Project Description

Cybersecurity Governance and Risk Management for IT Professionals

  • Duration: 20 Hours

  • Level : Intermediate

  • Location : MCCI Business School

  • Price: Rs 30,000


About this course

IT administrators, IT managers, CIOs, and CISOs play critical roles in protecting an organization’s information systems and data. They have privileged access to sensitive information and critical systems, making them high-value targets for cybercriminals. Cybersecurity training is essential for these individuals to understand the latest cybersecurity threats, risks, and best practices for protecting their organization from cyber-attacks.


The objective of this course is to equip Information Technology / Information Security participants with the right knowledge to protect the confidentiality, integrity and availability of both information and non-information assets.

Course Content

Part 1: The new cybersecurity landscape
  • The most targeted industries by cyber criminals
  • Threat actors affecting different sectors
  • The increasingly decentralized organization
  • The evolving cybercrime landscape affecting PII
Part 2: Cybersecurity Governance and Compliance
  • The roles and responsibilities of executive leadership in Cybersecurity Governance
  • How to strategically align cybersecurity with corporate goals?
  • Complying with various cybersecurity and data privacy regulations and standards
Part 3: Greatest threats to the organization in 2023
  • Increase in malware attack sophistication
  • Rise in spear phishing, whaling, smishing, vishing attacks
  • Business Email Compromise attacks
Part 4: A review of cybersecurity and data privacy objectives
  • Protecting Confidentiality, Integrity and Availability of data
  • Cybersecurity requirements for Personally Identifiable Information
  • Important concepts in cybersecurity – Encryption, Digital signature, Public Key Cryptography
Part 5: Information Security Risk Management
  • Components of cyber risk – Threat, Vulnerability, Impact
  • Identifying, evaluating, ranking and prioritizing cyber risks
  • Adapting your information security program to your enterprise cybersecurity risk appetite
Part 6: Industry best practices to secure the organization
  • Identify, classify, maintain information and non-information assets
  • Select and implement appropriate controls to protecting CIA of your assets
  • Maintaining continuous improvement continuous programs – Vulnerability assessment, Penetration Testing, Business Impact Analysis, Disaster Recovery, Data Privacy Impact Assessment
Part 7: The anatomy of a cyberattack
  • Learn about the different phases involved in a cyber attack
  • The reconnaissance phase – passive and active reconnaissance.
  • Weaponization and delivery of infected payloads
  • Exploitation and Installation of payload phase
  • Data exfiltration and action on objectives