Overview
The significant rise in information technology, along with growing threats to data and information security, has heightened awareness of the dangers posed by hackers. These threats affect not only individuals but also businesses, governments, and various organizations that share information over public networks, such as the internet. This situation highlights the importance of vigilance and proactive measures in our increasingly interconnected world. Consequently, cybersecurity has become a fundamental aspect of organizational strategy and risk management in today’s digital environment.
Besides, in the algorithm-driven world we live in, managing privacy concerns has become a vital function for organizations seeking to safeguard their operations and maintain business continuity, as a significant percentage of people are concerned about the data collected about them. Scholars have argued that perceptions of privacy risk and control are intricately related to distrust in organizations. Companies should take appropriate actions to address these issues.
This course aims to equip Executive MBA students with a comprehensive understanding of cybersecurity and privacy concepts, principles, frameworks, and strategies, providing them with the practical skills necessary to assess risks, establish effective governance structures, and develop strategies to safeguard critical assets across various sectors. More specifically, the course will guide you through implementing effective multi-layered defense strategies, such as Zero Trust Architecture and the principle of least privilege, while also introducing you to industry-leading frameworks, including NIST CSF 2.0 and ISO 27001, to support continuous improvement and resilience. You will discover how to foster a strong cybersecurity culture by embracing leadership best practices, instilling secure behaviors, and training employees to resist emerging digital manipulations like deepfakes. Participants will learn how cybersecurity has evolved from a technical concern to a fundamental business enabler, and why leadership is directly responsible for managing privacy and information security risks.
Outline
This course is divided into 10 themes or lessons for the 10-week period:
- Theme 1: Understand the fundamental concepts and principles of cybersecurity and privacy
- Theme 2: Information security threats and attacks
- Theme 3: Cybersecurity insider threats
- Theme 4: Information security and risk management
- Theme 5: Cybersecurity strategy
- Theme 6: Fostering cybersecurity culture
- Theme 7: Access controls
- Theme 8: Cybersecurity policy
- Theme 9: Incident response and recovery plan
- Theme 10: Budgeting and compliance
Learning outcomes
By the end of this course, students should be able to:
- Identify cybersecurity threats and vulnerabilities
- Conduct risk assessments using industry tools.
- Develop cybersecurity and privacy policies and incident response plans.
- Promote a culture of cybersecurity and privacy awareness.
Evaluation
Your grade will be based on the successful completion of:
| Activity | Weight |
| Participation in Discussions “Think Tank participation” | 40% |
| Assignment part #1 | 15% |
| Assignment part #2 | 20% |
| Assignment part #3 | 25% |
| Total | 100% |
To receive a passing grade in this course, you must meet these minimum standards:
- Receive a minimum of 60% on the participation component (e., provide names of applications where participation needed)
- receive an average grade of 60% overall course compone
Materials
Digital course materials
Links to the following course materials will be made available in the course:
M. Whitman and H. Mattord, Principles of Information Security, 7th Edition, Course Technology, 2017, ISBN-10: 1337102067, ISBN-13: 9781337102063
- Recommended Textbook: Joseph Migga Kizza, Ethical and Social Issues in the Information Age, Fifth Edition, 2013, ISBN 978-1-4471-4989-.
- Journal articles and other relevant sources
- All other course materials will be accessed online.