Compare courses
Sloan School of Management

Cybersecurity Leadership for Non-Technical Executives

Add course to comparison
MIT Sloan Alumni Online: Stuart Madnick

Next dates

Jul 16—17
2 days
Cambridge, Massachusetts, United States
USD 4100
USD 2050 per day
Nov 14—15
2 days
Cambridge, Massachusetts, United States
USD 4100
USD 2050 per day


Cybersecurity is a source of frustration for executives and government officials who spend inordinate time and worry trying to protect their data from sophisticated phishing schemes, ransomware, state-sponsored hacking. However, cybersecurity issues are not purely a technology problem—they are multi-headed hydras that need to be addressed with a multi-disciplinary approach. This timely new program provides general managers with a holistic approach to keeping your company secure.

On the surface, a ransomware attack that effectively locks up your organization’s data is a technical one: Can the data be unlocked, and how fast? But embedded within it is a host of management problems as well, including decisions about whether to pay the ransom, how your organization should operate if its data remains locked, and whether new policies are required to respond to similar issues in the future. In today’s landscape of escalating cybercrime, cybersecurity is not the Chief Information Security Officer’s responsibility alone—it is everyone’s job. Getting ahead of hackers and other security risks requires the active engagement of non-technical management, as well as an overall commitment to building a cybersecurity culture within your enterprise. Cybersecurity Leadership for Non-Technical Executives is a new program that provides leaders and managers (non-CISOs) with frameworks and best practices for managing cybersecurity-related risk. Program content includes lectures, highly interactive discussions, and case studies related to:

  • Overall cybersecurity awareness
  • The role of non-tech leaders in cybersecurity management
  • Actionable ideas to increase cyber resilience
  • How to measure the organization's cyber-safety level—and how it is changing over time

The course also draws from the U.S. Commerce Department’s National Institute of Standards and Technology (NIST) Framework for policy and management planning—a flexible and cost-effective approach to protecting critical infrastructure.


You will leave this program with:

  • A framework for how to keep an organization secure
  • An understanding of what cybersecurity leadership looks like—and what you can do right now
  • A model for building a robust culture of cybersecurity at your organization
  • The latest research and thinking on measuring an organization’s cybersecurity readiness



  • 8:00 AM - 9:00 AM Breakfast and Registration
  • 9:00 AM - 10:30 AM Session 1: What Managers Need to Know about Cybersecurity
  • 10:30 AM - 12:00 PM Session 2: Proactive Cybersecurity Management
  • 12:00 PM - 1:00 PM Networking Lunch
  • 1:00 PM - 2:30 PM Session 3: Managing Risk
  • 2:30 PM - 4:00 PM Session 4: Building a Cybersecurity Culture
  • 4:00 PM - 6:00 PM Networking Reception


  • 8:00 AM - 9:00 AM Breakfast
  • 9:00 AM - 10:30 AM Session 1: You’ve been Hacked: Now What? (Exercise)
  • 10:30 AM - 12:00 PM Session 2: Ethics in Cybersecurity
  • 12:00 PM - 1:00 PM Networking Lunch
  • 1:00 PM - 2:30 PM Session 3: Governance of Cybersecurity
  • 2:30 PM - 4:00 PM Session 4: Building Your Cybersecurity Plan
  • 4:00 PM - 4:30 PM Program Conclusion

Who should attend

The intended audience for this program includes general managers, executives, and VP’s looking to learn managerial skills and strategy. This program is not for technical executives and senior security leaders (CISOs).

Why is this course is designed for general managers and not for security leaders?

General managers need to be knowledgeable participants in cybersecurity discussions and activities. Cybersecurity decisions made by the security teams can have direct impact on business opportunities and processes. Without being knowledgeable about the basic cybersecurity issues, a general manager risks his or her business. No one wants their business options limited because of security decisions made without them, and decisions made about cybersecurity can and often do impact options available to the general manager. Further, since keeping data and system secure is in everyone’s best interest, it’s critical for general managers to know the language and the basic cybersecurity frameworks to inform their decisions.


Michael Siegel is a Principal Research Scientist at the MIT Sloan School of Management and is currently the Co-Director of the PROductivity from Information Technology (PROFIT) Project.  Siegel’s research interests include the integration and use of information from multiple and the use of modeli...
Stuart Madnick is the John Norris Maguire Professor of Information Technologies at the MIT Sloan School of Management, a Professor of Engineering Systems at the MIT School of Engineering, and the Founding Director of Cybersecurity at MIT Sloan: the Interdisciplinary Consortium for Improving Criti...
Keri Pearlson is the Executive Director of the Cybersecurity at MIT Sloan: The Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity (IC)3 at the MIT Sloan School of Management. Pearlson has held positions in academia and industry including Babson College, The Univers...


Detailed Description
Detailed Description
Show more