Running the Business of Information Security

Security is not only about protecting assets, managing risk, and ensuring compliance. It’s also a business process. This course will give you the advanced knowledge you need to effectively manage the business of security.
Course info
Level
Advanced
Updated
Oct 4, 2019
Duration
1h 59m
Table of contents
Description
Course info
Level
Advanced
Updated
Oct 4, 2019
Duration
1h 59m
Description

Most people know that information security is about protecting information systems and data, managing cyber risk, and ensuring compliance with governance. However, the security function of a business is also a business function unto itself. It is managed like any other business function, whether it involves staffing with qualified personnel, tracking projects, or managing the security budget. In this course, Running the Business of Information Security, you will learn your key to getting the focused knowledge you need to have, both for the real world and advanced certification exams. First, you’ll explore preparing budget requests based upon programmed organizational security needs. You’ll also learn how to manage the security budget and other resources to their maximum effectiveness. Next, this course will show you how to create business cases to justify security investments and expenditures to support the business mission and goals. You’ll also learn how to manage a dynamic budget based upon changing cybersecurity and business risk. Finally, you’ll discover how to prepare, present, and report security budget status to include expenditures, investments, and other critical budget information. By the end of this course, you’ll have the advanced knowledge you need to help you manage the cybersecurity program’s budget in your organization, as well as to help pass advanced cybersecurity management certification exams.

About the author
About the author

Bobby E. Rogers is an information security engineer working as a contractor for Department of Defense agencies, helping to secure, certify, and accredit their information systems. His duties include information system security engineering, risk management, and certification and accreditation efforts.

More from the author
More courses by Bobby Rogers
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
[Autogenerated] everyone. My name is Bobby Rogers and welcome to the new parasite course running the business of information security. I'm a cyber security analyst, and I worked as a contractor securing information systems and data for the US government specializing in cyber risk management, the information security function is a key enabling process for business. Without modern information security, most modern businesses will fail. However, most people don't realize this, but it's also business process itself that must be carefully managed. Unfortunately, many managers don't always understand how to manage the business aspects of the security function well enough to make it an effective business process. That's why we produced this course that covers how to view an employee information security. As a business enabler, it must be carefully managed. We're going to discuss and demonstrate the key concepts you need to effectively manage security as a business function. Some of the major topics that we will cover include integrating security into business functions, obtaining and managing the security budget, developing business cases for security investments and managing budgets that change as risk changes. By the end of this course, you'll understand how to manage the security program's budget and resource is to maximize supporting business processes as well as the organization's functions, mission and strategy. Before beginning the course, you should be familiar with basic security management concepts as well a security functions and processes. I hope you'll join me on this journey to learn about the business of security with the running the Business of Information Security Course from plural site.