CISSP 2021: Security Governance Principles

IN THIS COURSE

• 1.  Course Overview
  1m 33s
  Meet your instructor. Explore how security initiatives begin at the top, as part of global corporate governance. Security architects must understand the role of security governance in the bigger picture, as well as key alignment with the value proposition of the organization. This course covers several objectives in domain, part of the CISSP body of knowledge, security, and risk management. FREE ACCESS
• 2.  Aligning Security with Business
  6m 3s
  Learn how to align security with business. All security practitioners, engineers, architects, and developers must understand that security must meet the needs and goals of your business. Every security initiative must be coupled and aligned and have synergy with the strategic and tactical goals of the enterprise. This alignment must permeate through all organizational processes. FREE ACCESS
• 3.  Organizational Roles, Responsibilities, and Processes
  4m 59s
  Explore organizational roles, responsibilities, and processes, as security initiatives require a broad awareness of all organizational roles and responsibilities. Understand identity and access management, which includes placing the right people in the right group and containers, with the correct rights and permissions. You’ll learn to handle different structures, from traditional top-down organizations to functional organizations to flat horizontal organizations. FREE ACCESS
• 4.  Due Care and Due Diligence
  5m 42s
  Explore governance, due diligence and due care. Security governance guides the course and the control of organizational security operations, initiatives, and activities. Due diligence relates to thorough research, information gathering, and planning before committing to a strategy. Due care can involve using security principles like least privilege, defense in depth, separation of duties, zero trust for continual improvement and maturity. FREE ACCESS
• 5.  Compliance and Other Requirements
  11m 17s
  Learn about a component of governance known as compliance, along with other requirements. This includes privacy, protecting data, and intellectual property. Compliance means observing a rule, such as a policy, standard, specification, or law. Regulatory compliance, which is different from organizational compliance, outlines the goals organizations want to accomplish to certify or be accredited. FREE ACCESS
• 6.  Legal and Regulatory Issues
  8m 8s
  Explore legal and regulatory issues. Organizations typically face cyber threats in three main areas: disruption, where cybercriminals use new ransomware; then distortion, the spread of misinformation using bots, distributed denial of service attacks, and other automated sources to cause a compromise of trust; finally, deterioration where advances in smart technology negatively impact an enterprise's ability to control information. FREE ACCESS
• 7.  Requirements for Investigations
  3m 44s
  Learn about investigations and their requirements. Security investigations often go beyond working with HR. Employment candidates go through screening processes and elaborate investigations and background checks depending upon the sensitivity of their roles and responsibilities. Additionally, different organizations will do periodic investigations or periodic reviews as part of their employment policy. FREE ACCESS
• 8.  Course Summary
  52s
  Review what you’ve learned in this course. You’ve learned about security governance principles and how to align security with business roles and responsibilities. You also learned about governance, due care, and due diligence. Finally, you explored a wide variety of compliance, legal, and regulatory as well as import/export issues. FREE ACCESS