 Minutes
- 2.2Industry-Specific Compliance (Banking, Healthcare, Government)60 Minutes
- 2.3Cybersecurity Laws and Regulations
- 2.4Data Protection Laws and Privacy Regulations
- 2.5Role of Compliance Audits
- 2.6Developing a Compliance Strategy
- 2.7Managing Regulatory Reporting Requirements
- Week 3Risk Management in Governance8
- 3.0Introduction to Risk Management60 Minutes
- 3.1Risk Assessment Methodologies60 Minutes
- 3.2Risk Treatment Strategies (Mitigation, Acceptance, Transfer, Avoidance)60 Minutes
- 3.3Third-Party and Vendor Risk Management60 Minutes
- 3.4Business Impact Analysis (BIA)
- 3.5Enterprise Risk Management (ERM)
- 3.6Risk-Based Decision Making
- 3.7Continuous Monitoring and Risk Re-Evaluation
- week 4Security Policies and Implementation8
- 4.0Writing and Implementing Security Policies
- 4.1Security Awareness Training Programs
- 4.2Developing Security Standards and Procedures
- 4.3Security Governance Frameworks (COBIT, ITIL, TOGAF)
- 4.4Security Policy Enforcement and Monitoring
- 4.5Measuring Policy Effectiveness
- 4.6Creating an Information Security Committee
- 4.7Security Metrics and Reporting
- week 5Legal and Ethical Considerations8
- 5.0Ethical Hacking vs. Malicious Hacking
- 5.1Intellectual Property Rights and Digital Forensics
- 5.2Incident Disclosure and Legal Liabilities
- 5.3Contractual Security Obligations
- 5.4Cybercrime Laws and Digital Rights Management
- 5.5Legal Considerations in Cloud Security
- 5.6Privacy vs. Security: Balancing Compliance
- 5.7Case Studies in Legal Security Breaches
- week 6Security Control Frameworks8
- 6.0Security Control Types (Preventive, Detective, Corrective)
- 6.1Control Assurance Frameworks (NIST, ISO, CIS Controls)
- 6.2Control Maturity Models and Assessments
- 6.3Implementing Security Controls in IT Infrastructure
- 6.4Continuous Monitoring of Security Controls
- 6.5Measuring Security Control Effectiveness
- 6.6Role of Security Governance in Control Implementation
- 6.7Case Studies of Failed Security Controls
- week 7Security Control Design and Implementation8
- 7.0Identifying Security Control Objectives
- 7.1Designing Security Controls for Different Environments
- 7.2Implementing Technical Security Controls (IDS, Firewalls, Encryption)
- 7.3Physical and Administrative Security Controls
- 7.4Security Control Monitoring and Auditing
- 7.5Cloud Security Control Implementation
- 7.6Secure Access Controls and Identity Management
- 7.7Security Control Best Practices
- week 8Security Auditing and Compliance Management8
- week 9Security Metrics and Reporting8
- 9.0Key Performance Indicators (KPIs) for Security
- 9.1Security Dashboard and Metrics Reporting
- 9.2Aligning Security Metrics with Business Objectives
- 9.3Measuring the Effectiveness of Security Controls
- 9.4Security Budget Planning Based on Metrics
- 9.5Continuous Security Improvement Based on Metrics
- 9.6Benchmarking Security Performance
- 9.7Security Reporting Best Practices
- week 10Incident Handling and Auditing8
- 10.0Incident Response Frameworks (NIST, ISO 27035)
- 10.1Digital Forensics and Incident Investigation
- 10.2Reporting Security Incidents and Compliance Violations
- 10.3Audit Logging and Log Analysis for Incident Detection
- 10.4Fraud Detection and Insider Threat Monitoring
- 10.5Role of Artificial Intelligence in Incident Detection
- 10.6Cyber Threat Intelligence Integration
- 10.7Lessons Learned from Major Security Incidents
- week 11Security Program Management Fundamentals8
- 11.0Role of a CISO in Security Program Management
- 11.1Establishing a Security Program Roadmap
- 11.2Integrating Security with Business Operations
- 11.3Key Security Management Frameworks
- 11.4Building and Managing a Security Team
- 11.5Managing Security Budgets and Resources
- 11.6Security Operations Center (SOC) Management
- 11.7Developing a Security Strategy
- week 12Information Security Projects and Integration8
- 12.0Security Project Management Principles
- 12.1Change Management in Security Projects
- 12.2Security Integration into DevOps and Agile Environments
- 12.3Security Testing in Software Development Lifecycle (SDLC)
- 12.4Managing Security in IT and Business Projects
- 12.5Secure Configuration Management
- 12.6Security Control Automation
- 12.7Security Documentation and Reporting
- week 13Security Operations and Threat Management8
- 13.0Threat Intelligence and Cyber Threat Hunting
- 13.1Vulnerability Management and Patch Management
- 13.2Intrusion Detection and Prevention Systems (IDS/IPS)
- 13.3Endpoint Detection and Response (EDR)
- 13.4Security Incident Monitoring and Management
- 13.5Advanced Persistent Threats (APT) Detection
- 13.6Security Operations Best Practices
- 13.7Case Studies in Security Operations
- week 14Business Continuity and Disaster Recovery8
- 14.0Disaster Recovery Planning (DRP)
- 14.1Business Continuity Planning (BCP)
- 14.2Crisis Management in Cybersecurity
- 14.3Recovery Strategies and Backup Management
- 14.4Disaster Recovery Testing and Exercises
- 14.5Cloud-Based Disaster Recovery Solutions
- 14.6Incident Communication Plans
- 14.7Lessons Learned from Major Cybersecurity Incidents
- week 15Security Program Performance and Metrics6
- week 16Security Strategic Planning4
- week 17Financial Planning for Security Programs3
- week 18Security Vendor Management3
- week 19Security Compliance Audits and Governance3
- week 20Security Leadership and Board Communication3
- week 21Advanced Security Strategy and Risk Management2
- week 22Security Case Studies and Lessons Learned2
- week 23Certification and Exam Preparation2
- week 24Career Development and Final Assessment2