LDR521: SANS Amsterdam October 2024
Provided by SANS
What You Will Learn
What is Security Culture?
Security culture is your organization's shared attitudes, perceptions, and beliefs about cybersecurity. The more strongly your leadership and workforce believe in and buy into cybersecurity, the more likely they will prioritize security, support your initiatives, and exhibit the behaviors you want. Your organization already has a security culture. The question is, is it the culture you want?
Build and Measure a Strong Security Culture
Drawing on real-world lessons from around the world, the SANS LDR521 Security Culture for Leaders course will teach you how to build a culture where both your leadership and workforce believe in and prioritize cybersecurity. Through hands-on instruction and a series of interactive labs and exercises, you will apply organizational change concepts to various real-world security initiatives and quickly learn how to transform your security team and embed security into your organization's culture, from senior leadership on down. Apply findings from Daniel Kahneman's Nobel prize-winning research, Thayler and Sunstein's Nudge Theory, ADKAR change model and Simon Sinek's Golden Circle. Learn how Spock, Homer Simpson, the Elephant and Rider, and the Curse of Knowledge are all keys to building a strong security culture at your organization.
"This content is helping bring back concepts that get forgotten when you go from a doer to a senior leadership role. It brought back good concepts and a way to utilize them in the Security Context as well as getting leadership to think differently."- Michael Neuman
Business Takeaways
The first four sections of the course leverage eleven interactive team labs, enabling you to apply the lessons learned to a variety of real-world security situations and challenges. These team labs enable you to learn from the instructor and course materials and your fellow students' expertise and experiences. Finally, the last section is a capstone event as you work through a series of case studies to see which team can create the strongest security culture. Leveraging the Cyber42 simulation game environment, you are put in real-world scenarios that spur discussion and critical thinking of situations you will encounter at work as you compete for the LDR521 Challenge coin. A Laptop with access to the internet is required for the Cyber 42 leadership simulation capstone.
"Labs are applicable to the coursework and can be used at my workplace immediately." - Jerome C., US Military
"I love the way each lab built on previous topics covered culminating in the last day where we could apply everything we learnt. Everytime we did a lab they were well explained and at no time did i feel rushed, or like we had too much time to complete them." - Helen Bupa, IPLS
"Labs today were fun. Made me think with a focused intent." - Chad Yancey
Syllabus Summary
The course is recommended for more senior and/or more experienced cybersecurity leaders, managers, officers, and awareness professionals. If you are new to cybersecurity, we recommend some SANS's more fundamental courses, such as SEC301: Introduction to Cyber Security, SEC401: Security Essentials: Network, Endpoint, and Cloud, LDR433: Human Risk Management or LDR419: Performing A Cybersecurity Risk Assessment.
Additional Free Resources
What is Security Culture?
Security culture is your organization's shared attitudes, perceptions, and beliefs about cybersecurity. The more strongly your leadership and workforce believe in and buy into cybersecurity, the more likely they will prioritize security, support your initiatives, and exhibit the behaviors you want. Your organization already has a security culture. The question is, is it the culture you want?
Build and Measure a Strong Security Culture
Drawing on real-world lessons from around the world, the SANS LDR521 Security Culture for Leaders course will teach you how to build a culture where both your leadership and workforce believe in and prioritize cybersecurity. Through hands-on instruction and a series of interactive labs and exercises, you will apply organizational change concepts to various real-world security initiatives and quickly learn how to transform your security team and embed security into your organization's culture, from senior leadership on down. Apply findings from Daniel Kahneman's Nobel prize-winning research, Thayler and Sunstein's Nudge Theory, ADKAR change model and Simon Sinek's Golden Circle. Learn how Spock, Homer Simpson, the Elephant and Rider, and the Curse of Knowledge are all keys to building a strong security culture at your organization.
"This content is helping bring back concepts that get forgotten when you go from a doer to a senior leadership role. It brought back good concepts and a way to utilize them in the Security Context as well as getting leadership to think differently."- Michael Neuman
Business Takeaways
- Security at Scale: Make your job easier by scaling both yourself and your security team. Reduce the impact of burnout on the security team you are privileged to lead.
- Embed Security: Automatically bake security into the start of every business project and initiative in every business unit of your organization.
- Executive Support: Get the executive leadership support you need for what is most important to you.
- Secure your Workforce: People will exhibit the behaviors you want without telling them what they can and cannot do at work.
- Successful Initiatives: Make your security initiatives far more successful by gaining the buy-in of key departments, such as IT, Engineering, and the Business.
- Advocates: Transform your security team into security advocates who engage, motivate, and enable your workforce to be far more secure
- Explain what culture is, its importance to security, and how to map and measure both your organization's overall culture and your security culture.
- Define the indicators of a strong security culture, align security with them, and embed them into your organization's existing culture. i
- Provide a framework and guiding principles for your security team on how to lay the foundation for a strong security culture.
- Effectively communicate the business value of security to your Board of Directors and executives, gaining their support and buy-in.
- Engage and motivate your workforce so they prioritize cybersecurity.
- Simplify security and remove blockers, making it exponentially easier for people to embed security into their everyday actions.
- Dramatically improve the effectiveness and impact of your security initiatives, such as DevSecOps, cloud migration, vulnerability management, Security Operations Center, incident detection & response, and other related security projects.
- Ability to measure your security culture, how to make those measurements actionable, and how to present the maturity and value of your security culture to leadership
- Leverage numerous templates and resources from the Digital Download Package and Community Forum that are part of the course and which you can then build on immediately.
The first four sections of the course leverage eleven interactive team labs, enabling you to apply the lessons learned to a variety of real-world security situations and challenges. These team labs enable you to learn from the instructor and course materials and your fellow students' expertise and experiences. Finally, the last section is a capstone event as you work through a series of case studies to see which team can create the strongest security culture. Leveraging the Cyber42 simulation game environment, you are put in real-world scenarios that spur discussion and critical thinking of situations you will encounter at work as you compete for the LDR521 Challenge coin. A Laptop with access to the internet is required for the Cyber 42 leadership simulation capstone.
"Labs are applicable to the coursework and can be used at my workplace immediately." - Jerome C., US Military
"I love the way each lab built on previous topics covered culminating in the last day where we could apply everything we learnt. Everytime we did a lab they were well explained and at no time did i feel rushed, or like we had too much time to complete them." - Helen Bupa, IPLS
"Labs today were fun. Made me think with a focused intent." - Chad Yancey
Syllabus Summary
- Section 1: Learn the fundamentals of organizational culture, security culture, and building the culture you want.
- Section 2: Communicate to, engage with, and motivate your workforce so they believe in and prioritize cybersecurity.
- Section 3: Create an environment where it is simple for your workforce to embed security into work and their daily activities.
- Section 4: Learn how to build an effective business case for leadership, gaining their support for your security initiatives
- Section 5: Apply everything you have learned in a series of five case studies, competing as teams to see which team can build the strongest cybersecurity culture.
The course is recommended for more senior and/or more experienced cybersecurity leaders, managers, officers, and awareness professionals. If you are new to cybersecurity, we recommend some SANS's more fundamental courses, such as SEC301: Introduction to Cyber Security, SEC401: Security Essentials: Network, Endpoint, and Cloud, LDR433: Human Risk Management or LDR419: Performing A Cybersecurity Risk Assessment.
Additional Free Resources
- For those of you who are looking to get involved in the human side of cybersecurity, or are already involved but looking to grow, consider reading this on how to develop your career path.
- Annual SANS Security Awareness Human Risk summit, a two-day event bringing together world experts focusing on the human side of cybersecurity.
- Printed Course Books
- Digital Download Package: A collection of templates, checklists, matrices, reports, and other resources that will help you in building a strong security culture and your security career. This package is continually updated and based on resources that real security leaders have used to develop and grow their own security cultures. Why reinvent the wheel when you can reuse or reshape what has worked for others!
- Community Forum: An opportunity to join the private, invitation-only Community Forum dedicated to the human side of security. The forum currently has over 2,000 active professionals from around the world!
- LDR512: Security Leadership Essentials for Managers
- LDR514: Security Strategic Planning, Policy, and Leadership
- For senior security leaders who want to complete their leadership training for security strategy, technology and culture, learn more about the Transformational Cybersecurity Leadership Triad
Enquire
Start date | Location / delivery | |
---|---|---|
07 Oct 2024 | Amsterdam | Book now |