Marc Menninger, CISSP, CRISC

As tech systems continue to grow in complexity, cybersecurity threats are becoming increasingly more effective and damaging. News headlines regularly announce enormous data breaches and sophisticated hacks. How are these attackers getting in, and what actions can you take to protect against them? In this course, Marc Menninger describes some of the most common cybersecurity threats, including phishing and ransomware, deepfakes, unmanaged Internet of Things (IoT) devices, business email… Show more

As tech systems continue to grow in complexity, cybersecurity threats are becoming increasingly more effective and damaging. News headlines regularly announce enormous data breaches and sophisticated hacks. How are these attackers getting in, and what actions can you take to protect against them? In this course, Marc Menninger describes some of the most common cybersecurity threats, including phishing and ransomware, deepfakes, unmanaged Internet of Things (IoT) devices, business email compromise, and more. He then teaches the best countermeasures for reducing or eliminating the impact of these threats. Show less

Master the skills to develop and manage security policies that protect your organization’s critical information and resources. In this comprehensive course, Marc Menninger covers every aspect of security policy creation, from foundational concepts—like policies, standards, procedures, and guidelines—to crafting clear, effective policies that align with governance frameworks like ISO 27001 and HIPAA. Explore the security policy lifecycle, learn to create security policy architecture diagrams… Show more

Master the skills to develop and manage security policies that protect your organization’s critical information and resources. In this comprehensive course, Marc Menninger covers every aspect of security policy creation, from foundational concepts—like policies, standards, procedures, and guidelines—to crafting clear, effective policies that align with governance frameworks like ISO 27001 and HIPAA. Explore the security policy lifecycle, learn to create security policy architecture diagrams, and discover how to leverage free templates and AI tools to streamline policy development. Learn to manage policy exceptions, write key policies such as Information Security, Data Protection, Acceptable Use, and Access Control, monitor compliance, and respond to violations. This course is essential for security professionals, IT personnel, and compliance officers looking to build a robust security framework that safeguards their organization’s data and systems. Show less

This course follows a proven methodology for conducting thorough and effective technical security audits and assessments based on guidelines from NIST. Learn how to develop the testing methodology essential for technical security reviews. Discover how to identify and analyze targets, use key technical testing tools, identify and mitigate findings, and more. Performing technical information security audits and assessments is essential to protecting information assets. By the end of this course… Show more

This course follows a proven methodology for conducting thorough and effective technical security audits and assessments based on guidelines from NIST. Learn how to develop the testing methodology essential for technical security reviews. Discover how to identify and analyze targets, use key technical testing tools, identify and mitigate findings, and more. Performing technical information security audits and assessments is essential to protecting information assets. By the end of this course, you'll know how to determine if your network is secure.

Learning objectives

🔹 Cite the three phases of external security assessments.
🔹 Explain the reasons for conducting a log review.
🔹 Explain what network sniffing is and why it’s used.
🔹 Describe when to use a file integrity checking tool.
🔹 Differentiate between active network discovery and passive network discovery.
🔹 Explain how to scan for vulnerabilities.
🔹 Relate the three techniques useful for validating target vulnerabilities.
🔹 Explain the four-stage methodology of conducting penetration tests. Show less

Cybersecurity continues to be one of the fastest-growing career fields, with thousands of jobs of all types going unfilled. If you’re eager to transition to a career in this vital industry but don’t know where to start, then this is the course for you.

Instructor Marc Menninger—a cybersecurity director with 20+ years of experience—explains how to use the skills and experience you already have to build a lucrative and successful career in cybersecurity.

Whether your background is… Show more

Cybersecurity continues to be one of the fastest-growing career fields, with thousands of jobs of all types going unfilled. If you’re eager to transition to a career in this vital industry but don’t know where to start, then this is the course for you.

Instructor Marc Menninger—a cybersecurity director with 20+ years of experience—explains how to use the skills and experience you already have to build a lucrative and successful career in cybersecurity.

Whether your background is in IT, security, or another field, Marc can help you identify the right cybersecurity specialization and pinpoint skill gaps. He explains how to update your cybersecurity resume and LinkedIn profile to maximize your visibility and create a strong first impression with potential employers. Marc also shares tips for increasing your chances of success in cybersecurity—both before and after you land your first job—as well as insights that illuminate the average workday of a real-world cybersecurity pro. Show less

The Annex A controls in the ISO 27001 standard are used by organizations around the world to improve their information security programs and demonstrate good security practices to others. In this second part of his two-part ISO 27001 course, instructor Marc Menninger provides a comprehensive overview of all 93 security controls in Annex A of the ISO 27001 standard. You can use this knowledge to build a better security program and prepare for compliance with the ISO 27001 standard. This course… Show more

The Annex A controls in the ISO 27001 standard are used by organizations around the world to improve their information security programs and demonstrate good security practices to others. In this second part of his two-part ISO 27001 course, instructor Marc Menninger provides a comprehensive overview of all 93 security controls in Annex A of the ISO 27001 standard. You can use this knowledge to build a better security program and prepare for compliance with the ISO 27001 standard. This course includes handy documents with recommended ways to demonstrate compliance with ISO 27001, providing you with tools you need to get started on implementing the controls to build an ISO 27001-compliant cybersecurity program.

Note: It is recommended that you start with part one, ISO 27001:2022-Compliant Cybersecurity: Getting Started, which includes background information and compliance requirements you need to know if you're serious about building an ISO 27001-compliant cybersecurity program. Show less

Discover why the ISO 27001-2022 standard is one of the most popular frameworks for building effective cybersecurity programs and learn what it takes to comply with and get certified as compliant with this standard. In this course, cybersecurity director Marc Menninger provides an overview of how to build an ISO 27001-2022-compliant cybersecurity program. Learn what this standard is and discover why it is used around the world as the guidebook for constructing information security programs that… Show more

Discover why the ISO 27001-2022 standard is one of the most popular frameworks for building effective cybersecurity programs and learn what it takes to comply with and get certified as compliant with this standard. In this course, cybersecurity director Marc Menninger provides an overview of how to build an ISO 27001-2022-compliant cybersecurity program. Learn what this standard is and discover why it is used around the world as the guidebook for constructing information security programs that work. Dive into how the standard is organized and get a description of the certification process. Explore a step-by-step plan that you can follow if you want to build a cybersecurity program that complies with the ISO 2700-2022 standard. Additionally, go over gaps and criticisms of the standard and examine ways to fill those gaps. With the information in this course, you can begin to build a cybersecurity program that is both effective and compliant with ISO 27001-2022. Show less

Demand for cybersecurity professionals has never been higher—and it's only projected to keep growing. Interested in finding a job in this exciting new field? Or simply advancing to the next level? Cybersecurity expert Marc Menninger explains how to launch and develop a successful career in cybersecurity, regardless of your background or current level of experience. Learn about the nine most common cybersecurity jobs and the duties and qualifications for each role. Learn which cybersecurity… Show more

Demand for cybersecurity professionals has never been higher—and it's only projected to keep growing. Interested in finding a job in this exciting new field? Or simply advancing to the next level? Cybersecurity expert Marc Menninger explains how to launch and develop a successful career in cybersecurity, regardless of your background or current level of experience. Learn about the nine most common cybersecurity jobs and the duties and qualifications for each role. Learn which cybersecurity certifications appear in job listings and which ones will help you get the job you want. Follow example career paths to learn how others have progressed: from IT hobbyist to help-desk technician to analyst, systems architect, and more. Marc closes with career advice specific to cybersecurity, which will help you succeed in this dynamic and high-demand industry. Show less