IT & Cybersecurity Risk Management («RISK»)
- Developing the information security basics
- Anchoring information security in the management and the board of directors
- Integrating information security requirements in all processes
- Defining the security target
- Ensuring the integration of IT security aspects in business continuity management
Every organization must actively defend its systems. There are simply too many threats, too many potential vulnerabilities and simply not enough resources to provide 100% security. Therefore, risk management is essential. And this is the answer to the question of how an organization can best protect or defend its crown jewels.
Risk management is the fundamental instrument for making well thought-out and targeted defence strategies a reality. One of the challenges here is to identify and evaluate abstract, elusive risks uniformly throughout the organization and to communicate them in the direction of corporate management. Because it is not only up to the management to determine the risk appetite of the organization – remember: 100 percent is unrealistic. It may also be personally liable if a data breach occurs.
- Half day
- Introduction cybersecurity risk management
- What is a cyber security risk?
- Types of risks
- The threat landscape
- The impact of cyber-threats
- Dealing with risks
- Identify risks
- Risk analysis
- Threat mitigation
- Half day
- Risk Management
- Risk management as part of a broader cyber security management approach
- Compliance with cyber security standards
- Risk Management Strategy
- Best practice
Component of the following courses
The knowledge of the participants is strengthened with interactive discussions (in plenary) and group work.
This course is designed for Chief Information Security Officers in small and medium-sized companies, IT managers and CxO functions with an interest in or need for information security.
Activity as security officer or information security officer and practical/professional experience in IT security.