Module 3 Overview

Theme

Vulnerability prioritization

Essential Question

Which weaknesses matter most now?

Module Components

• Book prose: conceptual framing, domain scenario, methods, and failure modes

• Assignment: evidence-backed production of a specific artifact

• Slides: presentation sequence for seminar or lecture delivery

• Narration: spoken version of the slide flow

• Instructor notes: facilitation plan, discussion prompts, and grading cues

• Rubric: criteria for evaluating the module artifact

• Notebook: executable lab aligned with the module theme using synthetic asset risk records with exposure, vulnerability severity, control strength, threat activity, and business impact

Module Artifact

cyber risk assessment package with scoring rationale, treatment plan, and executive dashboard focused on vulnerability prioritization: Prioritize vulnerabilities with contextual features.

Professional Setting

Students work as if advising a cyber risk committee prioritizing mitigation across assets with different exposure and business value. Their work must be intelligible to CISO, risk officer, system owner, auditor, and executive sponsor.