This module focuses the student on a broad range of topics relative to
risk-based planning for enterprise cybersecurity. The intent is focusing
on creating risk assessment and modeling
approaches to solve cybersecurity issues so that organizations
can build security framework and sustain a healthy security posture.
This course analyzes external and internal security
threats, failed systems development and system processes and
explores their respective risk mitigation solutions through policies,
best practices, operational procedures, and government
regulations. Risk frameworks covered include NIST SP 800-12,
SP 800-37, SP 800-39, and CERT/CC risk analysis guidelines.