What is the X-Factor? In Cybersecurity, the X-Factor related to unknown and unpredictable human behavior within and outside of your organization. “No one really knows why humans do what they do”, (David K. Reynolds), and because of this organizations can be unprepared for malicious, untrained, or even best intentioned behavior that can cause alarm and sometimes irreparable harm.
This course will introduce you to the types of training available to reduce the impact of the X-Factor, evaluate its effectiveness, explore the Security Education, Training and Awareness (SETA) program, and learn why it may fail. The course will conclude with information designed to assist you with some critical components for your business security program. Activities focused on hactivism, cyberinsurance, and ransomware will round out your knowledge base. Your team of instructors has prepared a series of readings, discussions, guest lectures, and quizzes to engage you in this exciting topic.
Cybersecurity is an essential business skill for the evolving workplace. For-profit companies, government agencies, and not-for-profit organizations all need technologically proficient, business-savvy information technology security professionals. In this Specialization, you will learn about a variety of processes for protecting business assets through policy, education and training, and technology best practices. You’ll develop an awareness of the risks and cyber threats or attacks associated with modern information usage, and explore key technical and managerial topics required for a balanced approach to information protection. Topics will include security of mobile platforms, securing the Internet of Things, security as a product of the human factor, and security governance and management practices.
Introduction to the X-Factor
The X-factor within information security is human behavior within and outside your organization. Our introduction includes an overview of information security management and its goals as well as describing the problem created by non-malicious insider behavior. We include discussion about the purpose of training within organizational cybersecurity efforts and whether it is achieving its purpose.
Graded: The role of security professionals
Security Education: Training & Awareness
Within this topic we will discuss traditional training efforts. Security education, training and awareness (SETA) programs are designed to reduce the incidence of accidental security breaches. Through the readings you will learn about the design and delivery of these programs as well as various training techniques. This module concludes with a discussion about your experience and opinion about organizational security training.
Graded: Security Education: Training and Awareness Quiz
Reasons Why Traditional Training Efforts Fail
In this module you will understand why traditional training efforts through SETA programs may fail. You will learn about human behavior and how understanding it can help managers better leverage their security efforts. Finally, through the readings you will also see that this is a global issue. The readings present examples of existing awareness campaigns in U.K., in Australia, in Canada and Africa.
Graded: Habits and Training Programs
Graded: Test Your Knowledge!
We will conclude by identifying some novel problems and practices that organizations are experiencing. You will learn about hactivism, cyberinsurance, and ransomware through popular press readings about recent security problems that landed companies on the front page.
Graded: Test your knowledge of threat intelligence
ENROLL IN COURSE