Cybersecurity Governance and Management Deep-dive

Volledige vakbeschrijving

This course focuses on the practices and processes of cybersecurity management and governance and provides the students with practical guidance on what the management of cybersecurity involves. It further offers an overview of Information Security Management Systems, focusing on what an information security management system is and why it is so important in developing a security plan for protecting systems and data. In this context, standards such as the ISMS frameworks such as ISO 27001, COBIT, NIST 800 will be addressed. Next to this, the element of risk management is elaborated on and put in context by addressing what cybersecurity risk management is and by giving an overview of what risk management is about, how to manage risk, why risk management is important. Here, an overview of the different risk management frameworks, ISO 27005, Octave, FAIR, etc. will be provided. Lastly, the concepts of security metrics and security key performance indicators will be introduced.