This course is intended for students with an interest in designing and leading cybersecurity organizations or operating in functions that need to work closely with security teams. Beginning with a focus on strategy and guiding principles, the course then moves into organizational structure and specific roles and duties required to address the cybersecurity needs of different organizations. Core concepts of risk management are introduced and used to frame modules on cyber risk management and oversight. Finally, cyber risk governance is studied with a focus on both internal oversight structures and Board-level interaction.