What Is the CERT Certificate?

NACD and Ridge Global teamed up in 2017 with the CERT Division of the Software Engineering Institute at Carnegie Mellon University to create a course that provides a respected Cyber-Risk Oversight certificate for governance professionals.

The Program was updated in 2022 to evolve with changing threats, and the CERT certificate displays to management, customers, investors, and other stakeholders that a director is aware of current threats posed by inside and outside forces alike, and demonstrates a commitment to advanced cybersecurity literacy.

Why Should You Earn the CERT Certificate?

As a governance professional, you are expected to perform careful oversight of your organization’s assets—including financial records and private personnel information. Earning the CERT Certificate in Cyber-Risk Oversight means you’re prepared to give sound guidance and ask the right questions when cybersecurity issues come before your board.

Earning the CERT Certificate also puts you in good company. More than 700 directors and board-facing executives have completed this program and earned the certificate because they know how critical it is to demonstrate competency in cyber-risk oversight.

The Program

The CERT Certificate in Cyber-Risk Oversight program has six modules, including a cyber-crisis simulation exercise and a series of exams. Review of the materials for this self-paced program takes approximately 16 hours to complete. There are an additional possible six hours of reading, studying, reflecting, and exam taking involved in the completion of the Program. Exams must be completed within one year of registration. The CERT Certificate does not expire. Certificate holders are encouraged to revisit the course frequently to use it as a reference and to refresh their knowledge.

Emerging Issues

The content of this course is updated periodically to reflect emerging cybersecurity issues. The Emerging Issues Module is new and covers these topics:

• AI and Machine Learning
• 5G
• New Frameworks
• Cloud Applications and Security
• Supply Chain Risk
• Quantum Computing

The Benefits

Showcase your CERT Certificate on your résumé and in your LinkedIn profile to demonstrate your advanced understanding of the role of the board and management in cyber-risk oversight. If you serve on the board of a public company, your CERT Certificate can be highlighted in proxy statements and other regulatory filings.

Modules

The NACD Cyber-Risk Oversight Program consists of seven modules, including a cyber-crisis simulation exercise and a series of exams. The course is expected to take approximately 16 hours to complete, and participants can take the course at their own pace. The exams within the program must be completed within one year of registration in order to earn the CERT Certificate in Cybersecurity Oversight.

Module 1: NACD Welcome

Module 2: Overview of Cybersecurity Leadership

Module 3: Effective Security Structure and Operations

Module 4: Cybersecurity Oversight for Directors

Module 5: Emerging Topics

Module 6: Simulation and Course Summary

Program Exams

Participants must pass the program exams to earn the CERT Certificate in Cybersecurity Oversight.
Note: We recommend you read the NACD Director's Handbook on Cyber-Risk Oversight before taking this course. Downloads of the handbook are complimentary.

CERT Certificate

Participants who complete the course and pass all of the exams at the end of each module with a score of 80 percent or better will be issued the CERT Certificate in Cybersecurity Oversight. The certificate is issued by the CERT Division of the Software Engineering Institute at Carnegie Mellon University and provides a tangible credential to demonstrate your commitment to advanced cybersecurity literacy to your management team, customers, investors, peers, regulators, and lawmakers.

You can showcase your CERT Certificate on your résumé and in your LinkedIn profile to demonstrate your advanced understanding of the role of the board and management in cyber-risk oversight. If you serve on the board of a public company, your CERT Certificate can be highlighted in proxy statements and other regulatory filings.

The CERT Division is part of the Software Engineering Institute, based at Carnegie Mellon University. CERT collaborates with high-level government organizations, such as the United States Department of Defense and the Department of Homeland Security; law enforcement, including the Federal Bureau of Investigation; the intelligence community; and many industry organizations to improve the security and resilience of computer systems and networks.