**Learn at One of the Top 10 Cyber Program in the United States**
We're thrilled to collaborate with Boise State University - Cyber Operations and Resilience (CORe) program which was recently named one of the top 10 Cyber Programs in the US. It is in association with BSU CORe that we are able to offer the Cybersecurity Risk Quantification program. The university has agreed to open this 7-week course to the public. Individuals can register and receive the same training as undergraduates and graduates.
NEW: Organizational teams can participate in a private group course upon request. Certificate of completion available for 12.5 CPE credits.
CEUs: 12.50
Cost $1,800 per person
I am pleased to announce our collaboration with Boise State University College of Engineering Cyber Operations and Resilience (CORe) Program to develop the Cybersecurity Risk Quantification course. CORe has been rated a 2023 top cybersecurity program by Forbes Magazine
A special thanks to Sin Ming Loo, Ph.D. Program Director for agreeing to open this course up to cyber professionals and offering continuing education units. Thank you!
I believe this is the first course of its kind being offered to undergraduates, graduates, and cyber professionals.
This is not a lecture series; it's a hands-on skills development course. Students will be involved in every aspect of cybersecurity risk quantification.
This course is based on my years of experience providing cybersecurity risk quantification services for the Nuclear Regulatory Commission (NRC). It also includes a complete set of models and proven methods that are easy to understand and use. In fact, no prior experience is required. With these models, you can complete basic and advanced analyses.
The course is designed for undergraduate, graduate and professional development. There are seven modules, six of which include student work with the last module reserved for presentations of student projects.
Each module includes:
In addition there are course specific videos introducing each module and demonstrating the use of assignment materials.
There is also a YouTube channel with additional presentations and workbook demonstrations and additional readings linked at the bottom of this page.
Module 1: Introduction to Cybersecurity Risk Quantification
This module provides a general overview of the topics of risk quantification and introduces the student to probabilistic methods and quantitative analysis. The math of probability can be challenging so in this module students are given a simple worksheet that allows them to deal with ranges as three-point-values to establish minimum, most likely, and maximum range values. They are also encouraged to discuss risk as a range from very low to very high and use this 5-point scale to generate ranges.
Module 2: Vulnerability Analysis
One of the most difficult steps in quantifying cybersecurity risk can be getting started so this module focuses on analyzing vulnerability data as the foundation for generating frequency data. Students learn how to "tag" vulnerability data using "key words" derived from Common Weakness Enumeration (CWE) and Open Worldwide Application Security Project (OWASP) and begin relating these vulnerabilities to the attack sequence tactics and techniques of the MITRE ATT&CK model. Students work hands-on with vulnerability data and present their analysis. Students learn that there are many perspectives from which to view risk and that it is the relationship of the vulnerability to the organization and the potential impact that drive priorities and the decision-making process.
Module 3: Beyond Vulnerability Analysis
In this module students apply what they've learned and build attack scenarios to perform threat modeling and analysis. Students learn about industry specific risks and apply this their analysis. They dive deeper into the MITER ATT&CK tactics and techniques and explore attack vectors to build awareness around real-world risks. Students develop critical thinking and analytical skills.
Students receive three models specific to analyzing compliance risk, industry attacks, and single attack threat model.
Module 4: Bayesian Analysis
In this module students are introduced and work with many equations for conditional probability. Students receive two worksheets that provide a graphical layout of data to facilitate complex formulas and provide a deeper understanding of what they are calculating. The first worksheet performs a joint probability and the second perfoms Bayesian Inference. By the end of this module students are able to perform these calculations and solve compelx problems with partial data.
Module 5: Monte Carlo Simulations
In this module students are introduced to several probability distributions including triangular, pert, Bernouilli and Poisson. Students receive worksheets that allow them to calculate and compare distributions, and perform mathematical functions using these distributions.
Module 6: FAIR(tm) and VAR
In this module students are introduced to the Factor Analysis of Information Risk (FAIR) and Value at Risk (VAR) modules for quantifying risk in financial terms. Students receive a fully functional FAIR(tm) module along with a VAR Worksheet and they are challenged with completing multiple analyses based on assignment data.
Module 7: Final Project Presentations
Along with assignements in each module students work throught the course on a final project which is a single analysis that they must perform and present in the final week of the course. To complete thisi project students must read and understand, prepare and analyze data. In addition students are challenged to develop recommendations for mitigations and expenditures. Finally, students must create a slide deck for presenting their analysis and be prepared to explain and defend their methodology. This provides a true real-world hands-on experience.
Cyber Risk Models - A Division of FISMACS, LLC
190 Virginia St, Mount Airy, North Carolina 27030, United States
Copyright © 2024 CyberRiskModels.com - All Rights Reserved.
A division of FISMACS.com (FISMACS,LLC)
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.