Cybersecurity has become a defining business challenge of the digital era. Today's Chief Information Security Officers must do far more than protect technology assets; they must lead enterprise risk management efforts, strengthen organizational resilience, govern emerging technologies, and effectively communicate with executives, boards, regulators, and stakeholders.
The Carnegie Mellon University Chief Information Security Officer (CISO) Certificate Program prepares current and aspiring security leaders to operate at the intersection of business strategy, cybersecurity, technology, risk management, and organizational leadership. Developed by Carnegie Mellon University's Heinz College and the Software Engineering Institute (SEI), the program equips participants with the frameworks, tools, and leadership skills required to lead modern cybersecurity organizations in an increasingly complex threat environment.
Through an interdisciplinary curriculum, participants explore critical topics including cyber risk management, operational resilience, supply chain risk, incident response, cyber law, security operations, governance, cyber economics, security architecture, cloud security, software and product security, threat intelligence, AI security and governance, agentic AI assurance, and AI-enabled cyber defense. Throughout the program, participants learn how to align cybersecurity strategy with business objectives, quantify and communicate risk, build high-performing security organizations, and drive informed executive decision-making.
A hallmark of the program is its long-standing team-based practicum, which provides participants with the opportunity to apply program concepts to a complex, real-world cybersecurity challenge. Working in collaborative teams and supported by experienced CISO mentor industry practitioners, participants develop and present strategic recommendations for a project organization. The practicum serves as an integrating experience that brings together key program themes while strengthening executive leadership, stakeholder engagement, strategic thinking, and board-level communication skills.
The program is delivered through a blend of live synchronous instruction, in-person residencies, guest lectures, and applied learning experiences. This format provides executives with the flexibility of remote participation while maintaining direct engagement with Carnegie Mellon faculty, industry experts, and peers. In-person residency sessions at Carnegie Mellon University provide opportunities for immersive learning, executive networking, collaboration, and participation in a formal graduation ceremony.
Designed for experienced cybersecurity, technology, and risk management professionals, the program brings together a cohort of accomplished leaders who typically possess significant management and leadership experience. The result is a highly interactive learning environment that fosters peer learning, professional networking, and the exchange of leading practices across industries and sectors.