Cyber Security: GRC Part 2 - Risk Management and Compliance

Cyber Security: GRC Part 2 - Risk Management and Compliance

本课程是 Cyber Security: Essentials for Governance, Risk & Compliance 专项课程的一部分

位教师：Matt Bushby

访问权限由 Coursera Learning Team 提供

5个模块

深入了解一个主题并学习基础知识。

初级等级

推荐体验

1 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

5个模块

深入了解一个主题并学习基础知识。

初级等级

推荐体验

1 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

您将学到什么

Align cyber strategy with business goals and organisational priorities.
Implement governance frameworks like NIST and the Three Lines of Defence.
Lead cross-functional teams to manage cyber risk and build resilience.
Communicate cyber threats effectively to executives and stakeholders.

您将获得的技能

要了解的详细信息

可分享的证书

添加到您的领英档案

作业

5 项作业

授课语言：英语（English）

了解顶级公司的员工如何掌握热门技能

了解关于 Coursera for Business 的更多信息

Petrobras, TATA, Danone, Capgemini, P&G 和 L'Oreal 的徽标

积累特定领域的专业知识

本课程是 Cyber Security: Essentials for Governance, Risk & Compliance 专项课程专项课程的一部分

在注册此课程时，您还会同时注册此专项课程。

向行业专家学习新概念
获得对主题或工具的基础理解
通过实践项目培养工作相关技能
获得可共享的职业证书

该课程共有5个模块

• Watch our course introduction video before you enroll! (copy and paste into browser) https://vimeo.com/1176025088

This course is for senior professionals, managers, and rising cyber leaders who need strategic foresight, decisive governance, and resilient execution in cyber security management. It provides an executive playbook for navigating modern cyber security management complexities. By the end of this course, you will be able to: • Craft and align a cybersecurity strategy to business goals, integrating frameworks like NIST, CIS, and ISO27001. • Establish effective cyber governance models including risk management structures and the Three Lines of Defence. • Assess and quantify organisational cyber risks using both qualitative and quantitative methodologies. • Make high-stakes decisions during real-time cyber incidents, leveraging playbooks and threat models. To succeed, learners should have foundational knowledge of cyber security concepts and business operations.

This module covers how to design and assess a cybersecurity strategy aligned with business goals and critical asset protection. You will learn core principles such as the CIA Triad, along with key concepts including risks, threats, and vulnerabilities in today’s cyber landscape. It explores how to evaluate threat environments, define cyber risk tolerance, and benchmark maturity using frameworks like NIST, ISO 27001, and CIS Controls. The module also examines how to embed cybersecurity into enterprise strategy and culture as a strategic enabler. By the end, learners will be able to develop a tailored cybersecurity strategy, assess cyber maturity, and align security decisions with organisational priorities.

涵盖的内容

1个视频1个作业10个插件

1个视频总计1分钟

Module 1: Introduction Video 1分钟

1个作业总计15分钟

End of module quiz15分钟

10个插件总计106分钟

Overview5分钟
Introduction5分钟
The CIA Triad15分钟
Key frameworks and terminology15分钟
Risks, threats and vulnerabilities15分钟
Introduction to cyber security strategy15分钟
Cyber security and business strategy alignment15分钟
Career inspiration15分钟
Summary5分钟
References1分钟

This module covers cyber security governance, emphasizing executive oversight and accountability for managing cyber risk. You will learn key governance models, including the Three Lines of Defence, and examine senior management responsibilities. Explore global frameworks like NIST CSF, NIST SP 800-53, and CIS Controls to define and evaluate cyber programs. By the end, you will demonstrate how governance guides risk management and embeds cyber security as an organizational responsibility. Focus on framework application for success.

涵盖的内容

1个视频1个作业14个插件

1个视频总计1分钟

Module 2: Introduction Video 1分钟

1个作业总计15分钟

End of module quiz15分钟

14个插件总计171分钟

Overview5分钟
Introduction10分钟
Why is a cyber security framework important?15分钟
Risk management framework15分钟
Introduction to program frameworks15分钟
NIST cyber security framework (CSF)15分钟
Control objectives15分钟
NIST SP 800-53 overview15分钟
NIST SP 800-53 control categories15分钟
The Center for Internet Security (CIS) framework15分钟
CIS critical security controls15分钟
Critical security controls self assessment tool15分钟
Summary5分钟
References1分钟

This module focuses on leading cyber risk management, balancing security controls with business priorities. Building on governance, you will explore cyber risk concepts like threat modeling, asset classification, and risk tolerance. Learn structured risk assessment processes to identify vulnerabilities, assess impact, and prioritize mitigation. Understand how risk management cascades from policy to operations, reinforcing the Three Lines of Defence model. By the end, you will contribute to cyber risk discussions and embed risk-informed thinking into cyber strategy. For success, apply risk assessment methods to real scenarios.

涵盖的内容

1个视频1个作业9个插件

1个视频总计1分钟

Module 3: Introduction Video 1分钟

1个作业总计15分钟

End of module summary15分钟

9个插件总计86分钟

Overview5分钟
Introduction5分钟
Elements of cyber corporate governance15分钟
Structure of cyber security governance15分钟
Senior executives and cyber security15分钟
The Three Lines of Defence model (3LOD)15分钟
Industry interveiw10分钟
Summary5分钟
References1分钟

This module focuses on quantifying cyber risks for evidence-based decision-making. You will learn to prioritize investments and remediation by exploring qualitative and quantitative assessment models, including FAIR and NIST frameworks. Understand how to calculate risk likelihood, impact, and exposure in financial and operational terms. By the end, you will assess organizational risk posture, compare data-driven remediation options, and communicate cyber risk in terms that resonate with stakeholders from executives to regulators. Practice applying quantification models to gain confidence.

涵盖的内容

1个视频1个作业11个插件

1个视频总计1分钟

Module 4: Introduction Video 1分钟

1个作业总计15分钟

End of module quiz15分钟

11个插件总计121分钟

Overview5分钟
Introduction5分钟
Risk management concepts15分钟
Types of risk assessment15分钟
Qualitative risk assessments15分钟
Quantitative risk assessments15分钟
Responding to risks15分钟
Control selection and implementation15分钟
Risk maturity modelling15分钟
Summary5分钟
References1分钟

This module prepares senior leaders to manage cyber crises with confidence. You will explore cyber attack evolution, real-world case studies, and the cyber kill chain. Focus on the senior management role in preparation and response, including time-critical decision-making and stakeholder communication. Understand how cyber resilience is a leadership responsibility, integrating risk management and strategic foresight. By the end, you will develop leadership-aligned response strategies and build a resilient organizational culture. To maximize learning, consider current organizational incident response plans.