Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 50% Off

One plan covers every Professional Certificate on Coursera. 50% off Coursera Plus Annual for 10 days only — price increases June 17.

Unlock All Certificates

This course is designed for professionals without a technical background who manage people, data, or business operations to enhance their understanding of cybersecurity fundamentals. Learners will learn to draft an Acceptable Use Policy (AUP) and distinguish between malicious insiders and accidental negligence. The course will cover the development of a basic employee security training schedule and identify opportunities for continuous improvement in security culture and policy. Additionally, learners will construct a Cyber Emergency Call Sheet and execute the first three steps of Incident Response: Preparation, Detection, and Containment. The course will also address the importance of "disconnecting" during an attack, legal obligations regarding Data Breach Notifications, and how to formulate a report for the FBI’s Internet Crime Complaint Center (IC3). Through simulated exercises and real-world case studies, participants will apply learned concepts and analyze strengths and weaknesses in incident response strategies.

Syllabus

The Human Firewall (Culture and Policy)

This module focuses on developing a security culture within an organization by drafting Acceptable Use Policies, distinguishing between malicious and accidental insider threats, and building a no-blame reporting culture. You'll explore the psychological and organizational factors that drive both deliberate and inadvertent insider behavior, learn the basics of policy writing, and develop a practical employee security training schedule. This module builds on the social engineering and human vector content introduced in Course 1 — Introduction to Cyber Threats and Digital Hygiene Risk.

The Fire Drill (Incident Response Planning)

This module covers the essentials of incident response planning, including constructing a Cyber Emergency Call Sheet, executing the first three steps of the NIST incident response lifecycle (Preparation, Detection, and Containment), and understanding why disconnecting from a network is preferable to shutting down during an active attack. Coordination with cyber insurance and IT support is also covered. This module builds directly on the malware and ransomware anatomy covered in Course 1 — Introduction to Cyber Threats and Digital Hygiene Risk.

The Aftermath (Legal, Reporting, and Recovery)

This module addresses the legal and reporting obligations that follow a data breach. Learners will identify US state-level data breach notification requirements (international learners should supplement with local regulatory guidance), formulate a report for the FBI's Internet Crime Complaint Center (IC3), and draft a customer notification letter that preserves trust and reputation. Practical scenario exercises are included throughout.

Practical Application and Real-World Scenarios

This capstone module applies everything from the series in a single end-to-end scenario: a real-world incident that begins with a cultural failure (an employee bypassing policy), escalates into a live ransomware attack (requiring first-response decisions), and concludes with the legal and communications aftermath (breach notification and IC3 reporting). Each exercise draws simultaneously on Modules 1, 2, and 3 of this course as well as the technical foundations from Courses 1 and 2. This module is designed to surface the connections between people, process, and technology — and to help learners identify where their own organization's response would be strongest and where the gaps are.

Final Assessment

This cumulative assessment tests your knowledge across all four content modules: The Human Firewall, The Fire Drill, The Aftermath, and the Practical Application capstone. Completing it successfully earns your certificate for Course 3 and completes the full three-course cybersecurity series.