Cybersecurity Foundations: Governance, Risk, and Compliance (GRC)
“Cybersecurity Foundations: Governance, Risk, and Compliance (GRC)”, taught by AJ Yaw, discussed GRC, GRC programs, frameworks, careers, and key certifications. Some of the frameworks discussed were NIST 800-39, SOC 2, HIPAA, PCI-DSS, NIST CSF, FedRamp, CSA STAR, SOX, GDPR, and ISO 27001. Foundational certifications that were recommended included CompTIA Security+ and Cloud Certifications. The instructor recommended additional key certifications such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), and Certificate of Cloud Auditing Knowledge (CCAK). This all-encompassing course also described both the technical skills and soft skills necessary for working in the field. Since the MIS program only has one major course related to cybersecurity, I wanted to take the initiative to learn more about it on my own time. I’m looking at cybersecurity as a possible career option!