What is the X-Factor? In Cybersecurity, the X-Factor related to unknown and unpredictable human behavior within and outside of your organization. “No one really knows why humans do what they do”, (David K. Reynolds), and because of this organizations can be unprepared for malicious, untrained, or even best intentioned behavior that can cause alarm and sometimes irreparable harm.
This course will introduce you to the types of training available to reduce the impact of the X-Factor, evaluate its effectiveness, explore the Security Education, Training and Awareness (SETA) program, and learn why it may fail. The course will conclude with information designed to assist you with some critical components for your business security program. Activities focused on hactivism, cyberinsurance, and ransomware will round out your knowledge base. Your team of instructors has prepared a series of readings, discussions, guest lectures, and quizzes to engage you in this exciting topic.
This course is part of the Cybersecurity: Developing a Program for Your Business Specialization
Cybersecurity and the X-Factor
Offered By
Syllabus - What you will learn from this course
Week
1Introduction to the X-Factor
The X-factor within information security is human behavior within and outside your organization. Our introduction includes an overview of information security management and its goals as well as describing the problem created by non-malicious insider behavior. We include discussion about the purpose of training within organizational cybersecurity efforts and whether it is achieving its purpose.
4 videos (Total 16 min), 5 readings, 2 quizzes
4 videos
Security and Employee Compliance4m
Industry Q&A: Security and End Users1m
Pulling it together8m
5 readings
Learning Objectives1m
MISQ Executive: Information Security Management Overview45m
Phishing Attacks Hurt Convenience Of Online Banking In The Workplace10m
3 things every CISO should know10m
Shadow IT: Mitigating Security Risks10m
1 practice exercise
Introduction to the X-Factor Quiz10m
Week
2Security Education: Training & Awareness
Within this topic we will discuss traditional training efforts. Security education, training and awareness (SETA) programs are designed to reduce the incidence of accidental security breaches. Through the readings you will learn about the design and delivery of these programs as well as various training techniques. This module concludes with a discussion about your experience and opinion about organizational security training.
4 videos (Total 17 min), 4 readings, 2 quizzes
4 videos
Industry Q&A: SETA in Real Life2m
Industry Q&A: Customers and Security Training2m
Pulling it together5m
4 readings
Learning Objectives1m
Security Education, Training and Awareness20m
Training20m
Making Security Awareness Work20m
2 practice exercises
SETA Practice Quiz20m
Security Education: Training and Awareness Quiz10m
Week
3Reasons Why Traditional Training Efforts Fail
In this module you will understand why traditional training efforts through SETA programs may fail. You will learn about human behavior and how understanding it can help managers better leverage their security efforts. Finally, through the readings you will also see that this is a global issue. The readings present examples of existing awareness campaigns in U.K., in Australia, in Canada and Africa.
4 videos (Total 15 min), 5 readings, 3 quizzes
4 videos
Employee Habits, Errors, and Security Breaches4m
Habituation: What is it?5m
Pulling it together3m
5 readings
Learning Objectives1m
Why Do Cybersecurity Awareness Campaigns Fail?50m
The Impact of Past Behavior45m
How Does Behavior Become Habitual?20m
Global Threat Report30m
2 practice exercises
Why Do Cybersecurity Awareness Campaigns Fail Quiz14m
Test Your Knowledge!20m
Week
4Threat Intelligence
We will conclude by identifying some novel problems and practices that organizations are experiencing. You will learn about hactivism, cyberinsurance, and ransomware through popular press readings about recent security problems that landed companies on the front page.
3 videos (Total 14 min), 6 readings, 2 quizzes
3 videos
Industry Q&A: Threat Intelligence2m
Pulling it together5m
6 readings
Learning Objectives1m
What is threat intelligence?20m
Rise of Hacktivism20m
Cyber Insurance15m
Protecting yourself from Ransomware10m
Ransomware15m
2 practice exercises
Practice quiz: Test your threat intelligence!20m
Test your knowledge of threat intelligence10m
4.7
22 Reviews33%
started a new career after completing these courses
33%
got a tangible career benefit from this course
Top Reviews
By ZL•Mar 19th 2017
There is a lot of practical and actionable information in this course related to cybersecurity. I would highly recommend anyone interested in their organization's cybersecurity take this course!
By JR•Apr 17th 2017
Great course, understanding that our biggest security threat is our own behaviour is key to building cybersecurity.
Instructors
Dr. Humayun Zafar
Associate Professor of Information Security and AssuranceInformation Systems
Dr. Traci Carte
Associate Professor Chair, Information SystemsInformation Systems
Herbert J. Mattord, Ph.D., CISM, CISSP, CDP
Associate Professor in Information Security and AssuranceInformation Systems
Mr. Andy Green
Lecturer of Information Security and AssuranceKennesaw State University - Department of Information Systems
Michael Whitman, Ph.D., CISM, CISSP
Professor of Information SecurityInformation Systems
About University System of Georgia
The University System of Georgia is composed of 28 higher education institutions including 4 research universities, 2 regional universities, 12 state universities, 13 state colleges and the Skidaway Institute of Oceanography. The Georgia Public Library System, encompassing 61 library systems throughout Georgia, is also part of the University System.
About the Cybersecurity: Developing a Program for Your Business Specialization
Cybersecurity is an essential business skill for the evolving workplace. For-profit companies, government agencies, and not-for-profit organizations all need technologically proficient, business-savvy information technology security professionals. In this Specialization, you will learn about a variety of processes for protecting business assets through policy, education and training, and technology best practices. You’ll develop an awareness of the risks and cyber threats or attacks associated with modern information usage, and explore key technical and managerial topics required for a balanced approach to information protection. Topics will include mobility, the Internet of Things, the human factor, governance and management practices.
Frequently Asked Questions
When will I have access to the lectures and assignments?
Once you enroll for a Certificate, you’ll have access to all videos, quizzes, and programming assignments (if applicable). Peer review assignments can only be submitted and reviewed once your session has begun. If you choose to explore the course without purchasing, you may not be able to access certain assignments.
What will I get if I subscribe to this Specialization?
When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile. If you only want to read and view the course content, you can audit the course for free.
What is the refund policy?
Is financial aid available?
More questions? Visit the Learner Help Center.
Coursera provides universal access to the world’s best education,
partnering with top universities and organizations to offer courses online.
© 2019 Coursera Inc. All rights reserved.
