IT588 Cybersecurity Risk Management

This course examines cybersecurity as a risk management problem where an organization identifies potential cybersecurity risks, evaluates those risks, and makes risk mitigation and acceptance decisions given any resource limitations. The course covers both the government’s Risk Management Framework (RMF) as well as more quantitative approaches to risk analysis, risk valuation, and risk metrics using techniques such as Factor Analysis of Information Risk (FAIR). Students must earn a minimum grade of B-. Prerequisite: IT 530 or IT 504 with a minimum grade of B-. (3)