[MUSIC] Welcome to the management of cyber security. I'm Dr. Herb Mattord, textbook author and the instructor for this course. What we're going to talk about in this video is what's in the Capstone course and just a little bit about the broader topic of the management of information security. And one of the things that we hope you'll learn through this course is exactly how good information security also includes many nontechnical elements. [SOUND] When you have finished with this course, you'll be able to describe cybersecurity governance, including the mission, roles, and responsibilities of the InfoSec governance function. Define strategic planning and know more about the process and InfoSec's role in the organization's strategic planning effort. List the various types of InfoSec policies and how effective information security policy is created and used. Recall the elements of the risk management process. Certain laws and ethical issues impacting information security in the organization. Some common information security management practices such as benchmarking and performance measures. Now we will preview the modules you'll find in the course. In the Governance and Strategic Planning In Information Security module of the course, we will explore how organizations organize the cyber security function and engage in strategic planning. This will include coverage of where the information security management team is placed in the organizational hierarchy. What functions the CSO of an organization fulfills, as well as some explanation of the strategic planning function. The Risk Management Module will define Risk Management and explore the processes used by organizations to identify and control risk. This will include basic techniques used to identify and assess risk as well as exploration of the risk-control strategies that can be used to help control risk. In the Regulatory Compliance, Law and Ethics module, you will learn about how organizations must manage the complex issues, emerging from the rapidly changing legal and regulatory environment. It will include a short overview of the laws and regulations you should plan to learn about as well an introduction to how ethics is encountered in the workplace. We will end with a discussion on compliance with industry standards and governmental regulation as a means to more closer to a more secure work environment. In the Security Programs module, we'll dig a little deeper into a few security program elements as a way to broaden our understanding of what cyber security management includes. The topics to be covered there are performance management and incident response and contingency planning. In addition, you might notice, from time to time, we'll drop in an interview with an industry expert to share their perspective and maybe some opinions about how cyber security management works in the real world. [SOUND]