About this course: What is the X-Factor? In Cybersecurity, the X-Factor related to unknown and unpredictable human behavior within and outside of your organization. “No one really knows why humans do what they do”, (David K. Reynolds), and because of this organizations can be unprepared for malicious, untrained, or even best intentioned behavior that can cause alarm and sometimes irreparable harm. This course will introduce you to the types of training available to reduce the impact of the X-Factor, evaluate its effectiveness, explore the Security Education, Training and Awareness (SETA) program, and learn why it may fail. The course will conclude with information designed to assist you with some critical components for your business security program. Activities focused on hactivism, cyberinsurance, and ransomware will round out your knowledge base. Your team of instructors has prepared a series of readings, discussions, guest lectures, and quizzes to engage you in this exciting topic.

Who is this class for: This course is primarily aimed for learners who are interested in transitioning toward a more managerial role in cybersecurity, and are therefore in understanding the interplay between business strategy and the IT infrastructure.

Created by: University System of Georgia

Taught by: Dr. Humayun Zafar, Associate Professor of Information Security and Assurance
Information Systems
Taught by: Dr. Traci Carte, Associate Professor Chair, Information Systems
Information Systems
Taught by: Herbert J. Mattord, Ph.D., CISM, CISSP, CDP, Associate Professor in Information Security and Assurance
Information Systems
Taught by: Mr. Andy Green, Lecturer of Information Security and Assurance
Kennesaw State University - Department of Information Systems
Taught by: Michael Whitman, Ph.D., CISM, CISSP, Professor of Information Security
Information Systems

Basic Info	Course 3 of 4 in the Cybersecurity: Developing a Program for Your Business Specialization.
Level	Beginner
Commitment	4 weeks of study, 3-4 hours/week
Language	English
How To Pass	Pass all graded assignments to complete the course.
User Ratings	4.5 stars Average User Rating 4.5See what learners said

Syllabus

WEEK 1

Introduction to the X-Factor

The X-factor within information security is human behavior within and outside your organization. Our introduction includes an overview of information security management and its goals as well as describing the problem created by non-malicious insider behavior. We include discussion about the purpose of training within organizational cybersecurity efforts and whether it is achieving its purpose.

4 videos, 5 readings, 1 practice quiz

Video: Course Overview video
Reading: Learning Objectives
Video: Security and Employee Compliance
Reading: MISQ Executive: Information Security Management Overview
Reading: Phishing Attacks Hurt Convenience Of Online Banking In The Workplace
Reading: 3 things every CISO should know
Reading: Shadow IT: Mitigating Security Risks
Video: Industry Q&A: Security and End Users
Video: Pulling it together
Discussion Prompt: Your own compliance behavior
Practice Quiz: Introduction to the X-Factor Quiz

Graded: The role of security professionals

WEEK 2

Security Education: Training & Awareness

Within this topic we will discuss traditional training efforts. Security education, training and awareness (SETA) programs are designed to reduce the incidence of accidental security breaches. Through the readings you will learn about the design and delivery of these programs as well as various training techniques. This module concludes with a discussion about your experience and opinion about organizational security training.

4 videos, 4 readings, 1 practice quiz

Reading: Learning Objectives
Video: Introduction to SETA and training
Reading: Security Education, Training and Awareness
Reading: Training
Practice Quiz: SETA Practice Quiz
Reading: Making Security Awareness Work
Video: Industry Q&A: SETA in Real Life
Video: Industry Q&A: Customers and Security Training
Video: Pulling it together
Discussion Prompt: Recent training experience

Graded: Security Education: Training and Awareness Quiz

WEEK 3

Reasons Why Traditional Training Efforts Fail

In this module you will understand why traditional training efforts through SETA programs may fail. You will learn about human behavior and how understanding it can help managers better leverage their security efforts. Finally, through the readings you will also see that this is a global issue. The readings present examples of existing awareness campaigns in U.K., in Australia, in Canada and Africa.

4 videos, 5 readings, 1 practice quiz

Reading: Learning Objectives
Video: Overview: Habits and Vulnerabilities
Reading: Why Do Cybersecurity Awareness Campaigns Fail?
Practice Quiz: Why Do Cybersecurity Awareness Campaigns Fail Quiz
Video: Employee Habits, Errors, and Security Breaches
Reading: The Impact of Past Behavior
Video: Habituation: What is it?
Discussion Prompt: Automated Behavior
Reading: How Does Behavior Become Habitual?
Reading: Global Threat Report
Video: Pulling it together

Graded: Habits and Training Programs

Graded: Test Your Knowledge!

WEEK 4

Threat Intelligence

We will conclude by identifying some novel problems and practices that organizations are experiencing. You will learn about hactivism, cyberinsurance, and ransomware through popular press readings about recent security problems that landed companies on the front page.

3 videos, 6 readings, 1 practice quiz

Reading: Learning Objectives
Video: Threat Intelligence: Planning for attacks
Reading: What is threat intelligence?
Reading: Rise of Hacktivism
Reading: Cyber Insurance
Reading: Protecting yourself from Ransomware
Reading: Ransomware
Video: Industry Q&A: Threat Intelligence
Video: Pulling it together
Discussion Prompt: Identify a potential threat
Practice Quiz: Practice quiz: Test your threat intelligence!

Graded: Test your knowledge of threat intelligence

FAQs

How It Works

Coursework

Each course is like an interactive textbook, featuring pre-recorded videos, quizzes and projects.

Help from Your Peers

Connect with thousands of other learners and debate ideas, discuss course material, and get help mastering concepts.

Certificates

Earn official recognition for your work, and share your success with friends, colleagues, and employers.

Creators

University System of Georgia

The University System of Georgia is composed of 28 higher education institutions including 4 research universities, 2 regional universities, 12 state universities, 13 state colleges and the Skidaway Institute of Oceanography. The Georgia Public Library System, encompassing 61 library systems throughout Georgia, is also part of the University System.

Pricing

	Audit	Purchase Course
Access to course materials	Available	Available
Access to graded materials	Not available	Available
Receive a final grade	Not available	Available
Earn a shareable Course Certificate	Not available	Available

Ratings and Reviews

Rated 4.5 out of 5 of 48 ratings

Muy buen enfoque sobre el curso, no me esperaba que fuera sobre el factor de error que puede darse mediante el factor humano en la seguridad. Recomendado!

This is a really nice course where you can get some extra information about cybersecurity and start understanding further about how to continue working to learn more about this interesting and challenging part of Information Technology.

Terrific course for understanding the role the human ("X") factor plays in cyber security.

Simply awesome!

Share

Cybersecurity and the X-Factor

Cybersecurity and the X-Factor

Cybersecurity and the X-Factor