LDR521: SANS London July 2024

Provided by

Enquire about this course

What You Will Learn
What is a Security Culture?

Security culture is your workforce’s shared attitudes, perceptions, and beliefs about cybersecurity. The stronger your security culture, not only the more likely people will exhibit secure behaviors but more likely your security initiatives will succeed. The key drivers of your security culture include your security team, your security policies, and your security training. Your organization already has a security culture. The questions is, is it the culture you want?
Build and Measure a Strong Security Culture

Drawing on real-world lessons from around the world, the SANS LDR521 security culture for leadership course will teach you how to leverage the principles of organizational change to develop, maintain, and measure a strong security culture. Through hands-on instruction and a series of interactive labs and exercises, you will apply these concepts to various real-world security initiatives and quickly learn how to embed security into your organization's culture, from senior leadership on down.

Apply findings from Daniel Kahneman's Nobel prize-winning research, Thayler and Sunstein's Nudge Theory, and Simon Sinek's Golden Circle. Learn how Spock, Homer Simpson, the Elephant and Rider, and the Curse of Knowledge are all keys to building a strong security culture at your company.

"This content is helping bring back concepts that get forgotten when you go from a doer to a senior leadership role. It brought back good concepts and a way to utilize them in the Security Context as well as getting leadership to think differently."- Michael Neuman
  • Create a far more engaged and secure workforce, not only in their attitudes about security but also in their behaviors
  • Dramatically improve the ROI of security initiatives and projects through increased success and impact
  • Strengthen communication between the security team and business executives
  • Instill stronger and more positive attitudes, perceptions, and beliefs about the security team
  • Construct simpler, more effective security policies and governance
  • Explain what organizational culture is, its importance to security, and how to map and measure both your organization's overall culture and security culture
  • Align your security culture to your organization's strategy, including how to leverage different security frameworks and maturity models
  • Effectively communicate the business value of security to your Board of Directors and executives and more effectively engage and motivate your workforce
  • Enable and secure your workforce by integrating security into all aspects of your organization's culture
  • Dramatically improve both the effectiveness and impact of your security initiatives, such as DevSecOps, cloud migration, vulnerability management, Security Operations Center, incident detection & response and other related security projects
  • Create and effectively communicate business cases to leadership and gain their support for your security initiatives
  • Ability to measure your security culture, how to make those measurements actionable, and how to present the maturity and value of your security culture to leadership
  • Leverage numerous templates and resources from the Digital Download Package and Community Forum that are part of the course and which you can then build on immediately

The first four sections of the course leverage 12 interactive team labs, enabling you to apply the lessons learned to a variety of real-world security situations and challenges. These team labs enable you to learn not only from the instructor and course materials but also from your fellow students' expertise and experiences. Finally, the last section is a capstone event as you work through a series of case studies to see which team can create the strongest security culture. Leveraging the Cyber42 simulation game environment, you are put in real-world scenarios that spur discussion and critical thinking of situations that you will encounter at work. A Laptop is required for the Cyber 42 leadership simulation capstone.

"Labs are applicable to the coursework and can be used at my workplace immediately." - Jerome C., US Military

"I love the way each lab built on previous topics covered culminating in the last day where we could apply everything we learnt. Everytime we did a lab they were well explained and at no time did i feel rushed, or like we had too much time to complete them." - Helen Bupa, IPLS

"Labs today were fun. Made me think with a focused intent." - Chad Yancey
  • Section 1: Learn the fundamentals of organizational culture, security culture and organizational change.
  • Section 2: Communicate to, engage with, and motivate your workforce so cybersecurity is perceived as a positive enabler
  • Section 3: Train and enable your workforce so cybersecurity is simple for them.
  • Section 4: Learn how to build a business case for leadership, gaining their support for your security initiatives
  • Section 5: Apply everything you have learned in a series of five case-studies, competing as teams to see which team can build the strongest cybersecurity culture.

The course is recommended for more senior and/or more experienced cybersecurity leaders, managers, officers, and awareness professionals. If you are new to cybersecurity, we recommend some of SANS's more fundamental courses, such as SEC301: Introduction to Cyber Security, SEC401: Security Essentials: Network, Endpoint, and Cloud, or LDR433: Human Risk Management.
  • For those of you who are looking to get involved in the human side of cybersecurity, or are already involved but looking to grow, consider reading this on how to develop your career path.
  • For senior security leaders who want to complete their leadership training for security strategy, technology and culture, learn more about the Transformational Cybersecurity Leadership Triad
  • Printed Course Books
  • Digital Download Package: A collection of templates, checklists, matrices, reports, and other resources that will help you in your security career. This package is continually updated and is based on resources that real security leaders have used in developing their own security cultures. Why reinvent the wheel when you can reuse or reshape what has worked for others!
  • Community Forum: An opportunity to join the private, invitation-only Community Forum dedicated to the human side of security. The forum currently has over 2,000 active professionals from around the world!
  • LDR512: Security Leadership Essentials for Managers
  • LDR514: Security Strategic Planning, Policy, and Leadership


Start date Location / delivery
01 Jul 2024 London Book now

Related article

At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...