Overview
Learn why cybersecurity failures occur and recur in your organization and how to remediate them. Identify the economic investments that produce security successes. Develop a practical framework for measuring security and its driving factors.
Organizations face daily cybersecurity risks, such as ransomware, data leaks, and compromised emails. Often, the focus is on compliance with industry standards rather than addressing internal vulnerabilities. Effective security requires understanding the incentives for stakeholders, not just relying on technology.
This course covers key economic concepts to present security incentives within organizations and the broader ecosystem of suppliers, customers and IT providers. It examines the reasons behind recurring cybersecurity failures and uses case studies to explore and prevent these lapses. You'll learn to identify essential economic investments for security, to allocate resources efficiently, and make informed decisions balancing security needs with financial constraints.
Furthermore, the course covers the critical aspect of measuring security. Accurate measurement is essential to determine the effectiveness of your policies and identify best practices. Without it, investments are based on inputs like maturity frameworks and compliance rather than actual outcomes. Our course provides a causal framework for understanding security incidents, drawing on numerous empirical studies that show how specific interventions and policies impact security. You will learn to develop and evaluate metrics and KPIs related to your security initiatives. This framework will help you track progress, identify areas for improvement and demonstrate the value of your security investments to stakeholders.
With new laws like NIS2 requiring cybersecurity training, this course is ideal for professionals in IT management, auditing, compliance, risk governance and related fields. By the end, you'll be prepared to proactively address cybersecurity challenges and enhance your organization's resilience against threats.
What You'll Learn
After completion of the course, participants are in a position to:
- Explain why certain security failures occur and persist in organizations
- Identify the incentives that can help prevent security failures
- Use a causal framework for security incidents that helps to develop metrics for the factors that increase or decrease the risk of failure
- Distinguish supposed “best practices” from actual evidence on which security measures are effective
Details
Course Syllabus
Week 1:
In this week we will introduce the concepts of cybersecurity economics, the associated costs, and decision making involved.
Topics covered in this week:
- Introduction to the program and course specific topics
- Explanation of the costs of security failures
- Discussion of security decisions at the margins
Week 2:
This week’s focus is on the different aspects of market failures. We will explain effects of both negative and positive externalities, and how information asymmetry could play a role.
Topics covered this week:
- The effects of negative externalities
- Understanding positive externalities
- Explanation of information asymmetry
Week 3:
In this week we wrap up the economic foundations by looking at market power and its effects on security. We also describe the role that governmental interventions play and how those could lead to failures.
Topics covered this week:
- Explaining monopolies and market power
- Understanding governmental failures
Week 4:
In this week we will introduce a causal framework for thinking about the relationship between attacks, security, exposure, compromise and harm. This provides the foundation for thinking about measurement. We will also discuss the effect that different study sizes have on results and how to measure compromise.
Topics covered this week:
- Introduction to the causal model
- Explaining sample size effect on results
- Measuring compromise
Week 5:
The focus of this week will be on key measurement variables associated with cybersecurity. We will look at how to measure harm, why exposure is important for a measurement study, and how threat levels vary.
Topics covered this week:
- Measuring harm
- The importance of exposure
- What is threat and how is it measured
Week 6:
In this final week, we discuss what security data is available and look at a specific case study, where the previously introduced concepts are put to work.
Topics covered this week:
- Recognizing different types of security data
- Applying the concepts to a real-life case study
Qualifications
Certificates
If you successfully complete this course you will earn a professional education certificate and you are eligible to receive 2.5 Continuing Education Units (CEUs).
Admission
This course is primarily geared towards working professionals.
Prerequisites:
None
Contact
If you have any questions about this course or the TU Delft online learning environment, please visit our Help & Support page.