Cybersecurity Risk Management


Learn key principles of risk analysis, risk assessment and risk mitigation for information security using both qualitative and quantitative methodologies.

Cybersecurity risk management guides a growing number of IT decisions. Cybersecurity risks continue to have critical impacts on overall IT risk modelling, assessment and mitigation.

In this course, you will learn about the general information security risk management framework and its practices and how to identify and model information security risks and apply both qualitative and quantitative risk assessment methods.

Understanding this framework will enable you to articulate the business consequences of identified information security risks. These skills are essential for any successful information security professional.

The goal of this course is to teach students the risk management framework with both qualitative and quantitative assessment methods that concentrate on the information security (IS) aspect of IT risks.

The relationship between the IT risk and business value will be discussed through several industry case studies.

First, you will learn about the principles of risk management and its three key elements: risk analysis, risk assessment and risk mitigation. You will learn to identify information security related threats, vulnerability, determine the risk level, define controls and safeguards, and conduct cost-benefit analysis or business impact analysis.

Second, we will introduce the qualitative and quantitative frameworks and discuss the differences between these two frameworks. You will learn the details of how to apply these frameworks in assessing information security risk.

Third, we will extend the quantitative framework with data mining and machine learning approaches that are applicable to data-driven risk analytics.

You will explore the intersection of information security, big data and artificial intelligence.

Finally, you will analyse a series of extended case studies, which will help you to comprehend and generalise the principles, frameworks and analytical methods in actual examples. This offering is part of the RITx Cybersecurity MicroMasters® Programme, offered through the edX® platform that prepares students to enter and advance in the field of computing security.

Associated Programmes:
MicroMasters® Programme: Cybersecurity 

This course forms part of the Cybersecurity MicroMasters® Programme which, includes the following courses:

Cybersecurity Fundamentals
Learn cybersecurity fundamentals, including how to detect threats, protect systems and networks, and anticipate potential cyber attacks.
View the course

Cybersecurity Risk Management
Learn key principles of risk analysis, risk assessment and risk mitigation for information security using both qualitative and quantitative methodologies.
View the course

Computer Forensics
Learn the process, techniques and tools for performing a digital forensics investigation to obtain data related to computer crimes.
View the course

Network Security
Learn the process of network security, including intrusion detection, evidence collection, network auditing, and contingency planning against attacks.
View the course

Cybersecurity Capstone
Demonstrate the knowledge and skills acquired in the Cybersecurity MicroMasters Program.
View the course

Successful completion of CYBER501x Cybersecurity Fundamentals.

edX® and MicroMasters® are registered trademarks of edX® Inc. All Rights Reserved.

  • Programme duration
    8 weeks
  • Estimated effort
    10 - 12 hours per week
  • Fee
  • Institution
  • Language
Start Dates
  • Information security risk management framework and methodologies
  • Identifying and modelling information security risks
  • Qualitative and quantitative risk assessment methods
  • Articulating information security risks as business consequences

Course Syllabus

  • Week 1: Evolution of Information Security
  • Week 2: Risk Management Process, Framework and Life Cycle
  • Week 3: Quantitative versus Qualitative Risk Assessment
  • Week 4: Defining Information Security Metrics
  • Week 5: Analysis Techniques
  • Week 6: Automating Metrics Calculations and Tools
  • Weeks 7 & 8: Industry Case Studies

Arlene Lanser

Pearson Student Advisor