Pedestrians walk past Harvard University John F. Kennedy School of Government in Cambridge, Massachusetts on Tuesday, December 15, 2009.
|

Looking to jump start your legal technology career but don't know how? Jared Coseglia of TRU Staffing Partners writes a monthly column on certifications to know and training to acquire in the industry for Legaltech News. This month's piece takes a look at HarvardX's “Cybersecurity: Managing Risk in the Information Age” course.

The demand for cybersecurity talent in today's legal technology job market far outweighs the available supply. Employers will have to both up-level their existing human capital as well as acquire external talent resources to stay current and compliant. While certifications like the ISACA's CSXP, the OSCP and SANS' GIAC portfolio all address various and often niche areas of technology-focused security training and education, a new offering from Harvard University's Office of the Vice Provost for Advances in Learning (VPAL) aims to target a different audience, one that is more focused on leadership than hands-on security technology management.

HarvardX is the strategic online learning initiative overseen by VPAL, which since 2012 has brought the best of the university's various schools to learners across the world. This new course, titled “Cybersecurity: Managing Risk in the Information Age” is “for anyone in the world who wants to learn the tools for managing cyberrisk,” says Eric Rosenbach, co-director, Belfer Center for Science and International Affairs, at the Harvard Kennedy School.

The nine-week online intensive is taught by practitioners and designed for those who desire to be practitioners. Rosenbach, former chief of staff for the U.S. Department of Defense and cybersecurity czar under the Obama administration, brings trench warfare experience and perspective to the curriculum. The student body of nearly 800 graduates in the less than eight months of program delivery hail predominantly from the private sector—almost 70 percent. Most of the students are not IT or technology staff. “This program is really geared to people in managerial or leadership positions who are trying to improve their understanding on cyberrisk,” states Rosenbach.

As cyberrisk management becomes a fundamental part of business operations, understanding and mitigating risk has become an essential skill for business leaders, thought leaders, sales professionals, attorneys, as well as the security technology specialists. Current and past students include executives from various verticals including logistics, pharmaceuticals, transportation, banking and even television news reporters. One notable area of leverage for this education has demonstrably been in the legal sector. “A lot of lawyers, even partners in firms, many of whom are trying to build a security practice or understand the nonlegal aspects of security, are graduates,” says Rosenbach.

During the course, students will be shown how to critically analyze an organization's risk profile, not only taking into account possible threats, but also the governance structure and systems that have, or have not, been put in place to manage cyberrisk. Students will also learn recommended strategies for responding to a cyberattack, understand the legal regulations that ensure organizations remain compliant with reporting requirements and ultimately develop the appropriate knowledge to design and successfully implement a risk mitigation strategy for an organization.

“We start the class by assuming no student knows anything about how the internet works,” says Rosenbach, “and we end the program with students designing a real risk strategy plan for their organization. We want all the students to take something away at the end of the program that has real value. Something they learned, yes, but more importantly, something they can implement.”

The first week is a pure orientation module to acclimate students to the online campus. The following eight weeks break down into intensives on cybersecurity risk as business risk; identifying the threats to an organization; identifying important business systems and assets; the crucial role of leadership in managing cyberrisk; understanding your technology; cyberrisk and the law; incident response and accountability; and designing and implementing a mitigation strategy.

The time commitment for the course is nine consecutive weeks. It is currently offered five to six times a year and generally requires an additional eight to 15 hours a week for getting the work done. Much of the education is delivered via video and group chats, but there are assignments every week that have deadlines and need to be finished on time.

The course is very interactive. Students have an assigned teaching assistant who is available to them throughout the course in real time. This distinguishes the HarvardX course and approach from many other online education or certification offerings. It is not self-guided. Multiple assignments are given each week with deadlines that week. Several quizzes are given a week. Assignments are graded. “You can fail the class,” admits Rosenbach.

“Students walk away from this with a certificate from Harvard,” he adds. “We take that brand backing and recognition seriously and deliver the caliber of education and graduates you would expect from Harvard.”

The Harvard branding is more than a bolster of credibility for the program or its graduates. It is also inclusion into an elite group of alumni. “It has been interesting to see how people who have been through the course become part of a social network with other graduates, all of whom come from diverse backgrounds and job roles,” observes Rosenbach. This course is not only providing education, it is slowly creating a community of professionals who value the training and the connectivity with others who have received it. Graduates in this community are finding themselves able to connect meaningfully with other graduates and thus create trusted relationships.

The course costs only $2,800 per student, a wildly low price compared to many other Harvard short course offerings. For successful graduates of the program, a premier certificate is awarded by Harvard University's Office of the Vice Provost for Advances in Learning, in association with HarvardX. Parting advice from Rosenbach for future students is quite pointed: “There are times in your life that you know doing something makes you a better, more marketable professional. This is one of them. Grit your teeth, know that you are learning, and get it done.”

Jared Coseglia is the founder and CEO of TRU Staffing Partners, an Inc 5000 Fastest Growing American Company 2016 & 2017 and National Law Journal's #1 Legal Staffing Agency, and has over 15 years of experience representing thousands of professionals in e-discovery, cybersecurity and privacy throughout the world.