A course tailored for C-Level executives and advisors who need to evolve and understand the topic of cybersecurity governance.
Cybersecurity for Executives
100% online, live, and participative
Cybersecurity has evolved from being an IT issue to becoming a company-wide concern, increasingly becoming a mandatory topic for executives and professionals in various positions. Organizations of all sizes and sectors are vulnerable to cybersecurity risks, and teams across different departments need knowledge on the subject for a security culture to develop within the company. Anticipating and preventing these risks, emphasizing the necessary cybersecurity skills in the executive ranks of companies, is a strong factor for competitiveness in the market.
Being an experienced professional in the field means understanding basic concepts, risks, structures, and approaches to address the issue, as well as the ability to assess management in the face of these threats. It also involves having insight and critical capability regarding proposed cyber strategies. In this context, aiming to meet the need for a cybersecurity knowledge path, we are launching the first module of the course, providing students with a broad view of the subject and its basic concepts.
This course has been developed for professionals and executives from large and medium-sized companies. No prior experience or background is required from students.
What you will learn?
The course aims to help students quickly grasp essential language and perspectives on Cybersecurity, developing an ability to engage with the subject, cybersecurity strategy, and risk management.
Topics covered include governance, prevention and response, laws and regulations, security strategy, and culture. Each student will have the opportunity to complete the assessment in their company, providing insight into the maturity level of their company in relation to the best practices and security policies recommended by leading global cybersecurity agencies, measured through the Cyber Score methodology.
- Develop an initial systemic, holistic, and pragmatic view of risk management in cybersecurity, enabling dialogue and discussion with the technical team (CISO/CIO) on the company’s cybersecurity strategy.
- Understand the importance of adopting best practices and security policies, aiming at the prevention and management of risks related to cybersecurity, as well as the essential needs in terms of corporate organizational structure.
- Grasp the potential impact and consequences that a cyber attack could generate for the company, through three risks: operational, financial, and market value.
- Be able to interpret and understand the results of an analysis in the Cyber Score methodology, understanding cybersecurity maturity and the actions that need to be taken.
- Apply theoretical concepts in practice.
Completion of the assessment to obtain the Cyber Score is desirable and will assist the student during the course, especially in the participation in Module 4: Understanding and Using the Cyber Score.
The proposed project consists of theory and practical activities that will allow students to apply the knowledge gained in a real-world situation. It is desirable that students apply the Cyber Score methodology before the start of the course, adopted in a recent sectoral survey by Abrasca, which assesses a company’s maturity in relation to best practices and security policies. To carry out this activity, students should have the support of the technical team from their respective companies, who will assist them in filling out an assessment lasting approximately 1 hour. A consultant certified by The Security Design Lab will be available to guide and answer questions during the completion process. The generated report is confidential and for the exclusive use of the student during the course.
With the generated report in hand, students can compare their results with the class average, gaining an understanding of which controls should be prioritized and which ones the company is in compliance with. Finally, students will be invited to design mitigation strategies for the identified risks. The idea is that, based on the knowledge acquired during the course and the analysis of the Cyber Score, students can discuss the cyber strategy to protect their companies’ systems and data against potential cyber attacks.
1. Basic Concepts & Global Scenario
Marta Schuh and Nycholas Szucko
- Cybersecurity concepts;
- Global cybercrime landscape;
- Major threats in 2023 and Predictions and expectations for 2024–2030 (AI, Cyber war affair, regulations).
2. Cybersecurity as an Operational Risk: Impacts on Business Competitiveness
Marta Schuh and Marcello Junqueira
- Navigating cybersecurity regulations in different sectors (LGPD, GDPR, BACEN, ANEEL, SEC, CVM, ANS);
- Operational impacts, cyber risk beyond data;
- The importance of adopting a cybersecurity culture for businesses.
3. The Importance and Role of Risk Committees
- The role of Risk Committees;
- The Board of Directors and Executives concerning cybersecurity and their responsibilities;
- Better understanding of how cyber risk affects executive decision-making;
- Effective communication with technology professionals.
4. Prevention and Incident Response
- Identifying the criticality of technology in my operation;
- The importance of adopting best practices and security policies in companies to reduce the impact of incidents;
- Why it’s not possible to eliminate cyber risk?
- Incident response plan, best practices for reporting incidents to authorities and regulatory agencies, and the executive’s role in times of crisis.
5. Understanding and Using the Cyber Score
- Analysis of the average Cyber Score of filled cases (each student can compare their private result with the average);
- How to improve your company’s Cyber Score, reducing risk and exposure through a practical action plan;
- The importance of Cyber Score for shareholders and its impacts on the capital market.