MGT512: Cyber Security Training at SANS Chicago 2023

What You Will Learn

IMPORTANT NOTICE: SANS is in process of changing course prefixes from “MGT” to “LDR”. There is no change in course content or pricing. MGT512 will run through Dec 31, 2023, then LDR512 will run thereafter. Course books may reflect the “MGT” prefix even for "LDR" classes of the course during the transition. If you would like to take the course after Dec 31, 2023, please visit the LDR512 course page.

Leading Security Initiatives to Manage Information Risk

Take this course to learn the key elements of any modern security program. MGT512 covers a wide range of security topics across the entire security stack. Learn to quickly grasp critical information security issues and terminology, with a focus on security frameworks, security architecture, security engineering, computer/network security, vulnerability management, cryptography, data protection, security awareness, application security, DevSecOps, cloud security, and security operations.

The course uses the Cyber42 leadership simulation game to put you in real-world scenarios that spur discussion and critical thinking of situations that you will encounter at work. Throughout the class you will participate in twenty-three Cyber42 activities.

"I would recommend this course as it is a great intro to both the business and technical aspects of aspiring CISO work." - Ian D., US Military

BUSINESS TAKEAWAYS

This course will help your organization:

• Develop leaders that know how to build a modern security program
• Anticipate what security capabilities need to built to enable the business and mitigate threats
• Create higher performing security teams

SKILLS LEARNED

• Make sense of different cybersecurity frameworks
• Understand and analyze risk
• Understand the pros and cons of different reporting relationships
• Manage and lead technical teams and projects
• Build a vulnerability management program
• Inject security into modern DevOps workflows
• Strategically leverage a SIEM
• Lead a Security Operations Center (SOC)
• Change behavior and build a security-aware culture
• Effectively manage security projects
• Enable modern security architectures and the cloud
• Build security engineering capabilities using automation and Infrastructure as Code (IaC)
• Get up to speed quickly on information security issues and terminology
• Establish a minimum standard of security knowledge, skills, and abilities
• Speak the same language as technical security professionals

HANDS-ON TRAINING

MGT512 uses case scenarios, group discussions, team-based exercises, in-class games, and a security leadership simulation to help students absorb both technical and management topics.

About 60-80 minutes per day is dedicated to these learning experiences using the Cyber42 leadership simulation game.

This web application based game is a continuous tabletop exercise where students play to improve security culture, manage budget and schedule, and improve security capabilities at a fictional organization. This puts you in real-world scenarios that spur discussion and critical thinking of situations that you will encounter at work.

• Section 1: Cyber42 Watt's Warehouse Company Overview, Calibration Lab, Round 1 Initiative Selection, Events 1-3: Whither Watt's Warehouse, Institutionalizing Security, Board Briefing
• Section 2: Cyber42 Round 1 Events 4-6: Network Security Implementation, End User Security, To Serve and Protect
• Section 3: Cyber42 Round 2 Initiative Selection, Round 2 Events 7-10: Industry Breach, Shadow IT, Security Misconfiguration, Miracle on DevOps Way
• Section 4: Cyber42 Round 3 Initiative Selection, Round 3 Events 11-14: Patching Problems, Let It Be Known!, Tough Negotiations, Managing Resistance
• Section 5: Cyber42 Round 4 Initiative Selection, Round 4 Events 15-18: New Guy in Town, Cost Cutting, Ransomware Response, Opportunity Knocks

"The [Cyber42] 'game' we are playing makes you think about real world problems and the different teams show how different groups will come up with their own solutions for the same problem. One of the few 'games' that actually forces some decisions based on previous decisions." -Max H., US Military

"I'm really enjoying the flow between the content delivery and the Cyber42 game." - Jamil A., US Government

"Loved the Cyber 42 game. Lots to think about when playing." - Doris Landreville, CSE

SYLLABUS SUMMARY

• Section 1 - Governance to plan your security program
• Section 2 - Architecture to design your security capabilities
• Section 3 - Engineering to build your security capabilities
• Section 4 - Build and lead the team, process, and culture
• Section 5 - Run operations to manage and mitigate attacks

ADDITIONAL FREE RESOURCES

• CISO Scorecard poster
• Transformational Cybersecurity Leader Triad blog
• Rekt Casino Hack Assessment Transformational Series Weak Security Program, Unprotected Systems, and Poor Detection & Response, webcast
• Rekt Casino Revisited: Transformational Series Part 2: Weak Security Program, Unprotected Systems, and Poor Detection & Response, blog

WHAT YOU WILL RECEIVE

• Electronic courseware containing the entire course content
• Printed course books
• Access to the Cyber42 security leadership simulation web app MP3 audio files of the complete course lecture

WHAT COMES NEXT

• MGT514: Security Strategic Planning, Policy, and Leadership
• MGT521: Leading Cybersecurity Change: Building a Security-Based Culture

NOTE: Some course material for SEC401 and MGT512 may overlap. SANS recommends SEC401 for those interested in a more technical course of study, and MGT512 for those primarily interested in a leadership-oriented but less technical learning experience.