Skip to main content

Cybersecurity Risk Management

Provided by Rochester Institute of Technology (RITx)
10–12 hours
per week, for 8 weeks
Free

$150 USD for graded exams and assignments, plus a certificate

Learn key principles of risk analysis, risk assessment and risk mitigation for information security using both qualitative and quantitative methodologies.

Start Date:

Before you start

Successful completion of CYBER501x Cybersecurity Fundamentals
Course opens: Aug 6, 2019
Course ends: Oct 1, 2019

What you will learn

  • Information security risk management framework and methodologies
  • Identifying and modeling information security risks
  • Qualitative and quantitative risk assessment methods
  • Articulating information security risks as business consequences
Week 1: Evolution of Information Security
Week 2: Risk Management Process, Framework and Life Cycle
Week 3: Quantitative versus Qualitative Risk Assessment
Week 4: Defining Information Security Metrics
Week 5: Analysis Techniques
Week 6: Automating Metrics Calculations and Tools
Weeks 7 & 8: Industry case studies

Overview

Cybersecurity risk management guides a growing number of IT decisions. Cybersecurity risks continue to have critical impacts on overall IT risk modeling, assessment and mitigation.

In this course, you will learn about the general information security risk management framework and its practices and how to identify and model information security risks and apply both qualitative and quantitative risk assessment methods. Understanding this framework will enable you to articulate the business consequences of identified information security risks. These skills are essential for any successful information security professional.

The goal of this course is to teach students the risk management framework with both qualitative and quantitative assessment methods that concentrate on the information security (IS) aspect of IT risks. The relationship between the IT risk and business value will be discussed through several industry case studies.

First, you will learn about the principles of risk management and its three key elements: risk analysis, risk assessment and risk mitigation. You will learn to identify information security related threats, vulnerability, determine the risk level, define controls and safeguards, and conduct cost-benefit analysis or business impact analysis.

Second, we will introduce the qualitative and quantitative frameworks and discuss the differences between these two frameworks. You will learn the details of how to apply these frameworks in assessing information security risk.

Third, we will extend the quantitative framework with data mining and machine learning approaches that are applicable for data-driven risk analytics. You will explore the intersection of information security, big data and artificial intelligence.

Finally, you will analyze a series of extended case studies, which will help you to comprehend and generalize the principles, frameworks and analytical methods in actual examples.

This offering is part of the RITx Cybersecurity MicroMasters Program that prepares students to enter and advance in the field of computing security.

Meet your instructors

Tong Sun
Adjunct Professor, Computing Security
RIT

Who can take this course?

Unfortunately, learners from one or more of the following countries or regions will not be able to register for this course: Iran, Cuba and the Crimea region of Ukraine. While edX has sought licenses from the U.S. Office of Foreign Assets Control (OFAC) to offer our courses to learners in these countries and regions, the licenses we have received are not broad enough to allow us to offer this course in all locations. EdX truly regrets that U.S. sanctions prevent us from offering all of our courses to everyone, no matter where they live.

View Courses
This course is part of:

Earn a MicroMasters® Program Certificate in 1 year if courses are taken one at a time.

View the program
  1. 80–96 hours of effort

    Learn cybersecurity fundamentals, including how to detect threats, protect systems and networks, and anticipate potential cyber attacks.

  2. 80–96 hours of effort

    Learn the process, techniques and tools for performing a digital forensics investigation to obtain data related to computer crimes.

  3. Cybersecurity Risk Management
  4. 80–96 hours of effort

    Learn the process of network security, including intrusion detection, evidence collection, network auditing, and contingency planning against attacks.

  5. 80–96 hours of effort

    Demonstrate the knowledge and skills acquired in the Cybersecurity MicroMasters Program.

Get started in computer science

Browse over 600 computer science courses
Of all edX learners:
73% are employed
Of all edX learners:
45% have children
Based on internal survey results
432,052 people are learning on edX today