It is impossible to predict when cybersecurity incidents happen, but managers can decide how prepared their business will be when they do. Beyond the technical aspects of cybersecurity, there are also many managerial and organisational issues that have to be addressed and carefully managed. These include internal and external communication, critical incident responses, and installing or refining a security framework with the appropriate controls to prevent future incidents. This course will cover the contemporary practices in cybersecurity management so that students are equipped with an understanding of how to manage and respond to these issues, as well as the short- to long-term implications of cybersecurity incidents.
Along with becoming familiar with concepts and frameworks that are grounded in data on actual attacks launched against businesses, students will learn how to formulate and prioritise measures that (1) prevent/reduce the impact of cybersecurity attacks, (2) prepare for an array of different attacks, and (3) enable the early detection of attacks. Students will also be exposed to methods for implementing automated controls in a cost-efficient and effective manner. This course is designed to facilitate the effective management of, and response to, a wide range of cybersecurity incidents, but the principles, practices, and recommendations covered may apply more broadly to a range of critical and adverse situations such as crises and natural disasters.
