icon-carat-right menu search cmu-wordmark

Cybersecurity Oversight for the Business Executive

This course examines the dynamic intersection of business and technology over the course of an immersive 2-days. Targeted towards today's business executive, the courseware explores the pressing reality that cybersecurity is a business imperative and an enterprise-wide risk that spans all operations. The course provides background and context regarding today's security challenges, effectively governing the organization, board level support and function, and related activities. It describes essential practices and processes for successful and resilient cybersecurity oversight with a focus on how to effectively manage, lead, and mature an enterprise-wide cybersecurity program over time. The courseware is specifically designed and taught by cybersecurity experts responsible for advising and leading Fortune 500 businesses, the federal government, and defending complex environments across multiple industries.

The course is beneficial to executives and business leaders new to cybersecurity oversight as it provides a strong foundation for the role cyber oversight and governance play in defending the organization and the types of activities that are vital to doing so. It is also beneficial to board members and those already involved with enterprise security operations by providing opportunities to benchmark existing processes to identify the potential for improvement. Topics covered include the role of the Board and Chief Information Security Officer ("CISO") within the organization, the type of positions and skills needed, various organizational models for implementing a cybersecurity governance program, key considerations for administrative, physical, and technical safeguards, and methods for assessing and measuring effectiveness. Emerging issues to take into account such as cyber liability insurance and crisis communication will also be discussed.

Overall, the course provides an approach for managing cybersecurity as a business imperative - providing executive leaders with an understanding of essential governance and management considerations as they relate to implementing and sustaining a defensible cybersecurity strategy.

Audience

Individuals

  • Executive leaders tasked with defending the organization
  • Board members and aspiring directors looking to sharpen their cybersecurity acumen
  • Coordinating or interfacing with the CISO and/or board
  • Those that assess cybersecurity program effectiveness

The course is also beneficial for staff

  • Who are building, benchmarking, or looking to improve their cybersecurity oversight processes
  • Who are C-level executives (CIOs, COs, CISOs, CRO, etc.) and want to better understand cybersecurity oversight and improvements

Objectives

At the end of this course the attendee should be able to

  • identify key components essential to cybersecurity oversight
  • identify key frameworks for governing and defending the organization
  • explain cybersecurity considerations pertinent for the board
  • describe different methods for assessment and measure

Topics

  • Cybersecurity Oversight for Executives
  • Overview of Cybersecurity Leadership
  • Effective Security Structure and Operations
  • Cybersecurity Oversight for Directors & the Board
  • Cybersecurity Assessment & Measurement
  • Maintaining Cybersecurity Situational Awareness
  • Summary of Cybersecurity Oversight

Materials

Participants will receive a course notebook and a downloadable copy of course materials.

Prerequisites

This course has no prerequisites.

 

IMPORTANT NOTICE:

Carnegie Mellon University/Software Engineering Institute offices will be closed for winter break, December 21, 2024-January 1, 2025. SEI course registrations received during this period will be confirmed and enrollment completed upon our return on January 2, 2025.

Course Questions?

Email: course-info@sei.cmu.edu
Phone: 412-268-7388

Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials. For more information about SEI training courses, see Registration Terms and Conditions and Confidentiality of Course Records.