In our volatile digital world, the cyber threats you don’t know about are the most dangerous ones there are. Cybersecurity Foundations and Frameworks teaches you to assess where your organization sits amid the cyber threat landscape and to identify risks, threats and vulnerabilities associated with your industry. Through practical learning scenarios rooted in real-world examples, this cybersecurity course teaches you to prioritize the most effective elements of security frameworks for your organization and to manage cybersecurity frameworks within the context of industry compliance regulations.
No Mandatory Login Times
4-6 Hours of Work per Module
"You’re not sure if the hooded hacker goblins actually exist, but you’ve read about too many breaches in recent years to dismiss them entirely. This course will help you separate fact from fiction."
Examine the historical and contemporary evolution of cybersecurity. Differentiate between the types of risks and threats associated with various organizations and industries. Identify the key characteristics of internet of things (IoT) devices and discuss how the scope of risk your business faces is impacted by IoT. Assess the need for increased cybersecurity to protect data and assets and describe how you would respond to a security threat.
Evaluate your existing knowledge regarding the types of cyber attacks. Define how attackers infiltrate and weaken common security systems and technologies. Analyze the risk of attacks in the day-to-day operations of various organizations and industries. Differentiate among different cyber attacks and their characteristics.
Critique poor security measures and the potential consequences of unsecured and unprotected data. List and define the ingredients of strong security measures, including people, processes and technology. Differentiate between the types of security roles and functions and where they live in the IT space. Define and explain how prevention and detection relate to security functions.
Identify each stage of the attack life cycle. List the key signs and symptoms of a cyber attack using your knowledge of the types of cyber threats. Assess the tactics, techniques and procedures (TTPs) of cyber attackers and threats. Match the different stages of the attack life cycle to attacker behaviors. Discuss how to detect a cyber attack occurrence based on the attack life cycle.
Determine the threat landscape across different organizations and industries. Adopt the mindset of an attacker through a scenario-based role-playing activity. Analyze attacker decisions, goals and challenges in determining victims and attacker methods. Predict which organizational assets are most valuable to attackers.
Organize the NIST Cybersecurity Framework and its functions. Discern how the Federal Financial Institutions Examination Council (FFIEC) is built upon NIST. Identify and prioritize functions inside the security framework that are most critical and relevant to your industry. Facilitate improvements or changes to security based on the NIST Cybersecurity Framework. Match the NIST Cybersecurity Framework functions to their requirements and associated components. Apply the NIST Cybersecurity Framework to help strengthen general security infrastructure in a scenario.
Review how confidentiality has been a focus of cybersecurity legal frameworks. Name ways that cybersecurity laws are used to protect individual privacy and national security. List the steps you would take to minimize risks of a breach on private and confidential personal records. Determine which laws apply to security and confidentiality situations. Discuss the legal repercussions for and responsibilities of organizations in the event of a data breach.
Apply knowledge of your organization to assess security gaps and vulnerabilities. Summarize the main types of risks associated with your industry and the strategies for mitigating them. List defensive measures you can take for responding to a cyber incident. Develop a strategy for inventorying your company's technologies and digital assets. Discuss why organizations should prioritize cybersecurity and measures to prevent and detect threats.
Learn cloud security strategies and tips for securing data and digital assets during cloud deployment. Enroll in Cloud Security from EmergingEd.
Learn key cybersecurity training strategies and develop an effective incident response plan. Enroll in Cybersecurity Risks and Industry from EmergingEd.
Learn to protect against real cybersecurity threats, including FIN 7 attacks, in this applied course. Enroll in Cybersecurity Cases from EmergingEd.
Learn the cyber threat landscape basics with this introductory cybersecurity course. Enroll in Cybersecurity Foundations and Frameworks from EmergingEd.
Learn about security information and event management (SEIM), traffic light protocol (TLP) and more. Enroll in Cyber Threat Intelligence from EmergingEd.
Jeffrey Groman, founder of Groman Consulting Group, is dedicated to helping organizations identify and resolve their greatest cybersecurity risks. Mr. Groman has worked in the security field for more than 20 years. As a cybersecurity consultant, he has guided major corporations, including banks, insurance companies and software providers through risk prevention and rapid response to incidents and security breaches.
Mr. Groman is certified in forensic analysis and application security, and previously worked with Mandiant Security Consulting Services and FireEye, providing strategic and incident response consulting to security teams and educating executives through delivery of SOC assessments. In these roles, Mr. Groman led a team of consultants and functional experts in working with a wide range of clients across multiple verticals, including NYC Health and Hospitals, Blue Cross Blue Shield Association, Ameriprise Financial, American Express, Ally, Huntington National Bank, Eaton, Caterpillar, DST Systems, Sprint and TransAmerica.
Mr. Groman is passionate about cybersecurity and partnering with clients to find solutions to complex issues. His book “Avoid These 11 Pitfalls and Minimize the Pain of Your Next Data Breach” is designed to help organizations learn from his decades of real-world experience. He has presented at Information Systems Security Association (ISSA) International, NetSecure, and Infragard conferences; briefed boards of directors; conducted tabletop exercises and workshops; and helped clients build security processes to be better prepared for the inevitable.
Mr. Groman has a BS in Electrical and Computer Engineering from the University of Colorado, Boulder.