About this course: What is the X-Factor? In Cybersecurity, the X-Factor related to unknown and unpredictable human behavior within and outside of your organization. “No one really knows why humans do what they do”, (David K. Reynolds), and because of this organizations can be unprepared for malicious, untrained, or even best intentioned behavior that can cause alarm and sometimes irreparable harm. This course will introduce you to the types of training available to reduce the impact of the X-Factor, evaluate its effectiveness, explore the Security Education, Training and Awareness (SETA) program, and learn why it may fail. The course will conclude with information designed to assist you with some critical components for your business security program. Activities focused on hactivism, cyberinsurance, and ransomware will round out your knowledge base. Your team of instructors has prepared a series of readings, discussions, guest lectures, and quizzes to engage you in this exciting topic.
Who is this class for: This course is primarily aimed for learners who are interested in transitioning toward a more managerial role in cybersecurity, and are therefore in understanding the interplay between business strategy and the IT infrastructure.
Created by: University System of Georgia
Taught by: Dr. Humayun Zafar, Associate Professor of Information Security and Assurance
Information Systems
Taught by: Dr. Traci Carte, Associate Professor Chair, Information Systems
Information Systems
Taught by: Herbert J. Mattord, Ph.D., CISM, CISSP, CDP, Associate Professor in Information Security and Assurance
Information Systems
Taught by: Mr. Andy Green, Lecturer of Information Security and Assurance
Kennesaw State University - Department of Information Systems
Taught by: Michael Whitman, Ph.D., CISM, CISSP, Professor of Information Security
Information Systems
| Basic Info | Course 3 of 4 in the Cybersecurity: Developing a Program for Your Business Specialization |
| Level | Beginner |
| Commitment | 4 weeks of study, 3-4 hours/week |
| Language | English |
| How To Pass | Pass all graded assignments to complete the course. |
| User Ratings |
Syllabus
WEEK 1
Introduction to the X-Factor
The X-factor within information security is human behavior within and outside your organization. Our introduction includes an overview of information security management and its goals as well as describing the problem created by non-malicious insider behavior. We include discussion about the purpose of training within organizational cybersecurity efforts and whether it is achieving its purpose.
4 videos, 5 readings, 1 practice quiz
- Reading: Learning Objectives
- Video: Security and Employee Compliance
- Reading: MISQ Executive: Information Security Management Overview
- Reading: Phishing Attacks Hurt Convenience Of Online Banking In The Workplace
- Reading: 3 things every CISO should know
- Reading: Shadow IT: Mitigating Security Risks
- Video: Industry Q&A: Security and End Users
- Video: Pulling it together
- Discussion Prompt: Your own compliance behavior
- Practice Quiz: Introduction to the X-Factor Quiz
Graded: The role of security professionals
WEEK 2
Security Education: Training & Awareness
Within this topic we will discuss traditional training efforts. Security education, training and awareness (SETA) programs are designed to reduce the incidence of accidental security breaches. Through the readings you will learn about the design and delivery of these programs as well as various training techniques. This module concludes with a discussion about your experience and opinion about organizational security training.
4 videos, 4 readings, 1 practice quiz
- Reading: Learning Objectives
- Reading: Security Education, Training and Awareness
- Reading: Training
- Practice Quiz: SETA Practice Quiz
- Reading: Making Security Awareness Work
- Video: Industry Q&A: SETA in Real Life
- Video: Industry Q&A: Customers and Security Training
- Video: Pulling it together
- Discussion Prompt: Recent training experience
Graded: Security Education: Training and Awareness Quiz
WEEK 3
Reasons Why Traditional Training Efforts Fail
In this module you will understand why traditional training efforts through SETA programs may fail. You will learn about human behavior and how understanding it can help managers better leverage their security efforts. Finally, through the readings you will also see that this is a global issue. The readings present examples of existing awareness campaigns in U.K., in Australia, in Canada and Africa.
4 videos, 5 readings, 1 practice quiz
- Reading: Learning Objectives
- Reading: Why Do Cybersecurity Awareness Campaigns Fail?
- Practice Quiz: Why Do Cybersecurity Awareness Campaigns Fail Quiz
- Video: Employee Habits, Errors, and Security Breaches
- Reading: The Impact of Past Behavior
- Video: Habituation: What is it?
- Discussion Prompt: Automated Behavior
- Reading: How Does Behavior Become Habitual?
- Reading: Global Threat Report
- Video: Pulling it together
Graded: Habits and Training Programs
Graded: Test Your Knowledge!
WEEK 4
Threat Intelligence
We will conclude by identifying some novel problems and practices that organizations are experiencing. You will learn about hactivism, cyberinsurance, and ransomware through popular press readings about recent security problems that landed companies on the front page.
3 videos, 6 readings, 1 practice quiz
- Reading: Learning Objectives
- Reading: What is threat intelligence?
- Reading: Rise of Hacktivism
- Reading: Cyber Insurance
- Reading: Protecting yourself from Ransomware
- Reading: Ransomware
- Video: Industry Q&A: Threat Intelligence
- Video: Pulling it together
- Discussion Prompt: Identify a potential threat
- Practice Quiz: Practice quiz: Test your threat intelligence!
Graded: Test your knowledge of threat intelligence
FAQs
How It Works
Coursework
Each course is like an interactive textbook, featuring pre-recorded videos, quizzes and projects.
Help from Your Peers
Connect with thousands of other learners and debate ideas, discuss course material, and get help mastering concepts.
Certificates
Earn official recognition for your work, and share your success with friends, colleagues, and employers.
Creators
University System of Georgia
The University System of Georgia is composed of 28 higher education institutions including 4 research universities, 2 regional universities, 12 state universities, 13 state colleges and the Skidaway Institute of Oceanography. The Georgia Public Library System, encompassing 61 library systems throughout Georgia, is also part of the University System.
Pricing
| Purchase Course | |
|---|---|
| Access to course materials | Available |
| Access to graded materials | Available |
| Receive a final grade | Available |
| Earn a shareable Course Certificate | Available |
Ratings and Reviews
Coursera provides universal access to the world’s best education,
partnering with top universities and organizations to offer courses online.
© 2018 Coursera Inc. All rights reserved.
