SEC301: Introduction to Cyber Security™ MAJOR UPDATE CURRICULUM: New2Cyber: Cybersecurity & IT Essentials 5 Day Program 30 CPEs 14 Labs This course is designed for cyber-adjacent professionals, managers, HR, legal, auditors, and other non-technical roles who need a strong foundation in cybersecurity fundamentals. Through engaging instruction and relatable examples, this course builds confidence in key areas like threats, risks, defenses, and cyber hygiene. Whether you’re supporting a security team, shaping policy, or guiding business decisions, SEC301 helps you understand the language of cybersecurity and your role in protecting the organization. No technical experience required just curiosity and a desire to be cyber smart. Business Takeaways ▐ Speak the language of cybersecurity—bridging the gap between technical and business teams ▐ Identify and communicate risk clearly in terms of impact, accountability, and resilience ▐ Support compliance and governance efforts with an informed understanding of frameworks and controls ▐ Strengthen organizational security culture by promoting awareness and shared responsibility ▐ Contribute to strategy and decision-making with confidence rooted in understanding, not fear ▐ Empower others—becoming the person in the room who can translate cybersecurity into action Syllabus Summary SECTION 1: Cybersecurity Foundations SECTION 2: Building Digital Trust: Cryptography, Identity, and Access SECTION 3: Understanding Networks and Data in Motion SECTION 4: Modern Attack Tactics: From Phishing to AI-Powered Threats SECTION 5: Cybersecurity Technologies and Web Security You Will Be Able To ▐ Explain cybersecurity fundamentals using clear, business-ready language ▐ Identify common threat types and the vulnerabilities they exploit ▐ Understand how cryptography, authentication, and access control establish digital trust ▐ Describe how networks, data flows, and Zero Trust principles reduce risk ▐ Recognize how malware, phishing, and social engineering attacks operate—and how to disrupt them ▐ Connect frameworks such as NIST CSF, CIS Controls, and MITRE ATT&CK/D3FEND to practical defense strategies ▐ See how cloud, IoT, and AI reshape both opportunities and risk Who Should Attend ▐ People who are new to information security and in need of an introduction to the fundamentals of security ▐ Those who feel bombarded with complex technical security terms they don’t understand but want to understand ▐ Professionals who need to be conversant in basic security concepts, principles, and terms, but who don’t need “deep in the weeds” detail ▐ Those who have decided to make a career change to take advantage of the job opportunities in information security and need formal training/certification ▐ Managers who worry their company may be the next mega-breach headline story on the 6 o’clock news NICE Framework Work Roles ▐ Authorizing Official/Designating Representative (OPM 611) ▐ Knowledge Manager (OPM 431) ▐ Privacy Officer/Privacy Compliance Manager (OPM 732) ▐ Cyber Instructor (OPM 712) ▐ Communications Security (COMSEC) Manager (OPM 723) “ The SEC301 content was excellent. A wide gambit of information was provided that will prove applicable at work and also to life in general. The labs provided excellent instructions & were great at reinforcing the material.” —Jimmy T., U.S. Military GISF Information Security Fundamentals giac.org/gisf For detailed course description, visit SANS.ORG/SEC301 Rich Greene Course Author WAYS TO TAKE SEC301 Live Online In-Person OnDemand * sans.org/8140 DoD 8140*
