Z – Cyber Risk Management 2021

Cyber Risk Management

June 1 – June 29

Course Description

This course provides a survey of different tools and techniques for assessing and addressing online risks in an organization including threat modeling, security metrics and budgeting, incident response and remediation, legal compliance, and cyber-insurance.

Through case studies of real companies and cybersecurity incidents, students will learn how to identify potential cyber threats to an organization, address related supply chain and procurement risks, develop qualitative and quantitative metrics for assessing cybersecurity, establish a policy for responding to law enforcement requests for data, use international security standards and frameworks, negotiate insurance coverage for cyber risks, and incorporate cloud-based services and other third-party IT vendors into a comprehensive cyber risk management plan for a multinational organization.

The organizational risks discussed will include data breaches, online financial fraud, industrial espionage, social engineering, denial-of-service attacks, cloud provider outages, and online extortion.

The course is designed for international affairs professionals from the public, private and non-profit sectors, either with some background in tech or who are interested in learning more about IT and technical risks. No technical experience is required.

Skills & Professional Benefits

Learn to apply existing frameworks and cybersecurity standards to organizational settings.

Perform threat modeling and cyber risk assessment projects.

Acquire the skills to craft cyber incident response plans and risk sharing strategies.

Expand your network of professionals in cybersecurity and risk management.

Certificate of completion awarded.

Course Fee: $960 | Fletcher and Tufts Alumni: $720

Josephine Wolff

Assistant Professor of Cybersecurity Policy

Wolff joined the faculty of The Fletcher School in 2019. Her research interests include international Internet governance, cyber-insurance, security responsibilities and liability of online intermediaries, government-funded programs for cybersecurity education and workforce development, and the legal, political, and economic consequences of cybersecurity incidents. Her book “You’ll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches” was published by MIT Press in 2018. See her full bio here.

Live Sessions

Session 1: Organizational threat modeling and risk assessment techniques

Date: June 1, 2021 | Time: 8:00 AM – 10:00 AM ET

Session 2: Budgeting and metrics for cybersecurity

Date: June 8, 2021 | Time: 8:00 AM – 10:00 AM ET

Session 3: Supply chain cybersecurity risks

Date: June 15, 2021 | Time: 8:00 AM – 10:00 AM ET

Session 4: Cyber-insurance and other techniques for cyber risk sharing

Date: June 22, 2021 | Time: 8:00 AM – 10:00 AM ET

Session 5: Incident response and mitigation

Date: June 29, 2021 | Time: 8:00 AM – 10:00 AM ET