Cybersecurity and Enterprise Risk Management

Course Aims and Objectives

This course serves as a foundational roadmap for understanding the core concepts and essential knowledge required to thrive in the fields of Cybersecurity and Enterprise Risk Management. Participants will gain insights into industry standards, regulatory frameworks, and the competencies needed to effectively identify, manage, and mitigate cyber and enterprise-level risks. The program also explores the evolving role of cybersecurity professionals and risk managers in today’s digital and threat-prone environment. It introduces newcomers to the duties and expectations within these roles and situates them within the broader context of organisational governance, risk, and compliance—highlighting current challenges and critical developments that shape today’s cybersecurity and risk landscape.

Course Methodology

This immersive training provides the foundational tools, methodologies, and globally recognised best practices essential for cybersecurity and risk management tasks. The course offers a supportive and secure learning environment, enhanced by targeted exercises and real-world case studies designed to promote practical understanding and application of concepts.

Outcomes

Upon successful completion of the course, participants will be equipped to:

• Make informed decisions in cybersecurity and enterprise risk management functions

• Apply global standards and frameworks such as ISO 27001, NIST, and COSO ERM

• Conduct effective risk assessments and threat modelling exercises

• Implement risk-based strategies to support enterprise resilience

• Use communication and stakeholder engagement techniques to manage risk and build a security-aware culture

• Develop, monitor, and improve cybersecurity and risk response plans

Target Audience

This course is ideal for individuals new to cybersecurity or enterprise risk management who are seeking a strong foundational understanding to launch their careers. It is particularly relevant for:

• Entry-level cybersecurity professionals

• Risk and compliance analysts

• IT auditors and internal auditors transitioning into cybersecurity roles

• Information security officers

• Operational and business risk managers

• Professionals in governance, risk, and compliance (GRC) roles

Course Outline

Module 1: Strategic Overview of Cybersecurity in the Enterprise

• Understand cybersecurity as a business enabler

• Explore global threat trends and major breach insights

• Identify enterprise-level cyber risk drivers

• Link cybersecurity to digital transformation initiatives

Module 2: Enterprise Architecture & IT Asset Landscape

• Examine enterprise systems (ERP, CRM, SaaS, databases)

• Understand hybrid infrastructure: on-prem, cloud, and virtualised environments

• Learn asset classification and data sensitivity levels

• Address risks from Shadow IT and unmanaged assets

Module 3: Risk Management & Business Impact

• Apply risk assessment methods (NIST, ISO 27005, FAIR)

• Align cyber risk with enterprise risk management (ERM) frameworks

• Map risks to business-critical processes and operations

• Explore business continuity and disaster recovery strategies

Module 4: Governance, Compliance & Regulatory Requirements

• Develop effective cybersecurity governance models and policies

• Understand global regulations: GDPR, HIPAA, SOX, PCI-DSS

• Prepare for internal audits and manage compliance checklists

• Explore GRC (Governance, Risk, Compliance) platforms

Module 5: Threat Intelligence and Security Operations

• Introduce cyber threat intelligence (CTI) and attacker profiling

• Utilise the MITRE ATT&CK framework for defense.

• Understand Security Operations Center (SOC) roles and structures

• Leverage SIEM, SOAR, and log analysis tools for monitoring

Module 6: Identity, Access & Cloud Security

• Explore Identity and Access Management (IAM) fundamentals

• Manage privileged access and implement PAM

• Secure multi-cloud environments with CSPM practices

• Implement Zero Trust Security models

Module 7: Incident Response & Crisis Management

• Build and test an Incident Response (IR) plan

• Analyse breach simulations and use response playbooks

• Understand chain of command during incidents

• Coordinate with PR, legal, and executive teams during crises

Module 8: Security Awareness and Insider Threats

• Foster a security-first culture across the organisation

• Address phishing, social engineering, and insider threats

• Customise awareness for specific roles and departments

• Use gamified training and red-team simulations

Module 9: Future Trends & Enterprise Readiness

• Explore AI/ML applications and risks in cybersecurity

• Prepare for IoT, OT, and remote work vulnerabilities

• Understand quantum computing risks and post-quantum security

• Assess organisational cybersecurity maturity and roadmaps

Location and Date:

London 21 – 25 Jul 2025

Cardiff |01 – 05 Aug 2025

EUPlatform reserves the right to alter dates, content, venue and trainer.

Course Fee:

Per Participant: £5375
Student Rate: £4300
Discount for group of 4 or more