I have been actively involved in reviewing cybersecurity policies [using the risk assessment process that I learned during the program] to tackle tech-related risks, such as ensuring business continuity and safely adopting cloud technologies.”
Mary, UBC Micro-certificate in Cybersecurity and Risk Management
Mary Carmichael is an enterprise risk management consultant specializing in technology risk management and advisory services across various sectors, including higher education, government, and energy. Her interest in studying cybersecurity took off after dealing with security issues firsthand in her role managing enterprise risk.
What led you to pursue this program?
What drew me to the UBC Micro-certificate in Cybersecurity and Risk Management is its flexibility. It allowed me to continue working while I learn, which means I can start applying new knowledge right away without stepping away from my current responsibilities. This practical approach helps me bring immediate improvements to my organization’s cyber risk management strategies, making our operations safer and more resilient.
What was the highlight of the program for you?
The highlight of the program was the hands-on projects that tackled real-world cybersecurity challenges, particularly one that involved a risk assessment process to create a risk register for an organization transitioning to cloud services—a scenario very similar to my own workplace experiences. Additionally, the collaborative learning and receiving guidance from industry experts were the standout aspects of my time in the program.
Were there any surprises or ah-ha moments for you?
There were several ah-moments in the program, particularly how it tied together threat analysis, risk assessment, and legal implications of cybersecurity. The comprehensive curriculum, delivered by industry experts, showed the interconnectedness of these topic areas in a way I had not fully appreciated before. Understanding the depth and breadth of cybersecurity through this lens was a major ah-ha moment for me, highlighting the multifaceted challenges and the layered defense strategies required for modern cybersecurity practices.
How can the knowledge and skills gained from the program be applied in either a professional or personal setting?
The skills and knowledge from this program are very applicable both professionally and personally. At work, I use the program’s teachings on threat analysis, risk assessment, and compliance to improve our organizational security and ensure we meet regulations (Freedom of Information and Protection of Privacy Act), thereby promoting a security-aware culture. Personally, the program has sharpened my cyber hygiene through better password management, safe browsing, and adjusted security settings.
Who would you recommend this program to?
I would recommend this program to anyone who is looking to increase their understanding and skills in cybersecurity, whether they are just starting their career or want to improve their expertise with cyber risk management. Additionally, the program is valuable for managers and decision-makers who need to oversee cybersecurity strategies and ensure compliance within their organizations. The comprehensive curriculum and the opportunity to learn from industry experts provide a solid foundation in learning cybersecurity practices (e.g., policy development, risk assessment, and risk reporting). These skills are very transferable and relevant across a wide range of industries and roles, making the program an excellent choice for professionals from diverse backgrounds.
Stay connected
Sign up for news and updates about UBC Extended Learning programs, courses, info sessions and more.