Welcome to the cybersecurity leadership and management course. Cybersecurity leadership and management are two high level competencies required to successfully administer a cybersecurity division that produces the essential level of security, trust, and stability that aligns with the organization strategy, regulatory systems, and operational excellence. Leadership and management are prerequisite expertise for all information security officers. Are you the person that intentionally cultivates and develops your leadership and managerial skills? Then this course is for you. Hi. My name is Cicero Chimbanda. I have over 20 years of experience in information security, risk management, and an instructor. I have my CISM, certified information security manager. I have a CIPM, a certified international program manager. I'm a cybersecurity instructor for college institution. I'm a content author for Infosec Skills Institute, vice president of an investment bank responsible for information security technology and cybersecurity risk management, and also the founder and senior consultant for CVC ventures, a stem development firm. I will be your instructor. For cybersecurity leaders, the challenge of recruiting and retaining the best technical and business professionals are a constant worry. Frost & Sullivan predicts that the growing gap between available qualified cybersecurity professionals and unfulfilled positions will reach 1.8 million by 2022. How do we bridge the gap of leadership in cybersecurity? How can cybersecurity management strategies help predict and prevent cybersecurity attacks by managing risk and adding value to the organization? Questions that will be answered in this course : cybersecurity in general produces more questions than answers, which emphasizes the importance of organizations having effective leadership and management teams. What questions are we going to answer in this course? Section 1, cybersecurity leadership, we're going to answer the question, what is information security governance? Who makes up the senior management in information security governance? What are the benefits of aligning information security to business models? In section 2, we will be answering the question, who receives the information security reports in the organization? What information security goals should be measured? How to implement information security responsibilities. The course breakdown. In this course, we will break down the content into sections. The keyword of alignment; confidentiality, integrity, and availability, the CIA triad, is a model designed to guide policies for information security within the organization. We will talk about security, trust, and stability, which is what we want to align as leaders. Then once we align confidentiality to security, integrity to trust, availability to stability, the end result are organization strategy, regulatory systems, operational excellence, which brings success. In section 2, management, we will be applying the principles of leadership in order to effectively manage cybersecurity programs, and ultimately yield security, trust, stability in the organization. We will follow the following frameworks as a guiding principle to achieve our goal: information security governance, which is ISG. We will talk about the McKinsey 7S framework, which is a business model framework. We will look at the FAIR, factor analysis in information risk, which is an enterprise risk management framework. We'll also look at NIST, the National Institution of Standards in Technology framework. We'll use these as guidelines. The course learning path. For section 1, cybersecurity leadership key objectives, this course is an introduction and an overview to the basic principles of cybersecurity leadership and it integrates. We will focus on the security, trust, and stability, confidentiality, integrity, the CIA triad. Then in course 2, we'll focus on cybersecurity senior management and information security governance. This course objective will describe the make up of the senior management information security governance and it will detail the roles and responsibility. Then in section 3, we will align information security to the business model. This course objective will outline the importance of steps to properly produce security, trust, stability within the cybersecurity strategy while aligning essential elements of the enterprise risk management frameworks using the business models. In section 2, cybersecurity management, we will talk about cybersecurity information communications reporting in the organization. Well, this course transitions the focus from leadership to management. It talks about the optimal reporting relationship between senior managers and information security managers using the McKinsey 7S Change Model and will also highlight communication frameworks. Section 5 or key objective 5, course 5, cybersecurity actionable key risk indicators and information security goals. This course will review the FAIR, factor analysis information risk, and extrapolate actionable key risk indicators and key performance indicators relevant to cybersecurity that will yield security, trust, and stability. In six, we will look at cybersecurity responsibilities into information security programs. This is the final course objective: describing the steps to successfully design, incorporate, and evaluate cybersecurity responsibilities within the organization. I'm looking forward to being your instructor. Thank you. Goodbye.
