Overview
Cyber threats present a constant challenge today, costing billions and affecting everyone, from governments to small businesses. Are you ready to contribute to the solution?
This course will provide you with a deep understanding of cybersecurity principles, industry standards, regulations, and audit processes. You will explore the fundamental concepts of information security and compliance, covering topics such as governance, risk, compliance, cybersecurity frameworks, and process management.
You will also learn about IT service management and explore the NIST risk management framework and AI ethical considerations. You will gain insights into cybersecurity laws and regulations, focusing on both US and global perspectives, including HIPPA, GDPR, and PCI DSS. Additionally, you will familiarize yourself with the audit processes using the COBIT framework and SOC reports. You will also explore prominent standards such as OWASP, ISO, and IEEE, learning how to apply them effectively.
Throughout this five-module self-paced course, you will engage in interactive activities to apply your knowledge in real-world scenarios. You will also complete a final project to test your skills and showcase your understanding.
Join us on this cybersecurity journey!
Syllabus
- Introduction to Information Security and Compliance
- Information security and compliance are essential aspects for organizations that want to protect their sensitive data and adhere to regulations. This module provides a comprehensive overview of the guidelines, practices, policies, and technologies involved in safeguarding digital assets. First, you’ll be introduced to the Governance, Risk, and Compliance (GRC) strategy and tools. Then, you’ll learn about the NIST Cybersecurity Framework or CSF 2.0, which guides organizations in managing cybersecurity risks. You’ll also gain insights into CSF components, functions, and tier levels. Further, you are going to learn about security compliance that helps organizations protect their data, assets, and reputation, as well as about the repercussions of non-compliance with laws, regulations, or industry standards. You will also gain knowledge regarding the use of standardized processes in an organization that allows for a centralized structure and the concepts of automation and orchestration, which are essential to cybersecurity, streamlining processes, and reducing manual intervention. Finally, you learned about change management, which helps you adapt to new technologies and regulations.
- Foundations of IT Service Management and Risk GovernanceÂ
- This module offers a comprehensive introduction to IT service management (ITSM), risk management, and ethical considerations in artificial intelligence (AI). Participants will explore key frameworks and processes essential for effective IT service delivery, risk mitigation, and ethical AI implementation. Through a combination of videos, readings, activities, and quizzes, participants will gain practical insights into ITIL, risk management frameworks, and AI ethics.
- Understanding Cybersecurity Laws and RegulationsÂ
- This module provides an in-depth exploration of cybersecurity laws and regulations, focusing on both US and global perspectives. Participants will gain insights into key legislations such as HIPAA, GDPR, and PCI DSS and learn how to ensure compliance with these regulations. Through a combination of videos, readings, activities, and quizzes, participants will develop a comprehensive understanding of legal frameworks governing cybersecurity.
- Understanding Cybersecurity Standards and AuditsÂ
- This module delves into the landscape of cybersecurity standards and audits, providing participants with a comprehensive understanding of industry standards and audit processes. Participants will explore prominent standards such as OWASP, NIST, ISO, and IEEE and learn how to apply them effectively. Additionally, the course covers security control audits, COBIT framework, and SOC reports to ensure participants grasp the auditing process. Through videos, readings, activities, and quizzes, participants will gain practical knowledge to enhance cybersecurity practices.
- Final Project
- In this module, you will complete a final project where you will have an opportunity to demonstrate your understanding of Cybersecurity Frameworks, Risk Management, and Standards and Regulations.
Taught by
IBM Skills Network Team and Dee Dee Collette