Instructor for this course
more

This is a multi-part series to assist the participant in evaluating all the necessary components to conducting a cyber risk assessment. The purpose of a cyber risk assessment lies in the objectives of ensuring:

  • Availability
  • Confidentiality
  • Integrity of data
  • Integrity of processing

We utilize the National Institute of Standards and Technology (NIST) cybersecurity framework to walk through various elements that should be considered with a cyber risk assessment.   A previous segment delved into the first function outlined by NIST which is the “Identify” concept. This segment will delve into the “protect” function.

We try to protect our information assets and systems against attack. Protection strategies can be the first line of defense, and breaches usually are a failure of protection strategies. Utilizing the concepts of categories and sub-categories an organization can effectively begin to map out their cyber risk process. The sub-categories of the protect function include:

  • Awareness control
  • Awareness and training
  • Data security
  • Information protection and procedures
  • Maintenance
  • Protective technologies

This segment is dedicated to delving into each of these sub-categories and outlining possible considerations for protecting information and cyber assets.

Learning Objectives

  • Explore the objectives of a cyber risk management assessment.
  • Explore security control designations.
  • Explore the concept of baseline controls.
  • Identify the requirements of ensuring awareness control within the protect function.
  • Identify the requirements of ensuring awareness and training within the protect function.
  • Identify the requirements of ensuring data security within the protect function.
  • Identify the requirements of ensuring information protection and procedures within the protect function.
  • Identify the requirements of ensuring maintenance within the protect function.
  • Identify the requirements of ensuring protective technology within the protect function.
Last updated/reviewed: November 11, 2019

Included In Certifications

This course is included in the following Certification Programs:

13 CoursesCorporate Cyber Security Certification

  1. Cyber Threat – The Modern-Day Fraud: Breaches and Actions
  2. A Primer on Cyber Security Programs and Roles
  3. Cyber Risk Management Frameworks and Concepts
  4. Cyber Risk Assessment - Identify Critical Assets
  5. Cyber Risk Assessment – Prioritize Assets for Protection
  6. Cyber Risk Assessment - Protect Assets from Threats
  7. Cyber Risk Assessment – Detect Threats Part One
  8. Cyber Risk Assessment – Detect Threats Part Two
  9. Cyber Risk Assessment – Respond to Incidents
  10. Cyber Risk Assessment – Recover from Incidents
  11. Measuring Cyber Risk Utilizing Tiers
  12. Personal Identity Theft
  13. The Business Identity Theft Crisis

22 Reviews (66 ratings)Reviews

5
Anonymous Author
Excellent overview of the NIST Protection framework for protection of assets from cyber threats. Very comprehensive discussion that covers a wide spectrum of IT controls and systems practices to help ensure mitigation of risks from cyber threats.
5
Member's Profile
Lynn did a great job walking through the material and objectives. The course was divided into organized sections in whhich Lynn talked about the importance of the various security controls to meet the objective of the overall security function.
4
Member's Profile
Очень сложно разбираться в одних голых терминах на английском языке. Курс надо увеличить с подробными примерами из практики
5
Anonymous Author
Lynn has provided a good understanding of one of the core areas that needs attention and action based on the NIST framework on cyber security. Well done!!!
5
Anonymous Author
Great concise course over protection techniques / controls for Cyber relate risks. I would recommend this course to an entry level IT Audit associate.
4
Anonymous Author
The categories and sub-categories were well defined and explained. Procedures to ensure the Protect function was explained in detail.
3
Member's Profile
Not sure but it seems like protect was a subcategory of itself. The structure of all these items gets very difficult to follow.
4
Anonymous Author
Very good course which helped me to understand the process of creating a cyber risk assessment. Instructor was also very good.
5
Member's Profile
This a great course, I really enjoyed and learn new things. The instructor is excellent in her presentation and explanations
4
Anonymous Author
Great course for aspiring IT auditors. Should have basic knowledge of ITGCs and Application controls would be helpful
5
Anonymous Author
Great break-down of Cyber Risks and creating the baselines needed to start reporting on organizational controls.
5
Member's Profile
Another additional improvement would be to provide detailed explanations of incorrect answers on quiz and final
4
Anonymous Author
Excellent course in the cyber risk assessment series. This course covers the Protect portion in NIST.
5
Anonymous Author
This cyber risk assessment overview was on point for understanding baselines, well done.
5
Member's Profile
Course is comprehensive and well presented, especially for novices in this arena.
5
Anonymous Author
Great course. Provides valuable information on protecting assets from threats.
5
Anonymous Author
Great overview of cybersecurity. Linkage to NIST was clear. Slides were clear.
3
Anonymous Author
The definitions were clear enabling future application of the concepts.
4
Anonymous Author
The course was useful and provided insight into protection strategies.
5
Member's Profile
Provided an excellent insight to the Protect category of controls.
5
Member's Profile
The details of Categories and sub-categories are well explained.
3
Anonymous Author
well thought out and acceptable for cpe review purposes

Prerequisites

Course Complexity: Intermediate

No Advanced Preparation or Prerequisites are needed for this course. However, it is recommended to take the other courses in the series prior to completing this one.

Education Provider Information

Company:
Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA 95113
Contact:
For more information regarding this course, including complaint and cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to .
Course Syllabus
INTRODUCTION AND OVERVIEW
  14:48Introduction and Objectives to Cyber Risk Assessment: Protect
  9:54Security Control Designations
  15:18Control Baselines & Identity Management and Access Control
  15:24Identities and Credentials
  12:53Awareness and Training
  9:56Data Structures & Security
  6:59Information Protection Processes and Procedures
  3:32Maintenance
  7:39Protective Technologies
  2:16Summary
CONTINUOUS PLAY
  1:38:38Cyber Risk Assessment: Protect
Supporting Materials
  PDFSlides: Cyber Risk Assessment: Protect
  PDFCyber Risk Assessment: Protect Glossary/Index
REVIEW AND TEST
  quizREVIEW QUESTIONS
 examFINAL EXAM