Cambridge
Academy
In London
Course Description
Introduction
Cybersecurity Directors must anticipate evolving threats, govern cyber risk across the enterprise, and lead decisive incident response while maintaining business resilience. This advanced program equips leaders with practical frameworks to strengthen cyber risk management, build resilient operating capabilities, and lead high-stakes incidents with clear governance, communication, and recovery discipline.
Course Objectives
By the end of this course, participants will be able to:
· Establish an enterprise cyber risk management approach aligned to strategy and risk appetite
· Strengthen resilience through preparedness, continuity, and recovery planning
· Lead incident response with clear roles, decisions, and executive communications
· Manage third-party, cloud, and operational technology risks within a unified approach
· Develop meaningful security metrics, dashboards, and reporting for leadership and boards
· Implement continuous improvement through post-incident learning and program maturity planning
Target Audience
This course is designed for:
· Directors/Heads of Cybersecurity and Information Security leaders
· Cyber risk, GRC, and resilience professionals supporting security governance
· SOC managers, incident commanders, and security operations leaders
· IT leaders responsible for infrastructure, cloud, and identity platforms
· Risk, compliance, internal audit, and business continuity leaders involved in cyber resilience
Course Outlines
Day 1: Advanced Cyber Risk Management & Governance
· Cyber risk landscape: threat actors, attack paths, and business impacts
· Cyber risk governance: roles, decision rights, escalation, and accountability
· Risk appetite and tolerances: defining and operationalizing cyber risk limits
· Risk assessment methods: scenarios, critical asset focus, and control maturity
· Activity: Build a cyber risk register + heatmap and prioritize top enterprise risks
Day 2: Resilience Engineering, Preparedness & Crisis Coordination
· Resilience concepts: availability, integrity, recoverability, and business continuity alignment
· Preparedness building blocks: playbooks, runbooks, tabletop planning, and readiness metrics
· Detection and response maturity: SOC operating model and coverage gaps
· Crisis coordination: legal, PR, HR, vendors, and executive leadership integration
· Workshop: Design an incident readiness plan (roles, triggers, timelines, and communications)
Day 3: Incident Leadership & Decision-Making Under Pressure
· Incident command structures: roles, handoffs, and decision logs
· Triage and containment strategy: prioritizing actions and minimizing blast radius
· Executive communication: situation reports, uncertainty management, and decision asks
· Regulatory and notification considerations (overview) and evidence preservation basics
· Practical activity: Live incident simulation (ransomware scenario with timed injects)
Day 4: Managing Complex Risks: Third-Party, Cloud & OT
· Third-party cyber risk lifecycle: due diligence, contract controls, monitoring, and exit
· Cloud risk management: shared responsibility, identity, configuration, and logging priorities
· Operational technology (OT) and critical systems: segmentation, safety, and resilience implications
· Integrating risks into one view: cross-domain controls and assurance planning
· Case study: Supply-chain compromise response and mitigation program design
Day 5: Metrics, Reporting & Continuous Improvement
· Security metrics that matter: KRIs, KPIs, leading indicators, and outcome measures
· Board and executive reporting: clear narratives, trends, and investment recommendations
· Post-incident reviews: root cause, lessons learned, and control improvement tracking
· Program maturity roadmap: priorities, sequencing, funding logic, and capability building