This is one of two courses in the UBC Micro-certificate in Cybersecurity Strategy and Risk Management.
This business-oriented course explores popular cybersecurity attack vectors, and how different defence mechanisms can be used to secure and minimize impact on your infrastructure and resources, including connected devices, networks, applications and systems.
Focus on critical controls and procedures for monitoring and minimizing cybersecurity risks. Come away with key business processes to create, execute and manage a cybersecurity risk management plan for your organization. Become your organization’s security champion, and implement plans to ensure organization-wide governance and compliance.
By the end of this course, you’ll be able to:
- explain the importance of cybersecurity risk management, and the potential impacts of data breaches to key stakeholders
- explain common cybersecurity threat vectors, and design remediation strategies with appropriate defence controls
- evaluate open-source cybersecurity implementations, and explain how they contribute to cyber resilience
- design and develop a cybersecurity risk management program that incorporates a communications plan for incident response.
Week 1: Into the Breach. Start by reviewing data breach scenarios, impacts and remediations. Choose and explore a critical data breach scenario, then create an incident summary report.
Week 2: Remediating Threat Vectors. Understand different cyber threat scenarios, and how to perform threat modelling for your organization. Create a top threat list for your chosen scenario with potential remediations.
Week 3: Examining Cybersecurity Tools. Explore popular open-source frameworks and tools for defending against cybersecurity risks. Choose from a variety of approaches and tools to add cybersecurity controls to your risk management plan.
Week 4: Governing Cybersecurity Risks. Formalize your cybersecurity risk management plan, and review common strategies for responding to cybersecurity incidents. Understand review cycles and maintain an updated risk management plan.
While designed with professionals and leaders in mind, this course covers technical as well as strategic concepts that are connected back to business goals and operations.
You have access to optional pre-readings to get you up to speed on technical course content. For those with strong technical backgrounds, the course also includes optional technical deep dives for select cybersecurity risks and their associated mitigations.
How am I Assessed?
You’re assessed on weekly activities and a risk management plan you develop in the course that demonstrate your proficiency and achievement of competencies. Your work is assessed using a rubric, and your instructor also provides you specific and actionable feedback.
To take this course, you’ll need access to:
- an email account
- a computer, laptop or tablet under five years old using Windows or Mac OS
- the latest version of a web browser (or previous major version release)
- a reliable internet connection
- a video camera and microphone.
There are no textbooks for this course.
This 100% online instructor-supported course combines self-paced independent study with group discussion and live sessions held Wednesdays from 6pm to 8pm Pacific Time.
Outside of class time, you can access other materials online at your own pace. Each week, review readings, whitepapers and videos. Contribute to an online forum where you apply your learning to discuss different examples of cybersecurity standards.
Expect to set aside approximately 5–7 hours a week to complete all learning activities, including attending the live sessions.
Please note you can log in to your course for up to two weeks after the course ends. You’ll no longer be able to access course materials after this time.
One business day before the course start date, we’ll email you step-by-step instructions for accessing your course.