Cybersecurity is no longer just about technology, it is about people. Specifically, it's about people’s attitudes, perceptions and beliefs around cybersecurity and how those perceptions drive their actions. In today’s world, a secure organization starts with a strong security culture. Drawing on numerous fields of academic study and real-world lessons from around the world, SANS MGT521 Leading Cybersecurity Change: Building a Security-Based Culture will teach you how to develop, maintain, and measure a security-driven culture. Through hands-on instruction and a series of interactive labs and exercises, you will apply the concepts of organizational change to a variety of different security initiatives while quickly learning how to embed security into your organization's culture. Finally, the last day is a capstone event as you work through a series of case studies to see which team can create the strongest security culture. Culture is a very human and global challenge and as such, we want to expose you to as many different situations and perspectives as possible. We are excited to announce a new version of this course has just been released with numerous updates, including:
- A deeper dive into culture, models that help define and shape culture, and how to leverage those models in cybersecurity
- Insights on how to create a security culture dashboard, what you should be measuring, how to measure it and then how to communicate the results and impact to your leadership
- Deeper dive and more examples in building a business case, including updated labs
MGT521 is part of the SANS Transformation Leadership triad, a combination of SANS' three most advanced courses for developing today’s most experienced security leaders.
BUSINESS TAKEAWAYS:
- Create a far more secure workforce, both in their attitudes about security and also in their behaviors
- Enable the security team to create far stronger partnerships with departments and regions throughout the organization
- Dramatically increase both the success and impact of security initiatives and projects
- Improve communication between security teams and business leaders
- Create far stronger and more positive attitudes, perceptions, and beliefs about the security team
SKILLS LEARNED:
- More effectively communicate the business value of cybersecurity to your Board of Directors and executives, improve collaborate with your peers, and more effectively engage your workforce
- Explain what organizational culture is, its importance to cybersecurity, and how to map and measure both your organization's overall culture and security culture
- Align your cybersecurity culture to your organization's strategy, including how to leverage different security frameworks and maturity models
- Explain what organizational change is, identify different models for creating change, and learn how to apply those models
- Enable and secure your workforce by integrating cybersecurity into all aspects of your organization's culture
- Dramatically improve both the effectiveness and impact of your security initiatives, such as DevSecOps, Cloud migration, Vulnerability Management, Security Operations Center and other related security deployments
- Create and effectively communicate business cases to leadership and gain their support for your security initiatives
- How to measure your security culture and how to present the impact of a strong security culture to leadership
- Leverage numerous templates and resources from the Digital Download Package and Community Forum that are part of the course and which you can then build on right away
I am very excited about the updates we’ve made to this course and confident in students’ abilities to create a strong security culture in their organizations upon its completion. I invite you to check out the full course description at https://sans.org/mgt521
