A3SEC514: SEC514: Security Leadership – Strategy, Policy and Planning

Become an EPIC Affiliate

To view the class schedule you need to become an Affiliate

  • Largest “Guaranteed To Run” public technical training schedules available
  • Easy to become an Affiliate – no charge or fee
Become an EPIC Affiliate

already an Affiliate?  Login

About this Course

This course is the functional equivalent of LDR514 course and prepares both emerging and experienced cybersecurity leaders to develop strategic policies and plans that protect organizations from evolving threats. Students will learn to align cybersecurity strategies with organizational goals, manage teams effectively, and address time, budget, and resource constraints. Through real-world case studies and leadership modules, participants gain the tools to assess risks, set achievable objectives, and drive team success. The course also prepares students for the GIAC Strategic Planning, Policy, and Leadership (GSTRT) certification.
Emerging and veteran Cybersecurity leaders are responsible for forging a digital shield to protect their organization from growing and ever changing threats. By crafting and enforcing policy outlining acceptable and unacceptable behaviors, these professionals empower all employees to do better. This course will teach current and future leaders how to successfully build and implement sensible network and workplace policies via the implementation of strategic plans that align with organizational goals and values. Completion of the course includes leadership modules outlining methods for successfully managing teams, dealing with time constraints, budgeting, assessing threats appropriately, communicating with organizational leadership, and more.
Daily, students will engage with real-world case studies over-viewing the successes and failures various business and organizations. By examining various past and current institutions using a variety of business analysis techniques, leaders gain more clarity on how to set achievable goals given limited resources.
By the conclusion of this course, all students will better understand how to embolden and propel teams with current and proven management techniques within the framework of Cybersecurity.

Audience Profile

• Cybersecurity professionals
• Business leaders seeking cybersecurity insights
• Developers expanding knowledge of threats and trends
• Managers building secure programs and policies

At Course Completion

• Prepares for the GSTRT certification
• Equip cybersecurity leaders to assess the threat landscape
• Teach management techniques to boost team cohesion and productivity
• Develop and implement strategic plans for greater success
• Set achievable goals for yourself and your teams
• Building and implementing network policy that aligns with overall company culture, values, and mission
• Determining appropriate resource allocation
• Connecting with organizational leadership (C-level / C-suite)

Outline

Outline
Day 01 - Foundations of Strategic and CyberSecurity Planning
What Business Are You In
• 💬 Lecture: Vision vs Mission
• 💻 Lecture + Lab: Create A Mission
• 💬 Lecture: Identifying Stakeholders
• 💬 Lecture: Understanding History
• 💬 Lecture: Assets
• 💬 Lecture: Business and Security Goals
Strategic Planning
• 💬 Lecture: Levels of Planning
• 💬 Lecture: PESTLE Analysis
• 💻 Lecture + Lab: Planing - Archive Solutions
• 💬 Lecture: Communicate to the Team
• 💻 Lecture + Lab: Persuading the Team
Understanding Threats
• 💬 Lecture: CyberSecurity History
• 💬 Lecture: Threat Actors
• 💻 Lecture + Lab: Identifying Threat Actors
• 💻 Lecture + Lab: Create a VERIS Report
• 💬 Lecture: PEST Analysis
• 💬 Lecture: MITRE ATT&CK Framework
• 💬 Lecture: Intrusion Kill Chain
• 💻 Lecture + Lab: Analyze the Intrusion Kill Chain
• 💬 Lecture: Threat and Risk Surface Analysis
CyberSecurity Plan
• 💻 Lecture + Lab: FCC Small Biz Cyber Planner
• 💻 Lecture + Lab: CISA Cyber Essentials Starter Kit
• 💻 Lecture + Lab: CISA Security Planning Workbook
Day 02 - Crafting Robust Security Frameworks
• Tuesday Test and Review
Security Strategy
• 💬 Lecture: Security Framework
• 💬 Lecture: Business Strategy
Security Communication
• 💬 Lecture: Budget
• 💬 Lecture: Maturity Levels
• 💬 Lecture: Security Metrics
• 💻 Lecture + Lab: Apply Security Metrics
Identifying Threats
• 💬 Lecture: Identifying Threats NIST IR 8286A
• 💬 Lecture: SWOT Analysis
• 💻 Lecture + Lab: Performing a SWOT Analysis
• 💬 Lecture: GAP Analysis
NIST CSF
• 💬 Lecture: NIST CSF Profiles and Roadmaps
• 💻 Lecture + Lab: NIST CSF 2.0 and Profiling
Day 03 - Crafting and Implementing Security Policy
• Wednesday Test and Review
Policy Breakdown
• 💻 Lecture + Lab: Policy Breakdown
• 💻 Lecture + Lab: Case Study - T Mobile Data Breaches
Why of Policy
• 💬 Lecture: Philosophy of Policy
• 💬 Lecture: Examples of Creating Policy
• 💬 Lecture: Policy Pyramid
• 💻 Lecture + Lab: Case Study - Equifax and Policy
• 💬 Lecture: Arranging Policy
• 💬 Lecture: Considering Culture
• 💬 Lecture: Policy Requirements
What Makes Good Policy
• 💬 Lecture: Clarity of Language
• 💬 Lecture: Remain Accessible to Your Audience
• 💬 Lecture: SMART
What is Security Policy
• 💬 Lecture: NIST SP 800-18
• 💬 Lecture: NIST SP 800-53
• 💬 Lecture: CIS Critical Security Controls
• 💬 Lecture: Summary of ISO IEC 27002
Policy Fix Up
• 💻 Lecture + Lab: Assess Policy
Evolving Policy
• 💬 Lecture: Ways to Evolve Policy
• 💻 Lecture + Lab: Rating Policy with SMART
Policy Potpourri
• 💬 Lecture: Vulnerability Management
• 💬 Lecture: Generative AI
• 💬 Lecture: Cloud Security
• 💻 Lecture + Lab: Mobile Device Management - BYOD
• 💬 Lecture: Zero Trust
• 💬 Lecture: Data Breach Notification
• 💬 Lecture: Data Retention and Disposal
• 💬 Lecture: Privacy
Day 04 - Building and Leading Resilient Security Teams
Day 04 -
• Thursday Test and Review
What is Leadership
• 💬 Lecture: Leadership
• 💻 Lecture + Lab: Learning Leadership
Effective Leaders
• 💬 Lecture: Fundamental Leadership Traits
• 💻 Lecture + Lab: Building Leadership Traits
Competence & Trust Building
• 💬 Lecture: Improvement with Education
• 💬 Lecture: Creating a Culture of Trust
Team Building
• 💬 Lecture: Identifying Your Team
• 💻 Lecture + Lab: Promoting Team Communication
• 💬 Lecture: Deliberate Actions and Checklists
• 💻 Lecture + Lab: Evolve Leadership Style
Relevance
• 💬 Lecture: Three Ways Framework
• 💬 Lecture: Security in the Value Stream
Enable and Shape Organizational Change
• 💻 Lecture + Lab: Values Impacting Leadership
• 💬 Lecture: Morale and Belief
• 💬 Lecture: Enterprise Wide Disruptions
• 💻 Lecture + Lab: Managing Change
Day 05 - Advanced Applications and Real-World Integration
• Friday Test and Review
Case Studies
• 💻 Lecture + Lab: Case Study - Wanna Cry
• 💻 Lecture + Lab: Case Study - Sony Pictures Hack
• 💻 Lecture + Lab: Case Study - Colonial Pipeline
• 💻 Lecture + Lab: Case Study - Security Leadership at ArborSafe
Interacting with Leadership
• 💬 Lecture: Interacting with Marketing and Executives
Stakeholders Management
• 💻 Lecture + Lab: Interacting with Stakeholders - No SMTP Attachment Policy
Driving Innovation
• 💬 Lecture: Values and Culture
• 💬 Lecture: Innovating with Visioning
• 💻 Lecture + Lab: Innovation
• 💬 Lecture: Emerging Technologies
Appendix
• References and Additional Reading
• Glossary

Prerequisites