Security Management and Governance

This course is part of Cyber Security – Technology and Governance Specialization

Instructor: Andrew Dwyer

Sponsored by Louisiana Workforce Commission

4 modules

Gain insight into a topic and learn the fundamentals.

4.8

(27 reviews)

Beginner level

No prior experience required

20 hours to complete

3 weeks at 6 hours a week

Flexible schedule

Learn at your own pace

4 modules

Gain insight into a topic and learn the fundamentals.

4.8

(27 reviews)

Beginner level

No prior experience required

20 hours to complete

3 weeks at 6 hours a week

Flexible schedule

Learn at your own pace

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

4 assignments

Taught in English

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

Build your subject-matter expertise

This course is part of the Cyber Security – Technology and Governance Specialization

When you enroll in this course, you'll also be enrolled in this Specialization.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV

Share it on social media and in your performance review

There are 4 modules in this course

In this course you will look at some of the key components of practical cyber security management and its governance. This includes what happens when things go wrong, understanding how organisations can respond to incidents, through to the essential role of people in achieving better cyber security outcomes. Together, you will examine how incident management, cyber resilience, and developing an effective appreciation of people, not simply as users but as active participants, can enable better cyber security outcomes.

The topics covered include: • Identifying what an incident is • Incident preparation, planning, and response • Cyber resilience • The role of people in security management • The building of trust and developing positive cyber security cultures By completing this course, you will learn how to integrate incident management and a rich knowledge of people into a real-world Information Security Management System for an organisation.

In the first week, we will obtain an overview of the course and, in particular, get an overview how security management can be used to address and respond to security incidents through a range of techniques. This includes engaging with ISO/IEC 27035 to develop a pragmatic response to risk management.

What's included

7 videos7 readings1 assignment2 discussion prompts

7 videosTotal 62 minutes

Introduction to Security Management and Governance9 minutesPreview module
Introduction to incident management and response5 minutes
When things go wrong11 minutes
Incident management 13 minutes
Planning for failure9 minutes
Developing resilience9 minutes
Week 1 summary4 minutes

7 readingsTotal 220 minutes

Course syllabus10 minutes
Starting your studies20 minutes
Study journal reflection – expectations40 minutes
Principles of good peer feedback in peer review assignment10 minutes
Incident response20 minutes
US National Institute of Standards and Technology’s (NIST) 800-6160 minutes
Incident management planning60 minutes

1 assignmentTotal 15 minutes

End of week 1 quiz15 minutes

2 discussion promptsTotal 60 minutes

Getting to know each other30 minutes
The standard processes of incident planning30 minutes

This week you will learn how to identify and prioritise incidents, their planning and preparation, responding to incidents as well as learning and assessing from (inevitable) incidents that organisations encounter.

What's included

7 videos3 readings1 assignment1 discussion prompt

7 videosTotal 56 minutes

Week 2 introduction5 minutesPreview module
Identifying an incident 9 minutes
Incident response teams13 minutes
Incident response actions6 minutes
Reporting incidents8 minutes
How to learn lessons from incidents8 minutes
Week 2 summary4 minutes

3 readingsTotal 180 minutes

Activity: Information sharing partnerships60 minutes
Security incident management60 minutes
Lessons learned from an information security incident60 minutes

1 assignmentTotal 15 minutes

End of week 2 Quiz15 minutes

1 discussion promptTotal 30 minutes

Digital forensics30 minutes

This week is concerned about the integration of different people and communities into security management.

What's included

7 videos2 readings1 assignment2 discussion prompts

7 videosTotal 47 minutes

Introduction to People and Cyber Security5 minutesPreview module
Surely, we know who people are? 9 minutes
Who and what are we seeking to secure? 7 minutes
Developing Management Strategies for People 7 minutes
Vetting and Contracting6 minutes
Developing awareness and ‘Good’ practice7 minutes
Week 3 summary4 minutes

2 readingsTotal 120 minutes

Walking the line: The everyday security ties that bind60 minutes
Procedural and people security controls60 minutes

1 assignmentTotal 15 minutes

End of week 3 Quiz15 minutes

2 discussion promptsTotal 60 minutes

The concept of positive and negative security30 minutes
People management security controls 30 minutes

In this week you will learn about a range of components ranging from trust to security awareness training to demonstrate why the management of people is a core element to a successful information security management system. The week concludes by asking what people-centric security might enable for an organisation and how such a change of perspective can be beneficial to security management.

What's included

7 videos3 readings1 assignment1 peer review1 discussion prompt

7 videosTotal 53 minutes

Week 4 introduction5 minutesPreview module
Why is trust important? 11 minutes
A trusting organisation 7 minutes
A security management ecosystem 8 minutes
How does security management change from a people-orientated perspective? 7 minutes
Aren’t people just really annoying? 8 minutes
Week 4 summary4 minutes