CISM Enterprise Cybersecurity Leadership Boot Camp
Enroll any time. Learn at your own pace.
The Johns Hopkins CISM Enterprise Cybersecurity Leadership Boot Camp is a senior-level program for leaders across federal, defense, and GovCon sectors. Designed for professionals pursuing CISM certification and enterprise cybersecurity leadership, the program combines technical expertise with advanced leadership training. Participants build skills in governance, risk management, program development, incident response, and secure AI-enabled transformation—while learning to communicate cyber priorities across executive, legal, and contract teams. Graduates emerge prepared to lead complex initiatives, manage evolving threats, and advance 8140-aligned workforce development goals.
CISM Enterprise Cybersecurity Leadership Boot Camp
Cost
$3,638 (Special introductory rate until July 30) – Learn about partnership and group discounts
DURATION
CISM Course: 20 hours on-demand, 8 hours optional live; Micro-Credentials: 50 hours on demand, 2 hours optional live session per micro-credential
Format
On demand. Enroll by the first Monday of each month and start your program on the first Wednesday of the month.
credential
Certificate from ISACA for completing CISM course; Certificate of completion from Johns Hopkins University for the CISM course and each micro-credential.
Audience
Mid-level to advanced cybersecurity practitioners
CPE
20 CPEs for the CISM Course; 10 CPEs per micro-credential
Price: $4,850, includes ISACA CISM Exam Voucher
Lock in the special introductory rate now!
Priced at $3,638 when you register by July 30.
Learners will have access to the online ISACA CISM course and micro-credentials for six months after boot camp purchase and will have six months to use their exam voucher.
Financing Options Available
Payment plans available. Pay 50% at enrollment and 50% within 6 months. Exam vouchers issued upon payment completion. At checkout, select the “Invoice” option for a payment plan set up.
Partnership Discounts
Members of our partnership organizations always receive membership discounts of 10-20%! These discounts do not apply in addition to the special introductory rate.
Log in to the membership portal of your association to get your JHU discount codes to use at checkout!
- Information Systems Security Association (ISSA)
- ISC2 Northern Virginia Chapter
- DC Cyber Professionals and the Cover6 Community
Group Enrollment For Your Team
Looking to upskill your team? We offer group enrollment options and discounts to make it simple and cost-effective for organizations of any size. Get in touch, and we will help you get started!
“A boot camp built with flexibility for working professionals, offered by the University that has been supporting federal research, innovation, and education for decades.”
Build Your Custom Cyber Leadership Boot Camp
How it Works
This 66-hour boot camp includes a 16-hour CISM course, and five 10-hour micro-credentials selected from a 15-course GovCon leadership catalog. Learners may complete courses in the order that best fits their schedule, with CISM instruction delivered in the first five weeks and live micro-credential sessions offered monthly. See the schedule for dates and details.
Courses are delivered in a flexible, on-demand format with optional instructor-led sessions. Participants earn an ISACA and Johns Hopkins certificate for the course and micro-credentials.
CISM Course
Duration: 16 hours on-demand content, 8 hours of optional live instruction.
The course is structured around the four ISACA CISM domains: Information Security Governance, Risk Management, Program Development and Management, and Incident Management. Learners build the skills needed to align security with enterprise governance, manage risk, develop effective programs, and lead incident response across federal and GovCon environments.
The program includes online coursework, official ISACA practice tests, interactive eLearning modules, case studies, downloadable job aids, and a practice exam. Optional live sessions are led by Johns Hopkins CISM-certified faculty with federal and GovCon experience.
Learners may progress at their own pace, revisit materials as needed, and retain access to course content for six months. Exam vouchers must also be used within six months of issuance.
Micro-Credentials
Duration: 10 hours of on-demand content, 2 hours of optional live instruction with Johns Hopkins Subject Matter Experts per credential.
The boot camp pairs CISM exam preparation with mission-focused micro-credentials designed for leaders across federal, defense, regulated, and GovCon environments. Participants strengthen expertise in governance, risk management, program development, and incident response while building skills in AI risk management, cyber leadership, human-centered leadership, and executive-level risk communication.
Learners choose five micro-credentials to customize their boot camp experience. Organizations can also tailor programs to meet team and workforce upskilling goals.
CISM Boot Camp Micro-Credential Recommendations:
- Cyber Risk Leadership: Partnering with Business Units for Strategic Impact
- Risk and Security in AI Implementation: Leading the Defense Against the Unknown
- Scaling AI in the Enterprise: Security, Risk, and Growth
- Human‑First Cyber Leadership: Leading with Empathy in High‑Stress Environments
- Communicating Cyber Risk to Contract, Legal, and Program Leadership
Additional Micro-Credentials to Choose From:
- Modern Enterprise & Cloud Security: From Legacy Perimeter to Zero Trust
- Zero‑Trust in the Enterprise: Identity‑First Security, Segmentation, and Continuous Verification
- Cloud Risk, Compliance, and Shared Responsibility in Regulated Environments
- Implementing Security Frameworks in Practice: From Gap Assessment to Roadmap (ISO 27001, NIST CSF, SOC 2)
- AI & Cybersecurity: Emerging Threats, Autonomous Agents, and Future-Ready Defenses
- Adaptive Defense: Agile Methods for Cybersecurity Operations (Coming soon!)
- Incident to Improvement: Playbooks, Root Cause, and Long‑Term Control Changes (Coming soon!)
- Security Documentation That Wins Authorizations: High-Impact SSPs, SARs, POA&Ms, and Risk Briefs (Coming Soon!)
- Communicating Cybersecurity: Improving Stakeholder Trust and Transparency (Coming soon!)
- Communicating Cyber Risk to Business Leaders: Storytelling, Dashboards, and Risk Acceptance (Coming soon!)
Schedule
This boot camp is offered 12 times per year, with enrollments starting once per month. Enroll any time and start on the first Wednesday of each month.
Live Session Schedule
- CISM Course – Live sessions for the CISM course are offered in the first five weeks of the course. See the schedule HERE. If you miss it, don’t worry, all sessions are recorded and uploaded to the class after the session!
- Micro-credentials – Live sessions for each micro-credential are offered on different weekdays of the month at 7:00 pm ET. See the schedule of micro-credential live sessions HERE.
Prerequisites
There are no formal prerequisites to take this boot camp, however, in order to sit for the CISM exam and become certified, CISM certification requirements must be met.
Recommended Level: Mid-Career to Senior Level Cyber Professionals
Recommended Experience
- 5+ years of professional cybersecurity experience in roles such as Information Security Manager, ISSM, Cybersecurity Manager, Security Director, GRC Manager, Security Architect, or similar positions supporting federal or defense accounts.
- CISM-eligible or equivalent profile, typically including at least 3 years of team, program, or functional management responsibility in cybersecurity, risk, or related domains within government contracting or complex enterprise environments.
Built for Working Professionals
On-Demand Learning
Complete this boot camp entirely on your own schedule with optional live sessions.
Scenario-Based Exercises
Videos, activities, templates, reflections, low-stakes assessments, case studies, and facilitated discussion in the live section grounded in government, defense, and contracting environments.
Recognized Credential
Earn a certificate of completion and digital badge for your social profiles upon completing this micro-credential from the Johns Hopkins Whiting School of Engineering. 20 CPEs awarded for the CISM Course and 10 CPEs per micro-credential. Get your exam voucher to take your CISM exam with ISACA upon completion of the CISM course.
Subject Matter Experts
A boot camp designed and taught by Johns Hopkins subject matter experts with real-world experience in government and defense contracting.
Johns Hopkins Cybersecurity Boot Camp – Frequently Asked Questions (FAQ)
No. Students may complete the certification course independently and will receive their certificate of completion and certification exam voucher upon successful completion of that course. Completion of all micro-credentials is not required in order to receive the certification course completion certificate or exam voucher.
There are no refunds once a student has logged in and accessed their CISSP or CISM course and exam voucher. Once the course has been accessed and the voucher is claimed, no refunds are available. If a student buys the boot camp and does not access the course materials for the CISSP or CISM course within seven (7) days of purchase, a refund is available for the whole program.
Yes. A payment plan option is available for students. Under the payment plan:
- 50% of tuition is due at the beginning of the course
- The remaining 50% is due within six months of the course start date
Please note that certification exam vouchers and certificates of completion will not be issued until the payment plan balance has been paid in full.
Students will have access to both the micro-credentials and the certification course for six months from their enrollment date.
Yes. If you miss a live session, a recording of the session will be made available in the course the following day.
No. The live sessions are optional. Students are not required to attend the live sessions in order to receive their certificate of completion or certification exam voucher.
No. Johns Hopkins University will not issue separate CPE certificates for attendance at live sessions. Students will receive certificates of completion for completed courses and micro-credentials, which may be used for CPE reporting within the cybersecurity association or organization from which their certification originates.
Meet the Johns Hopkins Executive and Professional Education Cybersecurity Instructors
Andrea Molina, PhD, CISM, ITIL, CEH, PMP
Dr. Andrea Molina is a U.S. Coast Guard officer and senior technical program leader with 19+ years of experience delivering cybersecurity, AI-enabled systems, and enterprise platforms across federal and defense environments. She leads Command & Control and Navigation requirements for a $150M+ C5I portfolio supporting 40K+ users and also founded the Coast Guard’s Cyber Mission Capabilities Branch, delivering deployable cyber operations, threat hunting, and incident response capabilities nationwide. Dr. Molina teaches at Johns Hopkins Engineering for Professionals, where she advises doctoral students in Cyber Analytics and AI/ML. She holds a Doctor of Engineering in Cyber Analytics and specializes in aligning cyber strategy, risk, and AI to mission-critical federal operations.
Caleb Havens, OSCP, CISSP, CRTO, GCPN, eJPT, Security+
Caleb Havens is a Principal Security Consultant at NetSPI, specializing in Red Team Operations and Social Engineering. A former Marine Corps Intelligence and Reconnaissance Officer, he supported the Missile Defense Agency’s Test and Cyber Engineering Directorates and later served as a Red Team Operator for the US Army’s Threat Systems Management Office, conducting adversarial assessments of DoD systems. Caleb now leads Red Team Operations for Fortune 500 organizations across defense, finance, healthcare, and critical infrastructure, bringing real-world operational tradecraft from military intelligence and corporate security to the classroom.
Jay Ferron, CEH, CISM, CISSP, C)PTE, C)ISSM CRISC, CVEi, MCITP, MCSE, MCT, MVP, NSA-IAM
Jay Ferron is a multi-certified information security subject-matter expert with over 30 years of experience in cybersecurity, compliance, systems integration, and IT transformation. He has led initiatives to design and implement secure architectures, define IT management processes, and establish meaningful operational metrics for organizations across multiple industries.
Throughout his career, Jay has been deeply involved in both the strategic and hands-on aspects of information security, advising leadership while also working directly with technical teams to improve security posture and resilience. He has authored more than 19 technical courses for Microsoft, Global Knowledge, and other training providers, helping thousands of IT professionals advance their skills in security and related technologies. In addition to his technical and teaching work, Jay founded Interactive Security Training, LLC, a firm dedicated to helping organizations secure and manage their data through consulting, implementation, and training services.
Matthew Burch, M.S., CISSP, CEH, Security+, CCIE (R&S), CCIE (SP), CCDS, AWS SAP, AWS SAA, AWS DVA, AWS MLS, AWS Security, PCEP
Matthew Burch is a cybersecurity and cloud computing leader with over 20 years of experience in highly regulated enterprise environments, including financial services and critical infrastructure. He has led large-scale technology, cloud, and AI initiatives aligned with strict governance, risk, and compliance requirements. Matthew has partnered with federal organizations and contractors through workforce development programs, including Department of Defense–aligned initiatives, helping build certification pathways in cybersecurity and cloud technologies. He currently serves as faculty in cloud and AI programs, preparing professionals to operate effectively in secure, mission-critical environments.
Henry Bromley III, MBA, PMP, CISSP-CCSP, CSEP, CEH, CHFI, SEC+
Henry Bromley brings over 30 years of engineering and cybersecurity experience supporting federal missions, spanning nuclear systems, systems engineering, and information systems security. He serves in a lead security engineering role supporting government and commercial cloud-based programs. As an adjunct graduate professor, he teaches Managerial Computer Forensics and has delivered CISSP Common Body of Knowledge instruction, helping to prepare information security professionals. He is committed to equipping students with practical, job-ready skills for securing high-consequence, mission-critical environments.
Farhat Shah, CISSP, PMP
Ms. Shah currently serves as the cybersecurity subject matter expert for the Department of War (DoW). Ms. Shah has worked in different capacities to launch and implement cybersecurity programs and initiatives within her organization. She provided critical cybersecurity support to systems across the U.S Army leading to successive mission completion.
Ms. Shah began her career as a software engineering intern. She graduated from the Army’s Intern Program, earning a Master’s in Software Engineering from Monmouth University. Ms. Shah holds a Bachelor’s in Electrical Engineering and a second Master’s in Technical Management from the Johns Hopkins University. Her experience entails Software development, Systems Engineering, Project Management, and Cybersecurity for information systems that she has gained over her career as an engineer with the Army.
Barry Hudson, CISSP, CGRC, SSCP, CC
Barry Hudson’s career was primarily with large contractors in the US Government sector. The last 15 years took him on an exciting journey; planning, implementing, maintaining, and managing (as ISSO/ISSM) complex cybersecurity systems for two large government facilities. These efforts include creation of policy and procedures, selecting, building and configuring technology infrastructure, production operations, and compliance monitoring prior to turnover to the Government customer.
His newly discovered energy is to share his experiences and perspective, and to grow the Cybersecurity family. Barry holds a CISSP, CGRC, SSCP, and CC is an ISC2 Authorized Instructor, and independent contractor and lecturer.
Sandra Fonseca-Lind, DBA, EdD, CISA, CISM, CRISC, CDPSE
Dr. Sandra Fonseca is an accomplished information technology professional with more than 40 years of experience in the IT industry, including 15 years serving as a Systems Security Manager, Project Manager, and Data Architect at a federal agency in Washington, D.C. She has spent more than 30 years in higher education, teaching undergraduate and graduate courses across all instructional modalities, and has also served as Program Director for IT and Cybersecurity programs.
Dr. Fonseca holds a Doctor of Business Administration (DBA) with a specialization in Management Information Systems and a Doctor of Education (EdD) with a specialization in Instructional Design. She has served as both a volunteer and board officer for several professional organizations, including ISACA, ISSA, PMI, ACFE, and ASQ. She currently serves as Associate Director of Governance for the Washington, D.C. Chapter of ISACA, Education Director for the ISSA NOVA Chapter, and a volunteer with the Washington, D.C. Chapter of PMI.
CISM Enterprise Cybersecurity Leadership Boot Camp
$4,850 $3,638 until July 30
- Certificate from ISACA
- Certificates from Johns Hopkins
- CISM: 20 hours
- Micro-Credentials: 50 hours
Looking up upskill your team?
Learn about group enrollment