Curriculum
- 21 Sections
- 171 Lessons
- 12 Weeks
Expand all sectionsCollapse all sections
- Week 1Enterprise Governance10
- 1.1Organizational Culture and Leadership60 Minutes
- 1.2Legal, Regulatory, and Contractual Requirements
- 1.3Security Governance vs. IT Governance
- 1.4Security Governance vs. IT Governance
- 1.5Organizational Structures, Roles, and Responsibilities
- 1.6Security Governance vs. IT Governance
- 1.7Cybersecurity Governance Frameworks
- 1.8Ethical Considerations in Security Leadership
- 1.9Risk-Based Approach to Governance
- 1.10Compliance and Audit Requirements
- Week 2Security Governance Frameworks and Compliance8
- 2.1Governance Models and Compliance Requirements60 Minutes
- 2.2Security Governance Best Practices (ISO 27001, NIST, COBIT)
- 2.3Aligning Security with Business Objectives
- 2.4Policies and Standards Development
- 2.5Security Governance in Cloud Environments
- 2.6Maturity Models in Security Governance
- 2.7Role of Security Governance in Digital Transformation
- 2.8Regulatory Compliance and Its Impact on Governance
- Week 3Information Security Strategy Development8
- 3.1Developing a Security Strategy Aligned with Business Goals60 Minutes
- 3.2Information Security Governance Frameworks and Standards
- 3.3Strategic Planning (Budgets, Resources, Business Case)
- 3.4Security Roadmap Development
- 3.5Long-Term vs. Short-Term Security Planning
- 3.6Security Program Maturity and Evolution
- 3.7Resource Allocation for Security Initiatives
- 3.8Involvement of Executive Leadership in Security Strategy
- Week 4Security Leadership and Stakeholder Management8
- 4.1Communicating Security Goals to Executive Management
- 4.2Security Policy Development and Enforcement
- 4.3Security Program Maturity Models
- 4.4Security Roles in Mergers and Acquisitions
- 4.5Developing an Effective Security Culture
- 4.6Security Champions and Their Role in Governance
- 4.7Conflict Resolution in Security Decision-Making
- 4.8Measuring the Effectiveness of Security Leadership
- Week 5Security Metrics and Continuous Improvement8
- 5.1Key Performance Indicators (KPIs) and Metrics for Governance
- 5.2Benchmarking Security Performance
- 5.3Security Audits and Assessments
- 5.4Compliance Management Best Practices
- 5.5Continuous Improvement Strategies
- 5.6Security Performance Dashboards
- 5.7Role of Data Analytics in Security Metrics
- 5.8Predictive Analysis for Security Improvements
- Week 6Risk Management Fundamentals8
- 6.1Risk Terminology and Key Concepts
- 6.2Threat Intelligence and Threat Modeling
- 6.3Identifying Risks in Business Processes
- 6.4Understanding Risk Tolerance and Appetite
- 6.5Risk-Based Decision Making
- 6.6Operational, Strategic, and Compliance Risks
- 6.7Integrating Risk Management into Business Strategy
- 6.8Role of Artificial Intelligence in Risk Management
- Week 7Risk Assessment and Analysis8
- 7.1Emerging Risk and Threat Landscape
- 7.2Vulnerability and Control Deficiency Analysis
- 7.3Risk Assessment Methodologies (Qualitative vs. Quantitative)
- 7.4Business Impact Analysis (BIA)
- 7.5Asset-Based vs. Threat-Based Risk Assessment
- 7.6Identifying and Managing Insider Threats
- 7.7Risk Prioritization Strategies
- 7.8Cyber Insurance and Its Role in Risk Mitigation
- Week 8Risk Response and Treatment8
- 8.1Risk Treatment / Risk Response Options (Avoid, Mitigate, Transfer, Accept)
- 8.2Risk and Control Ownership in Organizations
- 8.3Implementing Security Controls Based on Risk Findings
- 8.4Cost-Benefit Analysis of Risk Treatments
- 8.5Third-Party Risk Management
- 8.6Security Testing for Risk Mitigation
- 8.7Risk Control Documentation and Reporting
- 8.8Business Continuity Planning and Risk Response
- Week 9Risk Monitoring and Reporting8
- 9.1Continuous Risk Monitoring and Auditing
- 9.2Risk Reporting to Stakeholders
- 9.3Security Risk Register Management
- 9.4Third-Party and Supply Chain Risk Management
- 9.5Developing Risk Dashboards for Executives
- 9.6Automation in Risk Monitoring
- 9.7AI and Machine Learning in Threat Detection
- 9.8Role of SIEM in Risk Management
- Week 10Compliance and Regulatory Risk Management8
- 10.1Industry-Specific Regulations (HIPAA, GDPR, PCI-DSS, SOX)
- 10.2Security Frameworks for Compliance
- 10.3Legal Liabilities and Risk
- 10.4Incident Disclosure and Reporting Requirements
- 10.5Ensuring Compliance in Multi-Cloud Environments
- 10.6Cybersecurity Laws and Their Evolution
- 10.7Preparing for Security Audits
- 10.8Legal Implications of Data Breaches
- Week 11Security Program Development Fundamentals8
- 11.1Defining Security Program Goals and Objectives
- 11.2Security Program Resources (People, Tools, Technologies)
- 11.3Security Budgeting and Justification
- 11.4Managing Security Teams and Responsibilities
- 11.5Role of CISO in Security Program Development
- 11.6Third-Party Security Program Management
- 11.7Cybersecurity Workforce Development
- 11.8Implementing an Effective Security Operations Center (SOC)
- Week 12Information Asset Management8
- 12.1Information Asset Identification and Classification
- 12.2Data Lifecycle Management
- 12.3Security Controls for Protecting Sensitive Data
- 12.4Role of Data Loss Prevention (DLP)
- 12.5Encryption Strategies for Data Protection
- 12.6Cloud-Based Asset Management Challenges
- 12.7IT Asset Inventory and Security
- 12.8Shadow IT and Its Security Risks
- Week 13Security Frameworks, Policies, and Standards8
- 13.1Industry Standards and Frameworks for Information Security
- 13.2Policy Development and Governance
- 13.3Security Program Metrics and Reporting
- 13.4Role of Policies in Regulatory Compliance
- 13.5Customizing Security Frameworks for Business Needs
- 13.6Adopting Zero Trust Security Frameworks
- 13.7Security Documentation and Change Management
- 13.8Auditing Policies for Effectiveness
- Week 14Information Asset Identification and Classification9
- 14.1Introduction to Information Asset Management
- 14.2Data Classification Models (Public, Internal, Confidential, Restricted)
- 14.3Asset Management Lifecycle: Identification, Classification, Handling, Disposal
- 14.4Identifying and Protecting Critical Business and IT Assets
- 14.5Data Discovery and Data Mapping for Compliance (GDPR, CCPA, HIPAA)
- 14.6Data Loss Prevention (DLP) Tools and Techniques
- 14.7Implementing Encryption and Access Control for Data Protection
- 14.8Security and Compliance Requirements for Data Retention
- 14.9Case Study: Major Data Breaches and Their Business Impact
- Week 15Security Program Management9
- 15.1Understanding the Role of Security Leadership (CISO, Security Directors)
- 15.2Developing an Enterprise-Wide Security Awareness Program
- 15.3Security Awareness Training Best Practices and Implementation
- 15.4Metrics and KPIs for Measuring Security Program Effectiveness
- 15.5Security Budgeting and Cost Optimization Strategies
- 15.6Managing External Security Services (Cloud Security, MSPs, MSSPs)
- 15.7Third-Party Risk Management (TPRM) and Vendor Security Assessments
- 15.8Security Program Communication and Reporting to Executives
- 15.9Case Study: Managing Security Programs in Large vs. Small Organizations
- Week 16Security Control Implementation and Testing8
- 16.1Security Control Frameworks: ISO 27001, NIST 800-53, CIS, SOC 2
- 16.2Security Control Design and Selection for Different Environments
- 16.3Implementing Preventive, Detective, and Corrective Security Controls
- 16.4Identity and Access Management (IAM) Integration with Security Programs
- 16.5Zero Trust Security Model and Its Implementation
- 16.6Testing and Evaluating Security Controls for Effectiveness
- 16.7Developing and Conducting Security Audits and Assessments
- 16.8Compliance Audits: SOC 2, HIPAA, PCI DSS, FISMA
- Week 177
- 17.1Introduction to Incident Response (IR) and Its Importance
- 17.2Developing an Effective Incident Response Plan (IRP)
- 17.3Incident Response Team (IRT) Roles and Responsibilities
- 17.4Understanding the 6 Phases of Incident Response (NIST 800-61, SANS)
- 17.5Preparation , Identification , Containment, Eradication, Recovery , Lessons Learned
- 17.6Cybersecurity Incident Handling Procedures and Playbooks
- 17.7Legal, Compliance, and Regulatory Aspects of Incident Response
- Week 18Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)9
- 18.1Introduction to Business Continuity and Disaster Recovery (BC/DR)
- 18.2Difference Between BCP and DRP: When to Use Each
- 18.3Conducting a Business Impact Analysis (BIA) for Continuity Planning
- 18.4Risk Assessment and Critical Business Function Identification
- 18.5Developing a Business Continuity Strategy and Playbooks
- 18.6Disaster Recovery Planning: Strategies, Sites (Hot, Warm, Cold)
- 18.7Crisis Communication and Public Relations During Cyber Incidents
- 18.8Testing and Maintaining BCP and DRP Plans
- 18.9Case Study: Successful Disaster Recovery and Business Continuity Planning
- Week 19Incident Management Planning8
- 19.1Incident Response Plan Development
- 19.2Business Impact Analysis (BIA) Methodologies
- 19.3Risk Assessment for Incident Response Planning
- 19.4Crisis Management vs. Incident Management
- 19.5Developing Incident Playbooks
- 19.6Legal and Compliance Considerations in Incident Response
- 19.7Security Logging and Monitoring for Incident Detection
- 19.8Red Team vs. Blue Team Exercises
- Week 20Business Continuity and Disaster Recovery Planning8
- 20.1Business Continuity Plan (BCP) Development
- 20.2Disaster Recovery Plan (DRP) and Testing
- 20.3Crisis Management and Incident Response Planning
- 20.4Building a Resilient IT Infrastructure
- 20.5Recovery Time Objectives (RTO) vs. Recovery Point Objectives (RPO)
- 20.6Conducting Disaster Recovery Drills
- 20.7Cloud-Based Disaster Recovery Solutions
- 20.8Developing a Business Continuity Culture
- Week 21, Week 22, Week 23, Week 24( Practical & Exam )Review and Mock Exams7