As organizations go through the digital transformation journey, coupled with the imminent cybersecurity threats, it becomes imperative for all those who are part of the organization’s regulatory bodies like Legal, Enterprise Risk, Compliance, Governance, Project Office, Finance and other executives, to gain an understanding of what information security management is about. The course, being non-technical, looks at security from a management perspective which covers the key principles of data security, helping gain an understanding of relevant threats, risk management core principals, cyber security controls and technologies, policies, procedures, roles and responsibilities, culture, resilience and best practices derived from the top security frameworks available (i.e. ISO27001/27002, NIST, CSA CCM). Besides, through real world case study examination and assessment based on organizational focused cybersecurity frameworks, the course will provide students a foundational knowledgebase in cyber security that can be leveraged and built upon.

Course Objectives

Upon completing this course, you will:

• Understand the fundamentals of Information Security Management
• Learn how security and business are interrelated
• Identify the different sources and types of data security threats
• Gain an understanding of protection controls/measures that address the threats
• Understand the laws and regulations surrounding information security
• Identify the different data security management frameworks, their differences and similarities, and picking the right one for your organization
• Understand the effective measures to use in order to maintain a healthy, continuously improved security management system.
• Be ready for more advanced information security courses