Enterprise Cybersecurity in Digital Business Basic Certificate Program
- Online
- On-Demand
- Seton Hall Certified
Cyber is the #1 business issue. This course focuses on understanding the cyber terminology, case studies, regulations, risk quantification, reporting and cyber insurance.
What you will learn
We will cover introductory content on financial impacts and compliance related to Cybersecurity. The course introduces terminology, regulations, insurance, cyber risk and reporting.
Learn “best practices” to lead your company in cybersecurity, including:
- Knowledge of the latest cybersecurity risks and regulations
- Cyber financial risk quantification and its uses for companies
- Understanding of best practices in cybersecurity
- Regulatory challenges to prepare for compliance
- Cyber insurance strategy
Course Book:
Managing Cyber Risk, from Routledge Publishing
During labs, students will implement digital asset inventories, risk models for quantification, and utilize reports for essential board reporting. The total time committed to labs is about 20% of the course.
Lab 1: Digital Asset Inventory
Lab 2: Regulatory Management
Key Takeaways:
- Allow teams to understand their role in cyber risk management.
- Relates people, process and tools in cybersecurity to regulations and cyber risk.
- Develops KPIs that demonstrate financial impact of cyber events.
- Provides a holistic view of cyber, privacy and risk.
- Relates financial metrics to protecting digital assets.
Skills Learned:
- Digital Asset Methodology
- Understand and analyze risk in the cloud and on premise
- Understand the role of cyber insurance
- Get up to speed quickly on emerging technology security issues and terminology
What you will receive:
- Hands-on lab for cyber risk quantification
- Weekly chats with the chair to ask any questions
- Dedicated program manager to assist with technical issues
- Electronic courseware containing the entire course content
- Course books – available for purchase
- Access to repeatable interactive hands-on labs
- MP3 audio files of the complete course lecture
Who should attend:
- Cybersecurity teams, auditors, compliance and others looking to advance their cyber-risk oversight knowledge.
- Directors looking to understand their fiduciary duties.
- C-level executives who need to provide data to the board.
Syllabus
Module 1: Evolution of Cybersecurity and Cybersecurity Basics
Module Description
This module provides an introduction to cybersecurity from a business point of view based on research with the Fortune 1000 and cyber insurance industry using a digital asset methodology. In 2001, 10% of a business was digital, today 85% of an organization’s value is digital. The module focuses on building student understanding of cybersecurity from how cyber evolved out of information technology, addresses key cyber-related business and technical roles, demonstrates the consequences of poor cyber hygiene and reviews cybersecurity trends.
In addition to the evolution of cyber, students learn to communicate in the language of cybersecurity, study data breaches, attack surfaces, enterprise threats of today and enterprise cybersecurity programs components.
Each student is required to conduct a data breach case study and do an online lab. The lab assignment is an inventory of digital assets of their organization or a fictious or public organization. The lab uses the ValuRisQ platform.
Digital Asset Inventories contain about a dozen attributes needed for cyber risk quantification and scoring that will be performed in later modules. The digital asset inventory aims at identifying crown jewel assets and validating the key attributes used in cyber risk scoring related to the asset behavioral and user behavioral analytics.
Here are the main digital asset objectives found in organizations:
- Systems – sets of technologies purchased or developed by organizations for specific business purposes. Relates to data exfiltration metrics.
- Technologies – computer related components that typically consist of hardware and software, endpoints, databases, messaging and devices. Relates to technology risks, assessments and systems.
- Processes – a set of digital rules that are utilized by one or more systems to take inputs, transform them and produce outputs that are reported or utilized by other systems. Relates to business interruption exposures and risks.
- Data Types – information that is processed and stored. Data can be classified into different types including privacy, credit card, intellectual property, customer data,
supply chain data, etc. and relates to regulatory exposures.
Module Grade
Each student is expected to satisfy the following requirements:
- Quizzes (30%)
- Data Breach Case Study Assignment (20%)
- Digital Asset Lab (50%)
Module 2: Regulations, Standards and Frameworks
Module Description
This module provides an introduction to cybersecurity regulation based on industry, geography, government and data type. It explores standards and frameworks aligning them to security control tests. Regulations covered at the Federal level are the Healthcare Information Portability and Accounting Act (HIPAA), Securities Exchange Commission (SEC), Graham Leach Bliley Act (GLBA), and the Fair Practices Act. Regulations at the state level focus on new privacy laws including the California Consumer Protection Act (CCPA), State privacy acts in Maine, Nevada, Colorado and the New York State Department of Financial Services Part 500 (NY CRR 500) and the Insurance Data Security Act. The module covers both organizational and third-party requirements.
The module explores each control test, their use, and how to conduct the tests in a lab environment. Each student is required to do an online lab. The lab assignment is a security assessment of a system at their organization or a fictious or public organization. Security Assessments can be prescriptive or not. Controls can be mapped across frameworks.
Here are the main objectives found in this module to map control assessment requirements to the following laws:
- Federal Regulations – Including FTC, FCC, OCIE, HHS and GLBA Laws
- State Regulations – Including CCPA, NYS DFS, State Privacy Laws, and the Insurance Data Security Act
- Industry Standards – Including PCI
- European Regulations – Including GDPR
- Frameworks – Including ISO27001, PCI-DSS, NIST 800-53, NIST CSF, COBIT, CIS Top20 Controls, etc.
Module Grade
Each student is expected to satisfy the following requirements:
- Quizzes (50%)
- Security Assessment Lab (50%)
Certification
You will get a certification in Enterprise Cybersecurity in Digital Business Basic Program from Seton Hall University.
Tech Requirements
- Internet access
- Mobile phone for two-factor authentication
All labs in this course are focused on using our browser. We recommend Edge or Google Chrome.
Pricing and Details:
No prerequisite or experience necessary. Course can be completed over a 3 month period and will take an estimated 25 hours to complete.