Cybersecurity & Privacy Law Certificate

About Mitchell Hamline’s Cybersecurity and Privacy Law Certificate:

  • Cost $7,500, this program also does not qualify for Federal Financial Aid.
  • Anyone can enroll in the program if you live in an eligible state.
  • Grading for course is on a Pass/Fail basis, there is a final exam for each course, a 75% is needed to pass the course. Pretty simple and straightforward.


  • Information and Privacy Law
  • Information Governance and Security Risk Management
  • Information Technology Systems and Security Controls
  • Incident Management and Response
  • Liability and Enforcement Authorities


  • Do Not:
  • Take on this certificate program if you do not like to read, be prepared to spend a few hours reading through course documents.
  • Take this course if you do not have proper time management skills, some courses are only two weeks and that could include eight modules to go through in two weeks, make sure to set aside time in your schedule to dedicate to course work.
  • Do:
  • Go in with a positive mindset and be ready to learn.
  • Ask questions (there are class discussion boards to ask further questions and also instructors are great at responding back to you in a timely fashion).
  • If you have the time, do the optional assignments provided in each course it helps with applying and practicing the information you learned.
  • If you are already in the Cybersecurity career field I think this is a great program because it expands your knowledge further from a legal angle.
  • If you are transitioning to Cybersecurity this is a great course to get introduced into the field.
  • I learned a lot about Privacy Law this is a great program to familiarize yourself with what Privacy Law is, especially International Privacy Law.
  • The course content talks a lot about incidents from 2014, I would love to see recent data breaches such as Equifax deciphered.

My personal opinions of the courses in the program

Information and Privacy Law

  • Out of the five courses that were offered in this program, I can honestly say this was the hardest courses for me to comprehend the information being taught. This course teaches you about the United States federal privacy laws from a commercial perspective. A lot of the information being taught I was not familiar with in detail; I could tell you what GBLA stands for but not who enforces and what sector falls under its jurisdiction. The course also went into a little detail about international privacy laws nothing too in-depth but still good information.
  • Course Takeaways:
  • I am able to apply privacy laws to different industries.
  • I learned about each privacy law for the U.S in-depth; I had the general overview of a privacy law but not the legal do’s and dont’s of each privacy law.
  • I can now tell you what national laws regulate the collection and use of personal data, who the laws apply to, what data is regulated, notification requirements and data subjects rights when it comes to their personal data.
  • What questions an organization should ask when developing a privacy policy.
  • International privacy laws other than the EU’s GDPR.

Information Governance and Security Risk Management

  • This course was a lot easier for me because I currently work in governance in Cybersecurity, a lot of the information I practice everyday in my job duties. A great introduction to Cybersecurity overall and showing the importance of data governance. This course also goes into detail about security practices, policies, third party audits and assessments, and security frameworks. Warning: there will be a lot of information to soak in.
  • Course Takeaways:
  • I learned about security frameworks I do not currently use in my current job industry, I like this because I know I will need this knowledge later on in my career.
  • If you are interested in learning how to draft an Information Security Policy and the development process behind policies this course is a perfect introduction.
  • Strategies for Third Party/Vendor risks
  • Risk assessments (Types of assessments, risk process, and risk decision making).
  • Cyber Insurance
  • Learning about the System Development Life Cycle process.
  • How to build a cybersecurity and security awareness program.

Information Technology Systems and Security Controls

  • This was my favorite of the five courses because the learning style was different, instead of a multiple choice final exam, there are discussion posts. The instructor makes sure that you understand the course content you are learning with the discussion posts that are required for the course. The final exam is also a discussion based format for passing, so make sure you really understand the content.
  • Course Takeaways
  • I liked that the instructor gives you a detailed overview of security models and security controls at the beginning of this course. This information helps with understanding the case studies as the course progresses.
  • Be sure to dedicate more time to this course for the case studies because it will help you in the long run for passing.

Incident Management and Response

  • This was another course that I found easy because I currently practice Incident Response as apart of my job duties. The course does a great job of walking you through incident response, identifying an incident, being able to decipher an incident vs. a breach and post incident strategies. Warning: there will be a lot of information to soak in.
  • Course Takeaways:
  • Very very very detailed on incident handling testing and training.
  • You will learn about incident response policies, plans, and management.
  • Incident Management and Response Lifecycle
  • Identifying a risk and a core incident response team.
  • Investigating incident and post incident management.
  • There is a video lecture about mobile security which I found to be really interesting.

Liability and Enforcement Authorities

  • Alright, this was the second hardest course when it comes to course content. This course taught me things I did not know already so that’s probably why I found it so difficult when trying to retain the information. This course goes into detail about dealing with the legal liability organization face after breaches.
  • Course Takeaways:
  • You will learn about crisis management
  • A really good case study is provided for understanding the financial and non-financial losses organizations face after a data breach.
  • A guide for business on security to help mitigate data breaches.
  • Shareholder liability




Information Security connoisseur & Trap Music Lover.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Getting Started with Burp Suite on Ubuntu

UnitedCrowd IEO: UCT Token Sale Coming — UnitedCrowd

Richard Rushing and The Challenges of Cybersecurity Today

Why Team8 Invested in SetSail

Introducing Flux DAO — Flux: the trust-less data layer

The Breach: An Attack Scenario

Information Technology Security & Risk Management

Crypto is just a bunch of random numbers

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jordanne Barrett

Jordanne Barrett

Information Security connoisseur & Trap Music Lover.

More from Medium

TryHackMe “Yara” Walkthrough — The Cyber Defense Path

This is the Analogy I Used to Understand Buffer Overflow

How Discord is used maliciously by hackers and pentesters