EU-iNSPIRE

Menu

Cybersecurity Governance

──

Cybersecurity Governance

This course provides students with a comprehensive understanding of the principles and practices that underpin effective cybersecurity governance within organisations.

Main Topics
  • Cybersecurity concepts
  • Data Protection, GDPR and DPIA
  • The CISO Role
  • Cyber Readiness
  • Cybersecurity Risk Management and Assessment
  • Regulation and Compliance
  • Cyber Ops and Cyber Warfare

The General Competences that students should have acquired include:

  • Decision-making
  • Human skills
  • Management skills
  • Team-work
  • Working in an interdisciplinary environment

Based on the above, upon completion of the course, students are expected to be able to:

  •  Map legal, regulatory and standards requirements (GDPR, NIS 2,
    CER, DORA, ISO/IEC 27001, NIST CSF) to enterprise ISMSs and control
    frameworks.
  • Develop risk-appetite
    statements and align security metrics with business KPIs.
  • Lead Board-level briefings and
    craft C-suite decision-support materials.
  • Conduct cyber risk assessments
    and DPIA (Data-Protection Impact Assessment), and integrate findings into
    enterprise GRC processes.
  • Build security-culture roadmaps
    including SETA and metrics for behavior change.

After completing this course, students will:

  • have knowledge of the principles of cybersecurity and risk management
  • have knowledge of the role of cybersecurity and risk management in organizations
  • have knowledge of relevant laws, standards and frameworks for cybersecurity and privacy
  • have knowledge of the responsibilities of top-level management wrt. cybersecurity
  • have knowledge about security culture
  • be able to establish and operate an ISMS (Information Security Management System)
  • be able to conduct threat and risk assessment for cybersecurity
  • be able to conduct DPIA (Data Protection Impact Assessment)
  • be able to judge the appropriateness of security controls for reducing security risks

Students will be able to:

  • Take full accountability for enterprise cybersecurity strategy and resource prioritization.
  • Orchestrate multi-stakeholder cyber governance fora and balance interests between legal, IT and business units.
  • Evaluate third-party and supply-chain risks and enforce contractual security obligations.
  • Champion continuous-improvement and maturity-model progression (e.g., CMMI, CSF Tiers, C2M2).
  • Represent the organization wrt. cybersecurity in external audits, regulators’ enquiries and industry-wide initiatives.