CYB-5220 Cybersecurity Risk Management in Utility Environments
In this course, students will learn how to identify applicable cybersecurity risk mitigation models and apply them in an organizational context. They will develop the knowledge and skills needed to make recommendations related to the choice of risk mitigation security controls and to provide oversight for the implementation of those controls within information technology (IT) and operational technology (OT) systems. This course will give students the tools to develop risk models that reflect the organization's unique governance structure and corporate culture. Using risk analyses that are predicated upon a holistic risk picture (business, environment, compliance, etc.) of the organization, students will learn how to articulate and defend risk allocation recommendations to accept, transfer, mitigate, or ignore risk, and to communicate cybersecurity risks to peers and senior management in both IT and OT. This course will also expose students to relevant international utility-related cybersecurity regulations, standards, and guidelines.