Welcome to the Cybersecurity GRC Internship

This program will give you the on-the-job training and experience you need to become a top-notch cybersecurity professional.

If you are struggling to get into the cybersecurity industry or you want to gain the knowledge and skills that will give you a competitive edge in the industry, then this is the right course for you.

START DATE: 25 January 2025

• Duration: 8 Weeks
• Internship Companies: DiaspoCare Inc. and African Diaspora Development Institute-ADDI
• Live Online Session: Saturday Morning at 10 AM EST on Zoom
• Graduation: Graduation Ceremony is held after completion of internship
  

Cybersecurity GRC Internship/Workshop Curriculum

This curriculum focuses on actionable projects for the companies the interns are assigned to. This program will impart practical knowledge and cybersecurity experience through hands-on projects, equipping interns with the skills necessary to effectively assess, develop, and implement cybersecurity principles, strategies, policies, and frameworks. This internship/workshop program ensures that interns understand the best practices, policies, and frameworks that guide cybersecurity efforts and have the hands-on skills needed to implement, manage, and respond to cybersecurity challenges effectively.

This is the curriculum for the 2024 Cybersecurity GRC Internship/Workshop

Week 0: Onboarding and Introduction to Cybersecurity GRC

• Overview and Importance of Cybersecurity GRC
• Introduction to the Internship Program
• Meet the Companies

Week 1: Governance - Policies and Frameworks

• Project 1: Review and assess the company's cybersecurity policies.
• Workshop: Introduction to cybersecurity governance frameworks.

Week 2: Risk Management - Identifying and Assessing Risks

• Project 2: Conduct a comprehensive risk assessment for the assigned company.
• Workshop: Risk assessment methodologies and tools.

Week 3: Compliance - Legal and Regulatory Requirements

• Project 3: Compliance review with cybersecurity regulations.
• Workshop: Cybersecurity laws and regulations.

Week 4: Security Architecture and Controls

• Project 4: Security controls effectiveness evaluation.
• Workshop: Implementing security controls and architecture best practices.

Week 5: Incident Response and Management

• Project 5: Develop/refine the incident response plan.
• Workshop: Incident response strategies and simulation exercises.

Week 6: Business Continuity and Disaster Recovery Planning

• Project 6: Business continuity and disaster recovery planning assessment.
• Workshop: Developing and maintaining recovery plans.

Week 7: Third-Party Risk Management

• Project 7: Assess and manage third-party risks associated with vendors and partners.
• Sub-project 7.1: Identify and catalog all third-party services and vendors.
• Sub-project 7.2: Conduct a risk assessment on selected critical third-party providers, focusing on their cybersecurity practices and implications for the company.
• Sub-project 7.3: Develop strategies and recommendations to mitigate identified risks, including contractual agreements, continuous monitoring, and establishing communication protocols for incident response.
• Workshop: Understanding third-party risk management frameworks, conducting third-party assessments, and strategies for mitigating risks.

Week 8: Cybersecurity Audit and Assurance

• Project 8: Conduct a mock cybersecurity audit, including third-party risk assessments.
• Workshop: Audit principles and conducting effective cybersecurity audits.

Final Week: Projects Finalization and Presentation

• Final Project Work: Finalizing projects with an emphasis on actionable insights and recommendations for improvement.
• Graduation and Presentation Day: Present projects to the assigned companies, focusing on comprehensive cybersecurity improvement plans that include third-party risk management strategies.