SecurityStudio Certified virtual Chief Information Security Officer Course (CvCISO-1)
Next Class Start Date: October 3rd!
The Certified virtual Chief Information Security Officer Course (CvCISO-1) is the intense foundational course for the SecurityStudio CvCISO Program and is required for all CvCISO certifications.
This course covers all the basics of what a vCISO is and what a vCISO does. Students from all backgrounds and all levels of experience will benefit from this course.
Students with no information security experience will gain an understanding of what makes a vCISO successful and after passing the the CvCISO-1 exam, can perform as a vCISO in limited environments with assistance (See: CvCISO Level 1).
30 instructor-led, 2-hour sessions (60 classroom hours in total). In addition to the classroom hours, students are expected to complete an additional 60 hours of assignments and study (to be successful).
Each chapter covers one or more topics that are essential to CvCISO (and vCISO) success.
The cost of the course is $3,000/student. SecurityStudio is committed to serving the underserved, so discounts and scholarships are available under certain circumstances.
The cost includes the CvCISO-1 examination fee (and retakes, if necessary).
Students learn the fundamentals of information security, how to become a great vCISO, and obtain practical hands on experience.
1/2 the class is dedicated to learning and 1/2 the class is dedicated to doing.
Introduction to the CvCISO Program (1 Lesson / 2 Hours)
Covers everything there is to know about the SecurityStudio Certified virtual Chief Information Security Officer Program and how to be successful with it.
Information Security Fundamentals (15 Lessons / 30 Hours)
The most intense portion of the CvCISO-1 course, this chapter introduces information security fundamentals without shortcuts and builds mastery critical to vCISO success.
vCISO/Customer Relationship (1 Lesson/2 Hours)
This chapter covers setting the appropriate expectations and communicating effectively, especially with people who don’t speak the information security language natively.
Roles and Responsibilities (1 Lesson/2 Hours)
This chapter covers how to establish good governance, including how to determine the most important roles, assigning the roles, and establishing accountability.
Maintaining Progress and Transition (2 Lessons/4 Hours)
Information security processes must be continually maintained and eventually all vCISO contracts are terminated. In this Chapter, students learn strategies to ensure that information security progress is not lost and can be maintained over the long term. Students also learn how to gracefully transition vCISO leadership from themselves to someone else.
All the content has been delivered at this point. This session is dedicated to preparing the students for their certification examination.
Third Party Information Security Risk Management (TPISRM) (1 Lesson/2 Hours)
More than half of all information security incidents are caused directly or indirectly by third parties. In this Chapter, students will learn how to build a comprehensive third-party information security risk management program from building an inventory of third-party relationships to risk management and contract requirements.
Students will use S2Vendor to conduct third-party information security risk management activities for demonstration; however, S2Vendor-specific skills are not required for CvCISO certification.
Incident Management (2 Lessons/4 Hours)
Information security incidents are a certainty that all information security leaders need to be prepared for. In this chapter, students will learn how to build functional incident management capabilities and integrate them into an organization seamlessly.
Asset Management (2 Lessons/4 Hours)
It’s only logical that we can’t protect what we don’t know we have. Students learn how to build and maintain effective asset management programs in this chapter.
Risk assessment is only one part of the risk management process. Learning how to use a risk assessment is where skill and experience are put to the test. Risk decisions must be made and resources must be allocated to enact the decisions. This chapter teaches students how to build, communicate, and adjust information security roadmaps.
Building a Roadmap (2 Lessons / 4 Hours)
Risk Assessment (3 Lessons/6 Hours)
In previous chapters, the vCISO should have established effective communication, determined (and assigned) roles, and established responsibilities. This chapter leverages previous work to conduct a comprehensive, objective, and measurable information security risk assessment. Students will learn how to lead an information security risk assessment and use SecurityStudio’s S2Org to conduct one.
NOTE: Although S2Org is used in the class, CvCISO certification is NOT dependent upon using any SecurityStudio product.