Cyber threats to business are real and scary. Yet, CFOs are sick of hearing the “scare speech” about over-generalized threats and actions that are more a collection of jumbled parts than a functional whole. Many myths about cyber-speak just cause confusion. For example, “heat maps” often hide more than help, “controls” are often wasteful, “emerging risks” are often an excuse for what thousands of other people already know, “risk lists” miss much, and cybersecurity math has gaps compared to risk math used in financial analysis. Further, the noise around “cyber” threats often distracts from other risks to business performance related to technology.

This course helps resolve the confusion and offers realistic, practical ways CFOs and those across the CFO's entire organization can ask more insightful questions, cut churn and better manage risk to business objectives. Learn how to make a real impact on cyber threats for your company. 

Learning Objectives
  • Discover the dynamics of tech-related risk to the business to replace narrow ideas about “cyber-security”
  • Recognize common myths and avoid waste and distraction caused by them
  • Explore the dependencies of the business on technology as both threats and opportunities
  • Discover how math and methods of managing financial risk can enable security people to better manage cyber risk
  • Identify thoughtful questions to ask business, risk, security, and audit teams
  • Discover pragmatic actions to create meaningful protective solutions
Last updated/reviewed: May 18, 2022
11 Reviews (76 ratings)


Anonymous Author
Brian did an excellent job developing and delivering the course content. I've taken over ten courses on this site so far and I took the most applicable content from this training out of all of those courses.

Anonymous Author
This course was informative on the myths of security. The slides were easy to follow and were well laid out. The entire course was concise & to the point.

Anonymous Author
Program materials were relevant and contributed to the achievement of the learning objectives. Please reframe a couple of questions.

Anonymous Author
This was a very comprehensive and informative course on the myths and realities of corporate cyber security.

Member's Profile
Nice coverage of content for the avid professional or novice. I enjoyed the content and review.

Member's Profile
This was a good course. Would recommend anyone needing CISA CPE to take this course.

Anonymous Author
The course is well done, but a bit confusing and smoky at some places.

Member's Profile
Great course. Clear presentation to follow and easy to understand.

Anonymous Author
Pretty good course with good perspective on cyber issues.

Anonymous Author
Good course, well structured and developed and presented.

Member's Profile
Good information, but sometimes a little hard to follow.

Course Complexity: Intermediate

No advanced preparation or prerequisites are required for this course.

Education Provider Information
Company: Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA 95113
Contact: For more information regarding this course, including complaint and cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to .
Instructor for this course
Course Syllabus
  Introduction to CFOs: The Myths and Realities of Corporate Cyber-Security2:20
  Myth or Reality?7:19
  Framing Our Conversation7:10
  About Risk5:25
  Myth or Reality? Environment2:43
  Myth or Reality? Evaluation15:07
  3 Key Actions to Implement7:05
  Myth or Reality? Responding to Risk6:57
  CFOs: The Myths and Realities of Corporate Cyber-Security 1:05:02
  Slides: CFOs: The Myths and Realities of Corporate Cyber-SecurityPDF
  CFOs: The Myths and Realities of Corporate Cyber-Security Glossary/IndexPDF