FAQs

At this time, we have six trainings scheduled for 2026 – see dates for each program below:

• AI: May 27 – 28, 2026
• ISC: May 27 – 28, 2026
• Cloud Security: May 29 – 30, 2026
• Cyber Resilience: May 29 – 30, 2026
• CISO: June 1 – 6, 2026 (includes CLP)
• CLP: June 5 – 6, 2026

To be eligible to register, candidates should have a minimum of 5 years work experience, however 7 – 10 years of experience is preferred. The program will be delivered in English so competency of English is required.

If you see yourselves among the following categories of candidates, then this program is for you: 

• Executives and managers (e.g.,Chief Security Officers/Directors, Chief Risk Officers/Directors, Chief Information Officers/Directors, Chief Technology Officers/Directors, Chief Financial Officers/Directors, etc.) who are interested in understanding the role and functions of a CISO and cybersecurity operations.
• Executives and managers that aspire to become CISOs.
• Current CISOs that would like to enhance their knowledge on emerging trends in cybersecurity.
• Board of Directors who have an interest in cybersecurity functions for governance and oversight purposes.
• Senior managers who need to receive briefings from CISOs.
• Financial managers responsible for overseeing information security expenditures.
• Lawyers who need to provide guidance on cyber security risks.
  Policy analysts and government officials whose work is at the intersection of policy and cyber security.
• Cover travel and hotel expenses for the in-person offerings, or attend virtually if such option is available.
• Pay the tuition fee before the program starts.

Studies have shown a large deficit in qualified cybersecurity professionals globally.  There are also shortages in experienced CISO’s that understand cybersecurity operations from a holistic perspective.  A large number of CISO’s traditionally are promoted internally from IT organizations and while they may have technical competency, they are typically placed into CISO roles without an understanding of broader business requirements to meet and brief Board of Directors, senior executives (CEO, CFO, etc.), how to develop and implement strategic plans, how to perform and excel in risk management and compliance efforts, how to identify and manage budgets, mentor and lead teams, communicating effectively to the board, external constituents, and more. This lack of knowledge impacts the CISO’s ability to provide the most optimal advice and guidance to the organization and may lead to risk impact without appropriate training and education.

The US Securities and Exchange Commission (SEC) has implemented Rules on Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure by Public Companies.

“The rules will require registrants to disclose on the new Item 1.05 of Form 8-K any cybersecurity incident they determine to be material and to describe the material aspects of the incident’s nature, scope, and timing, as well as its material impact or reasonably likely material impact on the registrant. An Item 1.05 Form 8-K will generally be due four business days after a registrant determines that a cybersecurity incident is material. The disclosure may be delayed if the United States Attorney General determines that immediate disclosure would pose a substantial risk to national security or public safety and notifies the Commission of such determination in writing. The new rules also add Regulation S-K Item 106, which will require registrants to describe their processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats, as well as the material effects or reasonably likely material effects of risks from cybersecurity threats and previous cybersecurity incidents. Item 106 will also require registrants to describe the board of directors’ oversight of risks from cybersecurity threats and management’s role and expertise in assessing and managing material risks from cybersecurity threats”.

Our suite executive certificate Programs provides this education and prepares executives, governmental officials, and directors to fulfill their roles as required by the SEC rule.

The fees for attending the executive cybersecurity certificate programs cover the instruction during the program and any course materials. The tuition for the CISO program includes the admission to the CLP program and course materials.

Please see the tuition for each program below:

• AI: $3,000
• ISC: $3,000
• Cloud Security: $3,000
• Cyber Resilience: $3,000
• CISO: $10,000
• CLP: $3,000

Please note: the cost of accommodations and travel are not included in the tuition rate. Tuition payment should be paid in full prior to the program start date.

Sponsored by our program partner, Paladin Capital Group, the Paladin Scholarships support exceptional cybersecurity leaders from limited-resource environments. These scholarships provide partial tuition assistance; travel expenses are not included. If you are interested, email us at ExecEd_Pratt@duke.edu.

Flexible payment installment plans are available upon request. If you are interested in creating a payment plan for the programs, please email us at ExecEd_Pratt@duke.edu.

If you are not able to make a session due to a conflict, please let us know as soon as possible. 

If you can no longer attend a program, requests for withdrawing must be sent in writing to the program director and the Duke Cybersecurity team. If you withdraw from a program more than 21 calendar days prior to the start date of the program, you will receive a 100% refund. If you withdraw from a program between 7 and 21 calendar days prior to the program, you will receive a 50% refund. If you withdraw less than 7 days prior to the program, you will forfeit the full payment amount. Refunds will be made to the party who paid the relevant program invoice. 

Should you not be able to participate due to factors beyond their control (e.g. visa issues, family emergency, work emergency, etc.), you may elect (pending any necessary sponsor approvals) to credit the payment towards the following program cycle. If you would not like to take advantage of the deferral policy, you may request a refund. Refunds will be made to the party who paid the relevant program invoice.