What is the X-Factor? In Cybersecurity, the X-Factor related to unknown and unpredictable human behavior within and outside of your organization. “No one really knows why humans do what they do”, (David K. Reynolds), and because of this organizations can be unprepared for malicious, untrained, or even best intentioned behavior that can cause alarm and sometimes irreparable harm.
This course will introduce you to the types of training available to reduce the impact of the X-Factor, evaluate its effectiveness, explore the Security Education, Training and Awareness (SETA) program, and learn why it may fail. The course will conclude with information designed to assist you with some critical components for your business security program. Activities focused on hactivism, cyberinsurance, and ransomware will round out your knowledge base. Your team of instructors has prepared a series of readings, discussions, guest lectures, and quizzes to engage you in this exciting topic.
Ce cours fait partie de la Spécialisation Cybersecurity: Developing a Program for Your Business
Cybersecurity and the X-Factor
proposé par
Programme du cours : ce que vous apprendrez dans ce cours
Semaine
1Introduction to the X-Factor
The X-factor within information security is human behavior within and outside your organization. Our introduction includes an overview of information security management and its goals as well as describing the problem created by non-malicious insider behavior. We include discussion about the purpose of training within organizational cybersecurity efforts and whether it is achieving its purpose.
4 videos (Total 16 min), 5 lectures, 2 quiz
4 vidéos
Security and Employee Compliance4 min
Industry Q&A: Security and End Users1 min
Pulling it together8 min
5 lectures
Learning Objectives1 min
MISQ Executive: Information Security Management Overview45 min
Phishing Attacks Hurt Convenience Of Online Banking In The Workplace10 min
3 things every CISO should know10 min
Shadow IT: Mitigating Security Risks10 min
1 exercice pour s'entraîner
Introduction to the X-Factor Quiz10 min
Semaine
2Security Education: Training & Awareness
Within this topic we will discuss traditional training efforts. Security education, training and awareness (SETA) programs are designed to reduce the incidence of accidental security breaches. Through the readings you will learn about the design and delivery of these programs as well as various training techniques. This module concludes with a discussion about your experience and opinion about organizational security training.
4 videos (Total 17 min), 4 lectures, 2 quiz
4 vidéos
Industry Q&A: SETA in Real Life2 min
Industry Q&A: Customers and Security Training2 min
Pulling it together5 min
4 lectures
Learning Objectives1 min
Security Education, Training and Awareness20 min
Training20 min
Making Security Awareness Work20 min
2 exercices pour s'entraîner
SETA Practice Quiz20 min
Security Education: Training and Awareness Quiz10 min
Semaine
3Reasons Why Traditional Training Efforts Fail
In this module you will understand why traditional training efforts through SETA programs may fail. You will learn about human behavior and how understanding it can help managers better leverage their security efforts. Finally, through the readings you will also see that this is a global issue. The readings present examples of existing awareness campaigns in U.K., in Australia, in Canada and Africa.
4 videos (Total 15 min), 5 lectures, 3 quiz
4 vidéos
Employee Habits, Errors, and Security Breaches4 min
Habituation: What is it?5 min
Pulling it together3 min
5 lectures
Learning Objectives1 min
Why Do Cybersecurity Awareness Campaigns Fail?50 min
The Impact of Past Behavior45 min
How Does Behavior Become Habitual?20 min
Global Threat Report30 min
2 exercices pour s'entraîner
Why Do Cybersecurity Awareness Campaigns Fail Quiz14 min
Test Your Knowledge!20 min
Semaine
4Threat Intelligence
We will conclude by identifying some novel problems and practices that organizations are experiencing. You will learn about hactivism, cyberinsurance, and ransomware through popular press readings about recent security problems that landed companies on the front page.
3 videos (Total 14 min), 6 lectures, 2 quiz
3 vidéos
Industry Q&A: Threat Intelligence2 min
Pulling it together5 min
6 lectures
Learning Objectives1 min
What is threat intelligence?20 min
Rise of Hacktivism20 min
Cyber Insurance15 min
Protecting yourself from Ransomware10 min
Ransomware15 min
2 exercices pour s'entraîner
Practice quiz: Test your threat intelligence!20 min
Test your knowledge of threat intelligence10 min
4.7
22 avisMeilleurs avis
par ZL•Mar 19th 2017
There is a lot of practical and actionable information in this course related to cybersecurity. I would highly recommend anyone interested in their organization's cybersecurity take this course!
par JR•Apr 17th 2017
Great course, understanding that our biggest security threat is our own behaviour is key to building cybersecurity.
Enseignants
Dr. Humayun Zafar
Associate Professor of Information Security and AssuranceInformation Systems
Dr. Traci Carte
Associate Professor Chair, Information SystemsInformation Systems
Herbert J. Mattord, Ph.D., CISM, CISSP, CDP
Associate Professor in Information Security and AssuranceInformation Systems
Mr. Andy Green
Lecturer of Information Security and AssuranceKennesaw State University - Department of Information Systems
Michael Whitman, Ph.D., CISM, CISSP
Professor of Information SecurityInformation Systems
À propos de University System of Georgia
The University System of Georgia is composed of 28 higher education institutions including 4 research universities, 2 regional universities, 12 state universities, 13 state colleges and the Skidaway Institute of Oceanography. The Georgia Public Library System, encompassing 61 library systems throughout Georgia, is also part of the University System.
À propos de la Spécialisation Cybersecurity: Developing a Program for Your Business
Cybersecurity is an essential business skill for the evolving workplace. For-profit companies, government agencies, and not-for-profit organizations all need technologically proficient, business-savvy information technology security professionals. In this Specialization, you will learn about a variety of processes for protecting business assets through policy, education and training, and technology best practices. You’ll develop an awareness of the risks and cyber threats or attacks associated with modern information usage, and explore key technical and managerial topics required for a balanced approach to information protection. Topics will include mobility, the Internet of Things, the human factor, governance and management practices.
Foire Aux Questions
Quand aurai-je accès aux vidéos de cours et aux devoirs ?
Une fois que vous êtes inscrit(e) pour un Certificat, vous pouvez accéder à toutes les vidéos de cours, et à tous les quiz et exercices de programmation (le cas échéant). Vous pouvez soumettre des devoirs à examiner par vos pairs et en examiner vous-même uniquement après le début de votre session. Si vous préférez explorer le cours sans l'acheter, vous ne serez peut-être pas en mesure d'accéder à certains devoirs.
À quoi ai-je droit si je m'abonne à cette Spécialisation ?
Lorsque vous vous inscrivez au cours, vous bénéficiez d'un accès à tous les cours de la Spécialisation, et vous obtenez un Certificat lorsque vous avez réussi. Votre Certificat électronique est alors ajouté à votre page Accomplissements. À partir de cette page, vous pouvez imprimer votre Certificat ou l'ajouter à votre profil LinkedIn. Si vous souhaitez seulement lire et visualiser le contenu du cours, vous pouvez accéder gratuitement au cours en tant qu'auditeur libre.
Quelle est la politique de remboursement ?
Une aide financière est-elle possible ?
D'autres questions ? Visitez le Centre d'Aide pour les Etudiants.
Coursera propose un accès universel à la meilleure formation au monde,
en partenariat avec des universités et des organisations du plus haut niveau, pour proposer des cours en ligne.
© 2018 Coursera Inc. Tous droits réservés.
