This is one of two courses in the UBC Micro-certificate in Cybersecurity Strategy and Risk Management.
This business-oriented course introduces you to cybersecurity concepts, standards and policies. By the end of this course, you’ll have created a cybersecurity policy document for your organization that takes into account key business and technical considerations.
Bring your business and technical stakeholders together, and become your organization’s cybersecurity champion. Cultivate inclusion and diversity through collaboration and effective risk exception policies.
By the end of this course, you’ll be able to:
- cultivate an organization-wide understanding of cybersecurity principles, terms, patterns and approaches
- explain and incorporate the core principles of good cybersecurity hygiene into organizational standards
- evaluate cybersecurity frameworks and generalize key mitigation implementations for your cybersecurity strategy
- create a cybersecurity policy document and develop cybersecurity awareness for your organization.
Week 1: Establishing Cybersecurity Foundations. Start planning your cybersecurity policy or standard by learning and defining common cybersecurity terms, patterns and approaches. Explore the practice of layering different cybersecurity defenses, and understand why a layered approach to cybersecurity is critical for cyber resilience.
Week 2: Reviewing Cybersecurity Hygiene. Understand the business impact of poor cybersecurity hygiene by reviewing data breach and cyber threat scenarios. Create a top five list of cybersecurity risks to target in your cybersecurity policy document.
Week 3: Examining Cybersecurity Standards. Explore popular cybersecurity frameworks and governance programs. Review key framework controls, and align critical implementations to your list of cybersecurity risks in your cybersecurity policy document.
Week 4: Communicating Cybersecurity Expectations. Formalize your cybersecurity policy, and review common strategies for rolling out a cybersecurity strategy organization-wide. Understand how to engage leadership and enlist champions among your colleagues.
While designed with professionals and leaders in mind, this course covers technical as well as strategic concepts that are connected back to business goals and operations.
You have access to optional pre-readings to get you up to speed on technical course content. For those with strong technical backgrounds, the course also includes optional technical deep dives for select cybersecurity standards and their associated controls.
How am I Assessed?
You’re assessed on weekly activities and a cybersecurity policy document you develop in the course that demonstrate your proficiency and achievement of competencies. Your work is assessed using a rubric, and your instructor also provides you specific and actionable feedback.
To take this course, you’ll need access to:
- an email account
- a computer, laptop or tablet under five years old using Windows or Mac OS
- the latest version of a web browser (or previous major version release)
- a reliable internet connection
- a video camera and microphone.
There are no textbooks for this course.
This 100% online instructor-supported course combines self-paced independent study with group discussion and live sessions held Wednesdays from 6pm to 8pm Pacific Time.
Outside of class time, you can access other materials online at your own pace. Each week, review readings, whitepapers and videos. Contribute to an online forum where you apply your learning to discuss different examples of cyber security standards.
Expect to set aside approximately 5-7 hours a week to complete all learning activities, including attending the live sessions.
Please note you can log in to your course for up to two weeks after the course ends. You’ll no longer be able to access course materials after this time.
One business day before the course start date, we’ll email you step-by-step instructions for accessing your course.