This is a segment in our ongoing series on cyber risks. Part one of this segment about “Cyber Risk Assessments – Identifying Threats” delved into the detection phase of a cyber risk assessment. We evaluated important elements to consider when determining how to stay abreast of impending threats and what organizations should do to detect those threats including evaluating anomalies, instilling continuous monitoring tactics and dedicated detection methods.

This is the second part of the two-part series. This segment focuses on the types of Information Technology (IT) assets to consider when establishing detection processes, the concept of applied security and additional considerations for continuous monitoring and forensic analysis. We also look briefly at incident response – which is covered in greater detail in the segment on “Cyber Security Risk Assessment – Recover from Breaches”.

Training for all programs related to cyber security by this trainer are utilizing the framework of the National Institute of Standards and Technology (NIST) as a model. This information is freely available in the public domain. For more detailed information on the framework please refer to

Learning Objectives
  • Review the high level “detect” concepts introduced in segment one.
  • Explore the concept of applied security and preventative and detective controls.
  • Explore additional concepts of security continuous monitoring.
  • Explore the pillars of success for the detect phase of a cyber risk assessment.
  • Explore the concepts of incident response and threat intelligence.
Last updated/reviewed: August 13, 2023

Included In Certifications

This course is included in the following Certification Programs:

13 CoursesCorporate Cyber Security Certification

  1. Cyber Threat – The Modern-Day Fraud: Breaches and Actions
  2. A Primer on Cyber Security Programs and Roles
  3. Cyber Risk Frameworks And Concepts
  4. Cyber Risk Framework - Identify Assets
  5. Cyber Risk Framework - Prioritize Assets
  6. Cyber Risk Framework - Protect Assets
  7. Cyber Risk Framework - Detect Part One
  8. Cyber Risk Framework - Detect Threats Part Two
  9. Cyber Risk Framework - Respond
  10. Cyber Risk Framework - Recover
  11. Cyber Risk Framework - Utilizing The Tier Approach
  12. Fraud and Personal Identity Theft
  13. Fraud and Business Identity Theft
16 Reviews (88 ratings)


Anonymous Author
This course provides helpful and easy-understanding knowledge for detecting threats for cyber risk assessment. It is useful for internal auditors

Anonymous Author
Great concise course over IT Risk related cyber security information. I would recommend this course to an entry level IT Risk/Audit associate.

Anonymous Author
This serves as a refresher course for me. Nothing surprised me. I believe performance and new auditors will benefit from this.

Anonymous Author
I learned of many new terms not previously aware of, as I don't worki directly in the cyber side of risk management

Member's Profile
The Detect Function was very useful. I especially enjoyed the discussion on SIEM and though it was very useful.

Member's Profile
Great course! It was very informative and helpful in understanding detect threats for cyber risk assessment.

Anonymous Author
This course provides good information on cyber risk and how to detect and prevent cyber threats.

Anonymous Author
With this knowledge, I will be able to Review Policies and Procedures for the Detect Phase.

Anonymous Author
Useful for internal auditors, since the topic is usually left aside. Crucial for attention.

Anonymous Author
This course help me a lot to learn about Cyber Risk Framework, especially Detect Threats.

Member's Profile
Good training. Lynn could present/explain technical aspects in an easy reading material.

Anonymous Author
Great course of cyber risk framework - detect threats part 2 which added value to me

Anonymous Author
A good course continuing the coverage of the Detect section of the NIST Framework.

Anonymous Author
Great course for beginners and a good course for experienced auditors.

Anonymous Author
Intermediate comprehensive course for RIsk Managers and auditors

Anonymous Author
well thought out and acceptable for cpe review purposes

Course Complexity: Intermediate

No Advanced Preparation or Prerequisites are needed for this course. However, it is recommended to take the other courses in the series prior to completing this one.

Education Provider Information
Company: Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA 95113
Contact: For more information regarding this course, including complaint and cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to .
Instructor for this course
Course Syllabus
  Introduction to Cyber Risk Assessment – Detect Threats Part Two5:07
  Forensic Analysis11:30
  Applied Security Preventative and Detective Controls3:13
  Desktops and Laptops6:25
  Mobile Devices, BYOD and Containerization3:27
  Network Configuration and Firewalls6:29
  Endpoint Products4:16
  Security Continuous Monitoring & Event Logging9:21
  Security Information and Even Management (SIEM)8:49
  SOC and Incident Response and Threat Intelligence3:38
  Hunt Teams and Insider Threat Concerns6:36
  Pillars of Success Detect Contain Control5:32
  Cyber Risk Assessment – Detect Threats Part Two 1:17:08
  Slides:Cyber Risk Assessment – Detect Threats Part TwoPDF
  Cyber Risk Assessment – Detect Threats Part Two Glossary/IndexPDF