Part A: Offensive and Defensive Uses of AI

Explore how AI is transforming both offensive and defensive cyber operations and how organizations can govern these technologies responsibly. Learn how to balance human oversight with automation and govern AI responsibly to protect enterprise systems and data integrity.

• AI models in cybersecurity

  • Differentiate between generative, supervised, and unsupervised ML models used in cybersecurity.

  • Understand how each model supports detection, defense, and response in digital ecosystems.

  • Recognize where AI models add value and where they introduce risk.

• When to use AI vs. humans

  • Apply decision quadrants and mission command frameworks to assign tasks between humans and AI.

  • Evaluate when automation improves efficiency and when human oversight is essential.

  • Balance speed, scale, and judgment in cybersecurity decision making.

• How attackers use AI

  • Examine the use of AI in cybercrime, including dark web services and AI tools designed for malicious actors.

  • Explore how attackers use AI and deepfake tools to manipulate authentication mechanisms (e.g., voice synthesis and face recognition).

  • Identify how malicious AI models are weaponized to create new types of malware and vulnerabilities.

• LLM attack surface and risks

  • Identify key vulnerabilities in large language models (LLMs), including prompt injection and data poisoning.

  • Examine how insecure plugins, excessive autonomy, and model theft create new risks.

  • Discover strategies for mitigating enterprise exposure in an LLM-powered world.

Part B: Governance of AI

Explore AI governance frameworks, executive roles, regulatory structures, and the AI Secure-by-Design Framework to embed ethics, accountability, and risk control throughout the AI life cycle.

• AI governance and risk management

  • Govern AI responsibly by understanding organizational structures, ethical and regulatory frameworks, executive roles, and risk controls designed for AI-specific challenges beyond traditional IT governance.

  • Understand the key components of good AI governance.

• Governance, risk, and compliance (GRC) aspects of AI

  • Examine principles for the ethical and responsible use of AI.

  • Explore the AI Secure-by-Design Executive Framework. Learn how it can help technical executives integrate security, governance, and ethics into the AI life cycle and promote cross-functional alignment.

Part A: How AI Systems Can Be Abused

Learn how adversaries exploit AI vulnerabilities, and gain strategies for securing AI models and systems against misuse, ensuring both internal and external integrity. 

• Thinking like an attacker

  • Step into the mindset of an adversary to uncover how threat actors exploit AI vulnerabilities.

  • Explore frameworks, including MITRE ATLAS and OWASP Top 10, for LLMs to understand adversarial tactics and techniques.

• How AI systems can be abused

  • Learn about AI manipulation, biases, and feedback poisoning of training data.

  • Explore the risks of insecure output handling, including data leaks and hallucinated responses.

  • Understand jailbreaking and prompt engineering with real-world examples of attackers bypassing AI safeguards.

  • Learn how AI can be used to create deceptive content to compromise business and security practices.

  • Identify adversarial attacks and discuss how attackers poison models or exploit vulnerabilities.

• Organizational risks

  • Assess how AI-driven abuse impacts enterprise trust, compliance, and cybersecurity operations.

  • Connect individual AI exploits to larger strategic and governance challenges facing modern organizations.

Part B: AI Agents and Autonomous Cybersecurity Systems

Enable executives to understand the role of AI agents in cybersecurity, how they can shape the future of work, and the potential risks and rewards for business operations.

• AI agents in defense and business operations

  • Explore what AI agents are and how they can autonomously plan, execute, and adapt to cybersecurity threats.

  • Examine how AI agents will shape business and security practices, the future of AI-enhanced security operations, and their impact on business efficiency.

• Risks associated with AI agents

  • Identify potential attack vectors against autonomous systems, including tampering and adversarial manipulation.

Part A: Shadow AI

Understand the risks posed by the growing trend of Shadow AI in enterprises, gain insights into the unsanctioned use of AI tools without oversight or visibility gaps, and introduce strategies to address these challenges.

• Differentiate Shadow AI from Shadow IT.

  • Define Shadow AI as unsanctioned use of AI tools, and Shadow IT as unauthorized use of general IT services or software.

  • Identify the unique risks of Shadow AI—such as unvetted data outputs and model bias—going beyond the compliance and security challenges of traditional Shadow IT.

• Assess the risk that unsanctioned AI use introduces to visibility, compliance, and cybersecurity.

  • Identify the potential risks of unsanctioned AI use, including data leaks, regulatory non-compliance, and intellectual property violations.

  • Understand the security vulnerabilities arising from lack of audit trails and oversight of AI-generated decisions or content.

  • Recognize the threats posed by unauthorized AI systems such as malware, data theft, prompt injection attacks, and potential financial liabilities.

  • Evaluate how these risks impact organizational visibility, compliance frameworks, and cybersecurity posture to inform better governance and controls.

• Identify tools and technologies that can detect and mitigate Shadow AI activity.

  • Understand the OODA Loop that helps organizations detect what AI tools are in use, where they are being used, and how

Part B: Human Security Risks in the Age of AI

Understand the human component in the relationship between AI and cybersecurity and the importance of trust, collaboration, and human oversight in securing AI systems.

• Building human-AI trust frameworks

  • Create organizational strategies that build trust between human operators and AI systems.

  • Assess transparency and accountability in AI systems to ensure that executives and cybersecurity teams have confidence in AI's decision-making processes.

• Cybersecurity risks in AI-human interactions

  • Understand the psychological, ethical, and strategic considerations of human interaction with AI systems in security.

  • Explore AI-driven social engineering attacks and how attackers use AI, including deepfakes and voice synthesis, to manipulate humans into compromising security.

How much time is required each week?

Each program includes an estimated learner effort per week. This is referenced at the top of the program landing page under the Duration section, which you can obtain by submitting the short form at the top of this web page.

How will my time be spent?

We have designed this program to fit into your current working life as efficiently as possible. Time will be spent among a variety of activities including:

• Engaging with recorded video lectures from faculty

• Attending webinars and office hours, as per the specific program schedule

• Reading or engaging with examples of core topics

• Completing knowledge checks/quizzes and required activities

• Engaging in moderated discussion groups with your peers

• Completing your final project, if required

The program is designed to be highly interactive while also allowing time for self-reflection and to demonstrate an understanding of the core topics through various active learning exercises. Please email us if you need further clarification on program activities.

What is it like to learn online with the learning collaborator, Emeritus?

More than 300,000 learners across 200 countries have chosen to advance their skills with Emeritus and its educational learning partners. In fact, 90 percent of the respondents of a recent survey across all our programs said that their learning outcomes were met or exceeded.

All the contents of the course would be made available to students at the commencement of the course. However, to ensure the program delivers the desired learning outcomes the students may appoint Emeritus to manage the delivery of the program in a cohort-based manner the cost of which is already included in the overall course fee of the course.

A dedicated program support team is available 24/5 (Monday to Friday) to answer questions about the learning platform, technical issues, or anything else that may affect your learning experience.

How do I interact with other program participants?

Peer learning adds substantially to the overall learning experience and is an important part of the program. You can connect and communicate with other participants through our learning platform.

What is the relationship between Emeritus and MIT xPRO?

Emeritus and MIT xPRO collaborate to create and deliver educational programs. None of these programs are Title IV-eligible.

What are the requirements to earn the certificate?

Each program includes an estimated learner effort per week, so you can gauge what will be required before you enroll. This is referenced at the top of the program landing page under the Duration section, which you can obtain by submitting the short form at the top of this web page. All programs are designed to fit into your working life.

This program is scored as a pass or no-pass; participants must complete the required activities to pass and obtain the certificate of completion. Some programs include a final project submission or other assignments to obtain passing status. Please email us if you need further clarification on any specific program requirements.

What type of certificate will I receive?

Upon successful completion of the program, you will receive a smart digital certificate. The smart digital certificate can be shared with friends, family, schools, or potential employers. You can use it on your cover letter, resume, and/or display it on your LinkedIn profile.The digital certificate will be sent approximately two weeks after the program, once grading is complete.

Can I get the hard copy of the certificate?

No, only verified digital certificates will be issued upon successful completion. This allows you to share your credentials on social platforms such as LinkedIn, Facebook, and Twitter.

Do I receive alumni status after completing this program?

No, there is no alumni status granted for this program. In some cases, there are credits that count toward a higher level of certification. 

How long will I have access to the learning materials?

You will have access to the online learning platform and all the videos and program materials for 24 months following the program start date. Access to the learning platform is restricted to registered participants per the terms of agreement.

What equipment or technical requirements are there for this program?

Participants will need the latest version of their preferred browser to access the learning platform. In addition, Microsoft Office and a PDF viewer are required to access documents, spreadsheets, presentations, PDF files, and transcripts.

Do I need to be online to access the program content?

Yes, the learning platform is accessed via the internet, and video content is not available for download. However, you can download files of video transcripts, assignment templates, readings, etc. For maximum flexibility, you can access program content from a desktop, laptop, tablet, or mobile device.

Video lectures must be streamed via the internet, and any livestream webinars and office hours will require an internet connection. However, these sessions are always recorded, so you may view them later.

Can I still register if the registration deadline has passed?

Yes, you can register up until seven days past the published start date of the program without missing any of the core program material or learnings.

What is the program fee, and what forms of payment do you accept?

The program fee is noted at the top of this program web page. 

• Flexible payment options are available (see details below as well as at the top of this program web page next to FEE).

• Tuition assistance is available for participants who qualify. Please email [email protected].

What if I don’t have a credit card? Is there another method of payment accepted?

Yes, you can do the bank remittance in the program currency via wire transfer or debit card. Please contact your program advisor, or email us for details.

I was not able to use the discount code provided. Can you help?

Yes! Please email us with the details of the program you are interested in, and we will assist you.

How can I obtain an invoice for payment?

Please email us your invoicing requirements and the specific program you’re interested in enrolling in.

Is there an option to make flexible payments for this program?

Yes, the flexible payment option allows a participant to pay the program fee in installments. This option is made available on the payment page and should be selected before submitting the payment.

How can I obtain a W9 form?

Please connect with us via email for assistance.

Who will be collecting the payment for the program?

Emeritus collects all program payments, provides learner enrollment and program support, and manages learning platform services.

Are there any restrictions on the types of funding that can be used to pay for the program?

Program fees for Emeritus programs with MIT xPRO may not be paid for with (a) funds from the GI Bill, the Post-9/11 Educational Assistance Act of 2008, or similar types of military education funding benefits or (b) Title IV financial aid funds.

What is the program refund and deferral policy?

For the program refund and deferral policy, please click the link here.