LDR419: Cyber Security Training at SANS Stay Sharp: November 2024
Provided by SANS
What You Will Learn
Every organization should be performing risk assessments as a part of their cybersecurity program. Regular risk assessments allow organizations to create practical strategies for defense and evaluate where there are weaknesses in their cybersecurity program that could keep them from achieving their goals. Most cybersecurity risk courses are theoretical and academic, often leaving students unsure how to prepare for and do the actual assessment work. This cyber security risk assessment training teaches students the foundational knowledge and practical, hands-on skills they need to perform risk assessments.
The course uses the Cyber42 leadership simulation game to put students into real-world scenarios that spur discussion and critical thinking of situations that they will encounter at work. Throughout the class students will participate in multiple Cyber42 activities to help them practice what they learn and ensure that they will be able to take these skills immediately back to the office.
Business Takeaways
Each of the case studies in this course will be based on a fictitious technology company, Initech Systems, and its quest towards maintaining a more mature cybersecurity program. Students will have an opportunity to explore Initech's specific cybersecurity strategies and tactical plans, which are based on real-world examples. To facilitate these case studies, students will use the Cyber42 tabletop simulation game to put students in real-world scenarios that spur discussion and critical thinking of situations that they will encounter at their offices.
Section 2: Learning the practical skills for how to perform a cybersecurity risk assessment and present risks to leadership.
“The Cyber42 exercises were a great way to demonstrate the realistic circumstance of having to weigh imperfect options against each other and make the best of what we have.” – Stephanie Martin, Federal Reserve Bank of Richmond
“I really enjoyed the Cyber42 lab - it made me think critically about differing options and how there is more than one path to take to achieve good outcomes.” – Caitlin Sawyer, John Deere
“Love the interaction and required thought one has to put into Cyber42 to make it worthwhile.” – Kevin Solway, County of Marinette
What You Will Receive
Every organization should be performing risk assessments as a part of their cybersecurity program. Regular risk assessments allow organizations to create practical strategies for defense and evaluate where there are weaknesses in their cybersecurity program that could keep them from achieving their goals. Most cybersecurity risk courses are theoretical and academic, often leaving students unsure how to prepare for and do the actual assessment work. This cyber security risk assessment training teaches students the foundational knowledge and practical, hands-on skills they need to perform risk assessments.
The course uses the Cyber42 leadership simulation game to put students into real-world scenarios that spur discussion and critical thinking of situations that they will encounter at work. Throughout the class students will participate in multiple Cyber42 activities to help them practice what they learn and ensure that they will be able to take these skills immediately back to the office.
Business Takeaways
- Establish the business case for a cyber security risk assessment
- Prepare for a risk assessment that matters to the business
- Meet and exceed regulatory requirements
- Effectively export the results of a risk assessment to key stakeholders
- Create a strategy for how to respond to identified cybersecurity risks
- Understanding the business context for a risk management program
- Creating a cybersecurity program charter
- Understanding foundational elements of risk
- Choosing appropriate cybersecurity safeguards
- Performing third-party risk assessments
- Performing a cyber security risk assessment
- Evaluating cybersecurity documentation
- Examining the implementation of cybersecurity safeguards
- Thoroughly reporting risk to business stakeholders
- Effectively reporting risk to technical stakeholders
- Productively respond to risks identified during an assessment
Each of the case studies in this course will be based on a fictitious technology company, Initech Systems, and its quest towards maintaining a more mature cybersecurity program. Students will have an opportunity to explore Initech's specific cybersecurity strategies and tactical plans, which are based on real-world examples. To facilitate these case studies, students will use the Cyber42 tabletop simulation game to put students in real-world scenarios that spur discussion and critical thinking of situations that they will encounter at their offices.
- Evaluating an Organization's Governance Model
- Evaluating a Cybersecurity Program's Goals to Create a Safeguard Inventory
- Creating a Comprehensive Risk Assessment Plan for Internal and Third Parties
- Evaluating a Cybersecurity Policy
- Evaluating Cybersecurity Technical Safeguards
- Creating an Executive Risk Briefing
- Writing a Personal Action Plan
Section 2: Learning the practical skills for how to perform a cybersecurity risk assessment and present risks to leadership.
“The Cyber42 exercises were a great way to demonstrate the realistic circumstance of having to weigh imperfect options against each other and make the best of what we have.” – Stephanie Martin, Federal Reserve Bank of Richmond
“I really enjoyed the Cyber42 lab - it made me think critically about differing options and how there is more than one path to take to achieve good outcomes.” – Caitlin Sawyer, John Deere
“Love the interaction and required thought one has to put into Cyber42 to make it worthwhile.” – Kevin Solway, County of Marinette
What You Will Receive
- Printed and electronic courseware
- Cybersecurity risk assessment templates, tools, and checklists
- Access to the Cyber42 security leadership simulation web app
- MP3 audio files of the complete course lecture
- Exercise workbook and electronic workbook with detailed step-by-step instructions for case studies covered in class
- SEC566: Implementing and Auditing CIS Controls
- LDR512: Security Leadership Essentials for Managers
Enquire
Start date | Location / delivery | |
---|---|---|
06 Nov 2024 | Virtual | Book now |