3 Day Course 18 CPEs You Will Be Able To ▐ Master how to map and benchmark your program’s maturity against your peers’. ▐ Understand the Security Awareness Maturity Model and how to leverage it as the roadmap for your program ▐ Ensure compliance with key standards and regulations ▐ Implement models for learning theory, behavioral change, and organizational culture ▐ Define human risk and explain the three different variables that constitute it ▐ Explain the risk assessment processes ▐ Explain and leverage the latest in Artificial Intelligence to exponentially increase your impact ▐ Leverage the latest in Cyber Threat Intelligence (CTI) and describe the most common tactics, techniques, and procedures (TTPs) used by cyber attackers in today’s human-based attacks ▐ Identify, measure, and prioritize your human risks and define the behaviors that manage those risks ▐ Identify high risk roles and the required, specialized training for those roles Who Should Attend ▐ Security awareness, training, engagement or culture officers ▐ Security management officials ▐ Security auditors, and governance, legal, privacy or compliance officers ▐ Training, human resources and communications staff ▐ Representatives from organizations regulated by industries such as HIPAA, GDPR, FISMA, FERPA, PCI-DSS, ISO/IEC 27001 SOX, NERC, or any other compliance- driven standard ▐ Anyone involved in planning, deploying or maintaining a security education, training, influence or communications program NICE Framework Work Roles ▐ Cyber Instructional Curriculum Developer (OPM 711) ▐ Security Awareness & Communications Manager (OP 712) Cybersecurity is no longer just a technical challenge but also a human one, people play a role in 80% of all breaches. For most organization their biggest challenge has become human risk management. This course enables security professionals to effectively build, manage and measure their human risk by changing and securing their workforce’s behaviors. Students are provided a structured roadmap with a step-by-step strategy on how to engage and secure their workforce, to include seven highly interactive team labs and the course Digital Download Package. In addition, this is the only SANS short course to provide a credential, the industry recognized SSAP. Business Takeaways ▐ Align your security awareness program with your organization’s strategic security priorities ▐ Effectively identify, prioritize and manage your organization’s top human risks ▐ More closely integrate your security awareness efforts with your security team’s overall risk management efforts ▐ Make the most of your investment by sustaining your program long term, going beyond changing behavior to embedding a strong security culture ▐ Communicate and demonstrate the value of the change to your senior leadership in business terms Syllabus Summary SECTION 1: Fundamentals and Identifying/Prioritizing Human Risk SECTION 2: Identifying and Changing Behavior SECTION 3: Security Culture and Measuring Change LDR433: Managing Human Risk™ CURRICULUM: Cybersecurity Leadership “ Content was relevant, up-to-date, and presented with a clear practical application.” — Rhys Arnold Arnold, Bridewill “ Excellent knowledge that every organization should have.” — Mtinawa Banda, Uk CAA “ All companies need this kind of training.” — Nelson Estrada, GoodFarms Lance Spitzner Course Author For detailed course description, visit SANS.ORG/LDR433 WAYS TO TAKE LDR433 Live Online In-Person OnDemand SSAP SANS Security Awareness Professional sans.org/ssap
