Cyber Risk Management for Non-IT Managers


This course is targeted at those who need to understand the means by which we can build cyber resilience.

You may be starting out in a junior management position, or you may be an experienced manager. We all need to understand the fundamentals of how we can manage cyber risks by also comprehending what facets of cyber risk management impact upon our decision making, acts and omissions, as well as how to undertake a cyber risk quantification exercise.
What we aim to achieve, with your participation, is the provision of the knowledge and insights to enable you to go away from here today with the ability to develop your own skills and create cyber operational resilience programmes – either in part, or in whole.
During the course, there will perhaps be an elimination of some common misconceptions of cyber risk and resilience and a new way of viewing what the problem is and how to better manage the problem.
What we are not going to do is go into a detailed discussion on technology, computer science, risk models and so forth because they only form part of the overall landscape and it will remain too theoretical for you to use in a practical sense at work.
Those undertaking the course should be able to go back to their roles and meaningfully contribute to cyber risk management and resilience in a hands-on manner and that determines the format of today.


1. Introduction

2. The Psychology of Judgement and Decision Making

3. Dark Patterns

4. Non-Stochastic Cyber Risk Modelling and Network Weaknesses

5. Stochastic Modelling of Cyber Threats

6. Cyber Risk Assessment and Quantification

7. Human Factors Error Frameworks

8. Three Levels of Situational Awareness

9. Cyber Situational Awareness

10. Reflection on Learning

11. Data Use in Cyber Risk Quantification Video Overview

12. Non-Stochastic Software Video Walk-Through

13. Stochastic Modelling Software Walk-Through

14. A 49-Question Self-Test Quiz