Description
Executive Cyber Leadership is an elite way to demonstrate your knowledge and become a member of a community of cybersecurity leaders. It shows you have all it takes to design, engineer, implement and run an information security program.
Security / Managerial
This course fulfills NICE/NICCS Roles of:
- Executive Cyber Leadership – OV-EXL-001
- Cyber Policy and Strategy Planner OV-SPP-002
As a leader in the organization, the student must lead portions of the class to build skills in management. When students lead a group of people who do not report to them or are not paid by them, this sharpens management skills.
We expect every student to learn the knowledge, skills, and abilities necessary to develop and support an enterprise security program.
- Identify and use computer networking concepts and protocols, and network security methodologies.
- Understand risk management processes.
- Execute secure network leadership principles.
- Distinguish and differentiate cyber threats and vulnerabilities.
- Manage a team of three for two years
- Perform team member evaluations
- Write and/or review vendor contracts, statements of work, or memorandums of understanding
- Build an information security risk management program and convey it through governance and policy.
- Applying secured design principles for communication to network security.
- Performing asset management security through classification program.
- Designing cyber security metrics programs through assessment and testing.
- Managing and maintaining identity access management in the enterprise and the cloud.
- Architecting and engineering cyber security controls that adequately mitigate threats.
- Enhancing security operations through continuity, physical controls, and personal life safety.
- Securing the software development lifecycle in the enterprise.
- Determine the validity of technology trend data.
- Develop policy, plans, and strategy in compliance in support of organizational cyber activities.
- Apply critical reading/thinking skills.
- Exercise judgment when policies are not well-defined.
- Interpret and apply laws, regulations, and policies relevant to organization cyber objectives.
- Tailor technical and planning information to a customer’s level of understanding.
- Prioritize and allocate cybersecurity resources correctly and efficiently.
- Relate strategy, business, and technology in the context of organizational dynamics.
- Understand issues related to organization processes and problem solving.
- Understand the basic concepts and issues related to cyber and its organizational impact.
- Ensure security management processes are integrated with planning processes.
- Computer networking concepts and protocols, and network security methodologies.
- Risk management processes.
- Cybersecurity and privacy principles.
- Cyber threats and vulnerabilities.
- Specific operational impacts of cybersecurity lapses.
- Application vulnerabilities.
- System and application security threats and vulnerabilities.
- The nature and function of the relevant information structure.
- The organization’s core business/mission processes.
- Emerging security issues, risks, and vulnerabilities.
- Full spectrum cyber capabilities.
- Strategic theory and practice.
- Emerging technologies that have potential for exploitation.
- Industry indicators useful for identifying technology trends.
- External organizations and academic institutions with cyber focus.
- Industry technologies’ potential cybersecurity vulnerabilities.
- Current and emerging cyber technologies.
- Application security risks
- Create policies that reflect system security objectives.
- Execute administrative planning activities.
- Prepare plans and related correspondence.
- Communicate with all levels of management including board members.
- Anticipate new security threats.
- Remain aware of evolving technical infrastructures.
- Use critical thinking to analyze organizational patterns and relationships.
- Acquire and manage the necessary resources to support security goals.
- Advise senior management on cost/benefit analysis of information security programs.
- Advocate organization’s official position in legal and legislative proceedings.
- Communicate the value of information technology security throughout all levels of the organization stakeholders.
- Develop and maintain strategic plans.
- Develop policy, programs, and guidelines for implementation.
- Establish and maintain communication channels with stakeholders.
- Interface with external organizations.
- Lead and align information technology security priorities with the security strategy.
- Lead and oversee information security budget, staffing, and contracting.
- Manage the publishing of computer network defense guidance for the enterprise constituency.
- Monitor and evaluate the effectiveness of the enterprise’s cybersecurity.
- Review existing and proposed policies with stakeholders.
- Serve on agency and interagency policy boards.
- Recommend policy and coordinate review and approval.
- Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
- Ensure sound security principles are reflected in the organization’s vision and goals.
- Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
- Identify security requirements specific to an information technology system in all phases of the system life cycle.
- Define and/or implement policies and procedures to ensure protection of critical infrastructure as appropriate.
- Supervise and assign work to programmers, designers, technologists and technicians, and other engineering and scientific personnel.
- Advocate for adequate funding for cyber training resources.
- Coordinate with organizational manpower stakeholders to ensure appropriate allocation and distribution of human capital assets.
- Promote awareness of cyber policy and strategy.
- Review/assess cyber workforce effectiveness to adjust skill and/or qualification standards.
- Interpret and apply applicable laws, statutes, and regulatory documents and integrate into policy.
- Analyze organizational cyber policy.
- Assess policy needs and collaborate with stakeholders to develop policies to govern cyber activities.
- Define and integrate current and future mission environments.
- Design/integrate a cyber strategy that outlines the vision, mission, and goals that align with the organization’s strategic plan.
- Draft, staff, and publish cyber policy.
- Monitor the rigorous application of cyber policies, principles, and practices in the delivery of planning and management services.
- Seek consensus on proposed policy changes from stakeholders.
- Perform an information security risk assessment.
- Provide policy guidance to cyber management, staff, and users.
- Review, conduct, or participate in audits of cyber programs and projects.
- Support the CIO in the formulation of cyber-related policies.
- Conduct long-range, strategic planning efforts with internal and external partners in cyber activities.
- Collaborate on cyber privacy and security policies and procedures
- Collaborate with cybersecurity personnel on the security risk assessment process to address privacy compliance and risk mitigation
- Appoint and guide a team of it security experts.
- Collaborate with key stakeholders to establish a cybersecurity risk management program.
There are 12 different possible exercises that can be used in the course of a one hour meeting. As soon as students become accustomed to a particular flow, or they get comfortable, the instructor will switch methods. Some examples include: threats and controls, case studies, risk analysis practice, and reading review.
Students will read before class, take a practice test, submit case study information, and build flashcards. Each activity is graded as needed.
We use a custom textbook developed by our internal experts. Is a completely digital format.
- 1 hour per session
- 3 Sessions per week
- 10 weeks with 2 break weeks
- Orientation is held for 90 minutes before first live class.
- Class meeting times are listed on the public calendar.