Skip to main content
Cyber Threats in Cybersecurity Risk Management

Cyber Threats in Cybersecurity Risk Management

$349.00
Your guarantee:
30-day money-back guarantee — no questions asked
How you learn:
Self-paced • Lifetime updates
Who trusts this:
Trusted by professionals in 160+ countries
Toolkit Included:
Includes a practical, ready-to-use toolkit containing implementation templates, worksheets, checklists, and decision-support materials used to accelerate real-world application and reduce setup time.
When you get access:
Course access is prepared after purchase and delivered via email
Adding to cart… The item has been added

This curriculum spans the design and governance of threat-informed risk programs comparable to multi-workshop advisory engagements, covering intelligence integration, architectural controls, third-party risk, and board-level reporting as practiced in mature cybersecurity organizations.

Module 1: Defining the Cyber Threat Landscape in Risk Context

  • Selecting threat intelligence sources based on industry sector, geographic footprint, and adversary targeting patterns
  • Differentiating between opportunistic threats and targeted threats when scoping risk assessments
  • Integrating MITRE ATT&CK framework into risk modeling to map adversary tactics to organizational vulnerabilities
  • Deciding whether to classify threats by vector (e.g., phishing, supply chain) or by actor type (e.g., APT, insider)
  • Adjusting threat assumptions based on recent breach data from peer organizations in regulatory filings
  • Aligning threat definitions with NIST Cybersecurity Framework and ISO 27005 risk language for audit consistency
  • Evaluating the relevance of zero-day exploit availability in underground markets for high-value assets
  • Documenting threat scenarios with specific preconditions, triggers, and expected impact pathways for board reporting

Module 2: Integrating Threat Intelligence into Risk Assessment

  • Designing ingestion pipelines for STIX/TAXII feeds from commercial and ISAC providers
  • Mapping threat indicators (IOCs) to existing asset inventories and vulnerability management data
  • Assigning confidence and relevance scores to threat intelligence to prioritize risk treatment
  • Automating correlation between SIEM alerts and threat actor TTPs using Sigma rules
  • Deciding when to pivot from volumetric threat data to focused adversary behavioral analysis
  • Calibrating risk likelihood estimates using historical attack frequency and actor capability assessments
  • Establishing feedback loops from SOC investigations to refine threat intelligence requirements
  • Documenting threat scenario assumptions in risk registers for internal audit validation

Module 3: Threat-Informed Defense Architecture

  • Selecting security controls based on known adversary bypass techniques for critical systems
  • Hardening Active Directory based on observed privilege escalation paths in red team reports
  • Designing network segmentation to limit lateral movement aligned with attacker dwell time data
  • Implementing logging requirements specifically to detect credential dumping and pass-the-hash attacks
  • Configuring EDR telemetry collection depth based on forensic needs for incident reconstruction
  • Choosing multi-factor authentication methods resistant to phishing and SIM-swapping seen in peer breaches
  • Deploying deception technologies at locations matching common attacker discovery behaviors
  • Validating cloud security group rules against known public cloud exploitation patterns

Module 4: Governance of Threat Modeling Processes

  • Standardizing threat modeling methodology (e.g., STRIDE, PASTA) across development teams
  • Assigning ownership for threat model updates at each phase of the SDLC
  • Requiring threat model artifacts as gate criteria for production deployment approvals
  • Integrating threat model outputs into automated security test case generation
  • Training architects to identify trust boundary violations in microservices designs
  • Reconciling conflicting threat model findings between application and infrastructure teams
  • Archiving threat models with version control for regulatory examination and breach root cause analysis
  • Measuring remediation rates of identified threats to assess program effectiveness

Module 5: Operationalizing Cyber Threat Risk Metrics

  • Defining risk exposure thresholds based on threat actor capability and asset criticality combinations
  • Calculating time-to-detect and time-to-respond metrics using real incident data and threat dwell times
  • Weighting risk scores by threat relevance rather than vulnerability severity alone
  • Reporting risk heat maps that overlay threat activity trends with control effectiveness ratings
  • Setting escalation triggers for threat-based risk indicators to activate crisis management protocols
  • Normalizing risk metrics across business units with different threat profiles for executive review
  • Validating risk model assumptions against actual breach outcomes in the industry
  • Aligning risk tolerance statements with cyber insurance policy terms and threat coverage

Module 6: Third-Party Threat Risk Management

  • Assessing vendor risk based on their exposure to supply chain attacks and software dependencies
  • Requiring evidence of threat monitoring in critical suppliers’ SOC operations
  • Conducting penetration tests on third-party APIs used for core business processes
  • Negotiating contractual clauses for threat information sharing during joint incidents
  • Mapping vendor systems to MITRE ATT&CK techniques relevant to supply chain compromises
  • Implementing network-level controls to limit blast radius from compromised vendor connections
  • Requiring incident response playbooks from key vendors that address known threat scenarios
  • Conducting tabletop exercises with major partners to test coordinated threat response

Module 7: Board and Executive Reporting on Threat Risk

  • Translating technical threat data into business impact scenarios for financial forecasting
  • Selecting key threat risk indicators (e.g., rising ransomware targeting, credential leaks) for dashboard inclusion
  • Calibrating risk appetite statements to reflect evolving threat actor motivations and capabilities
  • Presenting threat trends with comparative benchmarks from industry peers and regulatory bodies
  • Documenting risk treatment decisions when accepting threats due to cost or operational constraints
  • Aligning cyber threat narratives with enterprise strategic risks in ERM reports
  • Preparing Q&A briefings for executives anticipating regulator and auditor questions on threat posture
  • Updating risk scenarios quarterly based on threat intelligence updates and incident data

Module 8: Incident Response Preparedness for Advanced Threats

  • Designing playbooks for specific threat scenarios like domain controller compromise or ransomware deployment
  • Pre-staging forensic toolkits and decryption resources for known ransomware families
  • Conducting purple team exercises to validate detection and response to living-off-the-land attacks
  • Establishing secure external communication channels for use during attacker surveillance
  • Pre-authorizing system isolation procedures to reduce decision latency during active breaches
  • Validating backup integrity and restoration timelines under threat of data wiper malware
  • Coordinating with external CSIRTs and law enforcement prior to incidents for faster activation
  • Storing offline credentials for emergency access when identity systems are compromised

Module 9: Regulatory Compliance and Threat-Based Controls

  • Mapping threat scenarios to specific requirements in GDPR, HIPAA, or SEC cybersecurity rules
  • Documenting threat rationale for control selections during compliance audits
  • Adjusting control implementation depth based on threat relevance to regulated data types
  • Providing threat context for exceptions taken against mandatory compliance controls
  • Aligning DFARS and CMMC requirements with known nation-state threat capabilities
  • Updating compliance risk assessments when new threats emerge against reporting systems
  • Justifying control investments using threat-driven risk reduction metrics for regulators
  • Integrating threat data into SOX ITGC evaluations for financial system access controls

Module 10: Continuous Threat Risk Monitoring and Review

  • Scheduling threat model refreshes triggered by infrastructure changes or new threat intelligence
  • Automating re-scoring of risks based on real-time threat feed updates and vulnerability exploits in the wild
  • Conducting quarterly threat review sessions with business unit leaders to validate risk assumptions
  • Retiring outdated threat scenarios that no longer reflect current adversary behaviors
  • Integrating threat data into change advisory board reviews for high-risk modifications
  • Measuring mean time to threat detection across environments to identify monitoring gaps
  • Updating risk treatment plans when threat actor capabilities evolve beyond existing controls
  • Archiving threat assessment decisions for future forensic and litigation purposes
!