Overview

Cyber risk is one of the defining governance challenges facing today’s executives—yet most organizations still manage it as a technical problem owned by IT, isolated from the enterprise risk conversation. This program teaches senior leaders to govern cyber risk in the language they already use to run the business: exposure, likelihood and impact, controls, accountability, and return on mitigation.

The course is anchored in the Nexus of Risk framework developed by M. K. Palmore, which holds that cyber risk is causally connected to physical and human capital risk, and that the most damaging exposures emerge at the intersections that siloed assessments miss. Participants learn to quantify cyber exposure in business terms, trace how a cyber event cascades across operational, financial, regulatory, and reputational domains, and ask sharper questions of their security teams. The result is an executive who can govern cyber risk as an enterprise risk—confidently, and without a technical background.

Download Brochure

Registration Information

CertificateLocationDateTypeCostRegister
Cyber Risk Management for ExecutivesPhoenix, AZFebruary 25-26, 2027In-Person/ Online$1,500Register
Cyber Risk Management for ExecutivesPhoenix, AZSeptember 23-24, 2027In-Person/ Online$1,500Register

Who Should Attend?

signpost sample 4-1

C-suite executives and senior leaders

(CEOs, COOs, CFOs, general counsel) Who are accountable for enterprise risk but do not come from a technical background.

A woman in a maroon top leads a discussion with colleagues during a meeting in a conference room.

Board and audit committee members

Responsible for cyber oversight, disclosure, and the integrated risk picture that siloed reporting fails to provide.

Three colleagues sitting at a conference table collaborating and looking at their laptops in a modern office space.

Public-sector and public-safety executives

(agency directors, superintendents, chiefs, and their deputies) Protecting critical operations, sensitive data, and public trust with constrained resources.

Key Benefits

  • Govern cyber risk using established risk-management discipline—likelihood, impact, velocity, and exposure—rather than technical jargon.

  • Apply the Nexus of Risk lens to see how cyber risk connects to physical and human capital risk, where the costliest exposures actually originate.

  • Quantify and prioritize cyber exposures in business terms—dollars, downtime, and trust—to support defensible resource-allocation decisions.

  • Trace how a single cyber event cascades across operational, financial, safety, compliance, and reputational domains.

  • Strengthen oversight of regulatory, disclosure, and accountability obligations arising from a cyber incident.

  • Establish the governance cadence—reporting, metrics, and cross-functional committees—that keeps cyber risk visible at the executive table.

  • Recognize the “cost of silos”—gap exposure at the seams, conflicting recommendations, and the leadership blind spots that create false assurance.

  • Ask sharper, better-informed questions of CISOs, security teams, and third-party vendors, and interpret the answers with confidence.

Curriculum

The program will use presentations, small group discussions, and interactive sessions to cover the following topics:

  • Cyber risk as enterprise risk: translating technical exposure into the language of governance, likelihood, and impact
  • The Nexus of Risk framework: how cyber risk connects causally to physical and human capital risk
  • The cost of silos and the case for an integrated risk picture

  • The threat landscape in executive terms—ransomware, business email compromise, insider threat, third-party and supply-chain risk, and AI-enabled threats
  • Cyber risk quantification and prioritization: scoring exposure by likelihood, impact, velocity, and interconnectedness

  • Governance and accountability: the executive and board role in cyber oversight
  • The regulatory and disclosure environment, including breach notification and director/officer exposure
  • Incident response and crisis leadership across cyber, physical, and human dimensions
  • A working case study traced end-to-end through the framework
  • The executive's playbook: the questions to ask and the reporting cadence to maintain

Faculty

Thunderbird Executive Education brings together industry leaders who pair academic depth with real-world practice—and this program is led by one of them, an expert who has operated at the highest levels of their field across multiple leadership and industry roles.

Why Thunderbird for Executive Education?

With world-class faculty, flexible delivery, and a truly global perspective, we help you turn today's complex challenges into your competitive edge.
signpost image sample 3

Request more information

By providing your mobile phone number, you agree to receive text messages from Thunderbird School of Global Management. Message and data rates may apply. Message frequency varies. Reply HELP for help and STOP to cancel. By clicking "Submit" I consent to Thunderbird School of Global Management using the information above to contact me regarding my programs of interest and provide any other information I request. If you are in the European Union or another country or state that has adopted the GDPR (General Data Protection Regulation) or similar privacy protection, please also read the ASU European Supplement to ASU's privacy statement