Skip to content

FAQs

Our suite of executive programs offer a range of trainings designed to equip leaders in the cybersecurity space. At this time, we have three trainings scheduled for 2025 – see dates for each program below:

  • CISO: May 19- June 25, 2025
  • CLP: May 19-21
  • ISC: March 10-11, 2025

Studies have shown a large deficit in qualified cybersecurity professionals globally.  There are also shortages in experienced CISO’s that understand cybersecurity operations from a holistic perspective.  A large number of CISO’s traditionally are promoted internally from IT organizations and while they may have technical competency, they are typically placed into CISO roles without an understanding of broader business requirements to meet and brief Board of Directors, senior executives (CEO, CFO, etc.), how to develop and implement strategic plans, how to perform and excel in risk management and compliance efforts, how to identify and manage budgets, mentor and lead teams, communicating effectively to the board, external constituents, and more. This lack of knowledge impacts the CISO’s ability to provide the most optimal advice and guidance to the organization and may lead to risk impact without appropriate training and education.

The US Securities and Exchange Commission (SEC) has implemented Rules on Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure by Public Companies.

 

The rules will require registrants to disclose on the new Item 1.05 of Form 8-K any cybersecurity incident they determine to be material and to describe the material aspects of the incident’s nature, scope, and timing, as well as its material impact or reasonably likely material impact on the registrant. An Item 1.05 Form 8-K will generally be due four business days after a registrant determines that a cybersecurity incident is material. The disclosure may be delayed if the United States Attorney General determines that immediate disclosure would pose a substantial risk to national security or public safety and notifies the Commission of such determination in writing. The new rules also add Regulation S-K Item 106, which will require registrants to describe their processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats, as well as the material effects or reasonably likely material effects of risks from cybersecurity threats and previous cybersecurity incidents. Item 106 will also require registrants to describe the board of directors’ oversight of risks from cybersecurity threats and management’s role and expertise in assessing and managing material risks from cybersecurity threats”.

 

Our suite executive certificate Programs provides this education and prepares executives, governmental officials, and directors to fulfill their roles as required by the SEC rule.

The fees for attending the executive cybersecurity certificate programs cover the instruction during the program and any course materials. The tuition for the CISO program includes the admission to the CLP program and course materials.

Please see the tuition for each program below:

  • CISO: USD $15,00
  • CLP: USD $4,000
  • ISC: USD $5,000

Tuition payment should be paid in full prior to the program start date.

Flexible payment installment plans are available. If you are interested in creating a payment plan for the CISO or ISC programs, please email us at pratt_cybersec@duke.edu. If you are interested in creating a payment plan for the CLP program, please email us at sanfordexeced@duke.edu

If you are not able to make a session due to a conflict, please let us know as soon as possible. For participants in the CISO program, session recordings will be posted to the course site and would be available for review 24-48 hours after the live session.

If you can no longer attend a program, requests for withdrawing must be sent in writing to the program director and the Duke Cybersecurity team. If you withdraw from a program more than 21 calendar days prior to the start date of the program, you will receive a 100% refund. If you withdraw from a program between 7 and 21 calendar days prior to the program, you will receive a 50% refund. If you withdraw less than 7 days prior to the program, you will forfeit the full payment amount. Refunds will be made to the party who paid the relevant program invoice. 

 

Should you not be able to participate due to factors beyond their control (e.g. visa issues, family emergency, work emergency, etc.), you may elect (pending any necessary sponsor approvals) to credit the payment towards the following program cycle. If you would not like to take advantage of the deferral policy, you may request a refund. Refunds will be made to the party who paid the relevant program invoice. 

There are limited scholarships available for alumni and partners.

Our suite of executive programs offer a range of trainings designed to equip leaders in the cybersecurity space. At this time, we have three trainings scheduled for 2025 – see dates for each program below:

  • CISO: May 19-21, 2025
  • CLP: May 19-21
  • ISC: Spring 2025

Studies have shown a large deficit in qualified cybersecurity professionals globally.  There are also shortages in experienced CISO’s that understand cybersecurity operations from a holistic perspective.  A large number of CISO’s traditionally are promoted internally from IT organizations and while they may have technical competency, they are typically placed into CISO roles without an understanding of broader business requirements to meet and brief Board of Directors, senior executives (CEO, CFO, etc.), how to develop and implement strategic plans, how to perform and excel in risk management and compliance efforts, how to identify and manage budgets, mentor and lead teams, communicating effectively to the board, external constituents, and more. This lack of knowledge impacts the CISO’s ability to provide the most optimal advice and guidance to the organization and may lead to risk impact without appropriate training and education.

The US Securities and Exchange Commission (SEC) has implemented Rules on Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure by Public Companies.

The rules will require registrants to disclose on the new Item 1.05 of Form 8-K any cybersecurity incident they determine to be material and to describe the material aspects of the incident’s nature, scope, and timing, as well as its material impact or reasonably likely material impact on the registrant. An Item 1.05 Form 8-K will generally be due four business days after a registrant determines that a cybersecurity incident is material. The disclosure may be delayed if the United States Attorney General determines that immediate disclosure would pose a substantial risk to national security or public safety and notifies the Commission of such determination in writing. The new rules also add Regulation S-K Item 106, which will require registrants to describe their processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats, as well as the material effects or reasonably likely material effects of risks from cybersecurity threats and previous cybersecurity incidents. Item 106 will also require registrants to describe the board of directors’ oversight of risks from cybersecurity threats and management’s role and expertise in assessing and managing material risks from cybersecurity threats”.

Our suite executive certificate Programs provides this education and prepares executives, governmental officials, and directors to fulfill their roles as required by the SEC rule.

The fee for attending the CISO program is USD $15,000 and includes admission into the CLP program and access to the course materials and platform. The CLP tuition is USD $4,000 and covers program instruction and course materials. The fee for attending the program is USD $5,000 and includes access to the course materials and platform.

 

Tuition payment should be paid in full prior to the program start date.

Flexible payment installment plans are available. If you are interested in creating a payment plan, please email us at pratt_cybersec@duke.edu.

If you are not able to make a session due to a conflict, please let us know as soon as possible. Session recordings will be posted to the course site and would be available for review 24-48 hours after the live session.

If you can no longer attend a program, requests for withdrawing must be sent in writing to the program director and the CISO team. If you withdraw from a program more than 21 calendar days prior to the start date of the program, you will receive a 100% refund. If you withdraw from a program between 7 and 21 calendar days prior to the program, you will receive a 50% refund. If you withdraw less than 7 days prior to the program, you will forfeit the full payment amount. Refunds will be made to the party who paid the relevant program invoice. 

 

Should you not be able to participate due to factors beyond their control (e.g. visa issues, family emergency, work emergency, etc.), you may elect (pending any necessary sponsor approvals) to credit the payment towards the following program cycle. If you would not like to take advantage of the deferral policy, you may request a refund. Refunds will be made to the party who paid the relevant program invoice. 

The CISO Executive Certificate Program is now providing scholarships for a limited number of participants. These individuals will be recognized as the Paladin CISO Scholars. To qualify, please email  the following to pratt_cybersec@duke.edu: 1) a copy of your CV/Resume, and 2) a brief explanation of why you are interested in the CISO program and how this scholarship will support your professional goals (500 words max)