Information Security Manager: Information Security Program Management

Course Overview
Hi everyone. My name is Bobby Rogers, and welcome to the Information Security Manager: Information Security Program Management course. I'm a cybersecurity analyst, and I work as a contractor securing information systems and data for the U. S. government, specializing in cyber risk management. You've all seen the headlines in the news about data breaches and information technology incidents. Have you ever wondered how these things happen, and why some people just don't secure their networks? Even if it's a security flaw in the system, you can almost always trace the problem back to a lack of security program management in the organization. That's why we've produced this course that covers how to manage an information security program in your organization. We're going to talk about the major things you need to know in order to effectively manage all the aspects of information security within your company or business. Some of the major topics that we will cover include security processes, managing security resources, security governance, and metrics. By the end of this course, you'll understand what it takes to manage information security in a business, and how critical that role is in protecting data and systems from a variety of potential security risks. Before beginning the course, you should be familiar with basic security concepts and terminology such as confidentiality, integrity, and availability, as well as authentication and authorization concepts. I hope you'll join me on this journey to learn security management with the Information Security Manager: Information Security Program Management course from Pluralsight.

Managing Security Resources
In this module, we're going to look at how we manage our security resources and budget. Now keep in mind that resources are not just money. Of course, we have those concerns with money, we're concerned with income, revenue, profit, loss, expenses, and so on, but resources are more than that. Resources include people, equipment, facilities, and even data, and we're going to talk about all those resources during this course. So what are we going to discuss during this module? Well, we're going to learn about several things. We're going to learn about the budget and how that affects security resources. We're also going to learn about how we might report our resource usage to management. We're going to get security requirements from both inside the organization and inside the security program that we must meet. So we have to know how to employ these resources, how to use resources to meet these requirements. And finally, we're going to look at emerging technologies, and this is because from a long-term resource perspective our infrastructure is going to wear out, it's going to require repairs, and it's going to be subject to obsolescence. It also may not be able to counter the growing threat every day. The threats it protects us against today, it may not protect us against tomorrow, so we need to look at newer and emerging technologies to help keep up with the threat landscape, but also keep our infrastructure running. We're going to talk about all of these things during this module, so let's get started.