Cybersecurity Compliance and Framework

Cyberthreats present a constant challenge today, costing billions and affecting everyone, from governments to small businesses. Are you ready to contribute to the solution?

This course will provide you with a deep understanding of cybersecurity principles, industry standards, regulations, and audit processes. You will explore the fundamental concepts of information security and compliance, covering topics such as governance, risk, compliance, cybersecurity frameworks, and process management.

You will also learn about IT service management and explore the NIST Risk Management Framework and artificial intelligence (AI) ethical considerations. You will gain insights into cybersecurity laws and regulations, focusing on both US and global perspectives, including HIPPA, GDPR, and PCI DSS. Additionally, you will familiarize yourself with the audit processes using the COBIT framework and SOC reports. You will also explore prominent standards such as OWASP, ISO, and IEEE, learning how to apply them effectively.

Throughout this five-module self-paced course, you will engage in interactive activities to apply your knowledge in real-world scenarios. You will also complete a final project to test your skills and showcase your understanding.

Module 1: Introduction to Information Security and Compliance

• Module Introduction and Learning Objectives
• Video: Governance, Risk, and Compliance (GRC)
• Video: Governance Components
• Reading: GRC Tools
• (Lab) Match Activity: Applying GRC Concepts
• Video: NIST Cybersecurity Framework
• Reading: Aligning to the NIST Cybersecurity Framework
• Activity: Align to the NIST Cybersecurity Framework
• Video: Elements of Effective Security Compliance
• Video: Standardize Processes
• Video: Automation and Orchestration
• Video: Change Management
• Reading: Asset Management
• Module 1 Summary: Introduction to Information Security and Compliance
• Module 1 Glossary: Introduction to Information Security and Compliance
• Module 1 Graded Quiz: Introduction to Information Security and Compliance
• Discussion Prompt: (Optional) CSF Implementation

Module 2: Foundations of IT Service Management and Risk Governance

• Module Introduction and Learning Objectives
• Video: Information Technology Infrastructure Library (ITIL) Overview
• Video: Key ITIL Processes
• Activity: Identify the ITIL Phases
• Reading: ITIL Process Implementation
• Video: Risk Management
• Reading: Risk Analysis
• (Lab) Matching: Accept, Transfer, Avoid, or Mitigate?
• Video: Third-Party Risk Assessment and Management
• Video: AI Ethics
• Reading: EU AI Act
• Video: How to Implement AI Ethics
• Activity: Apply AI Ethics
• Module 2 Summary: Foundations of IT Service Management and Risk Governance
• Module 2 Glossary: Foundations of IT Service Management and Risk Governance
• Module 2 Graded Quiz: Foundations of IT Service Management and Risk Governance
• Discussion Prompt:(Optional) Foundations of IT Service Management and Risk Governance

Module 3: Understanding Cybersecurity Laws and Regulations

• Module Introduction and Learning Objectives
• Video: Overview of US Cybersecurity Laws and Regulations
• Video: HIPAA Security Rule
• Reading: HIPAA Cybersecurity Guidance
• Activity: Apply HIPAA Guidelines
• Reading: US Laws and Regulations Cheat Sheet
• Video: Overview of Global Cybersecurity Laws and Regulations
• Reading: Applying Global Cybersecurity Laws and Regulations
• Activity: Apply global cybersecurity laws and regulations
• Reading: Global Cybersecurity Laws and Regulations Cheat Sheet
• Module 3 Summary: Understanding Cybersecurity Laws and Regulations
• Module 3 Glossary: Understanding Cybersecurity Laws and Regulations
• Module 3 Graded Quiz: Understanding Cybersecurity Laws and Regulations
• Discussion Prompt: (Optional) Cybersecurity Laws

Module 4: Understanding Cybersecurity Standards and Audits

• Module Introduction and Learning Objectives
• Video: Industry Standards
• Reading: OWASP Use Cases
• Activity: Apply OWASP Standards
• Video: NIST, ISO, and IEEE Overview
• Reading: NIST Standards
• Reading: ISO Standards
• Reading: IEEE Standards
• Video: Security Control Audits
• Video: Performing a Security Audit
• Video: ISACA Standards
• Reading: COBIT
• Video: SOC Reports
• Module 4 Summary: Understanding Cybersecurity Standards and Audits
• Module 4 Glossary: Understanding Cybersecurity Standards and Audits
• Module 4 Graded Quiz: Understanding Cybersecurity Standards and Audits
• Discussion Prompt: (Optional) Conducting Security Audits
• Module Introduction and Learning Objectives
• Final Project Overview
• Final Project Scenarios
• Final Project

Module 5: Course summary

• Congratulations & Next Steps
• Thanks from the Course Team