Security Leadership - Strategy, Policy, and Planning
Who Should Attend
• Cyber Security professionals
• Business leaders seeking an understanding of current Cybersecurity practices
• Developers looking to broaden their understanding of current threats and trends
• Managers responsible for creating Secure Programs and Security Policy
What You’ll Learn
• Empower Cybersecurity leaders to better assess the current threat landscape
• Teach leadership management techniques to maximize team cohesion and productivity
• Creation and implementation of strategic plans to increase successes
• Setting achievable goals for yourself and your teams
• Building and implementing network policy that aligns with overall company culture, values, and mission
• Determining appropriate resource allocation
• Connecting with organizational leadership (C-level / C-suite)
Outline
Day 01 - Foundations of Strategic and CyberSecurity Planning
What Business Are You In
• Lecture: Vision vs Mission
• Lecture + Lab: Create A Mission
• Lecture: Identifying Stakeholders
• Lecture: Understanding History
• Lecture: Assets
• Lecture: Business and Security Goals
Strategic Planning
• Lecture: Levels of Planning
• Lecture: PESTLE Analysis
• Lecture + Lab: Planing - Archive Solutions
• Lecture: Communicate to the Team
• Lecture + Lab: Persuading the Team
Understanding Threats
• Lecture: CyberSecurity History
• Lecture: Threat Actors
• Lecture + Lab: Identifying Threat Actors
• Lecture + Lab: Create a VERIS Report
• Lecture: PEST Analysis
• Lecture: MITRE ATT&CK Framework
• Lecture: Intrusion Kill Chain
• Lecture + Lab: Analyze the Intrusion Kill Chain
• Lecture: Threat and Risk Surface Analysis
CyberSecurity Plan
• Lecture + Lab: FCC Small Biz Cyber Planner
• Lecture + Lab: CISA Cyber Essentials Starter Kit
• Lecture + Lab: CISA Security Planning Workbook
Day 02 - Crafting Robust Security Frameworks
• Tuesday Test and Review
Security Strategy
• Lecture: Security Framework
• Lecture: Business Strategy
Security Communication
• Lecture: Budget
• Lecture: Maturity Levels
• Lecture: Security Metrics
• Lecture + Lab: Apply Security Metrics
Identifying Threats
• Lecture: Identifying Threats NIST IR 8286A
• Lecture: SWOT Analysis
• Lecture + Lab: Performing a SWOT Analysis
• Lecture: GAP Analysis
NIST CSF
• Lecture: NIST CSF Profiles and Roadmaps
• Lecture + Lab: NIST CSF 2.0 and Profiling
Day 03 - Crafting and Implementing Security Policy
• Wednesday Test and Review
Policy Breakdown
• Lecture + Lab: Policy Breakdown
• Lecture + Lab: Case Study - T Mobile Data Breaches
Why of Policy
• Lecture: Philosophy of Policy
• Lecture: Examples of Creating Policy
• Lecture: Policy Pyramid
• Lecture + Lab: Case Study - Equifax and Policy
• Lecture: Arranging Policy
• Lecture: Considering Culture
• Lecture: Policy Requirements
What Makes Good Policy
• Lecture: Clarity of Language
• Lecture: Remain Accessible to Your Audience
• Lecture: SMART
What is Security Policy
• Lecture: NIST SP 800-18
• Lecture: NIST SP 800-53
• Lecture: CIS Critical Security Controls
• Lecture: Summary of ISO IEC 27002
Policy Fix Up
• Lecture + Lab: Assess Policy
Evolving Policy
• Lecture: Ways to Evolve Policy
• Lecture + Lab: Rating Policy with SMART
Policy Potpourri
• Lecture: Vulnerability Management
• Lecture: Generative AI
• Lecture: Cloud Security
• Lecture + Lab: Mobile Device Management - BYOD
• Lecture: Zero Trust
• Lecture: Data Breach Notification
• Lecture: Data Retention and Disposal
• Lecture: Privacy
Day 04 - Building and Leading Resilient Security Teams
• Thursday Test and Review
What is Leadership
• Lecture: Leadership
• Lecture + Lab: Learning Leadership
Effective Leaders
• Lecture: Fundamental Leadership Traits
• Lecture + Lab: Building Leadership Traits
Competence & Trust Building
• Lecture: Improvement with Education
• Lecture: Creating a Culture of Trust
Team Building
• Lecture: Identifying Your Team
• Lecture + Lab: Promoting Team Communication
• Lecture: Deliberate Actions and Checklists
• Lecture + Lab: Evolve Leadership Style
Relevance
• Lecture: Three Ways Framework
• Lecture: Security in the Value Stream
Enable and Shape Organizational Change
• Lecture + Lab: Values Impacting Leadership
• Lecture: Morale and Belief
• Lecture: Enterprise Wide Disruptions
• Lecture + Lab: Managing Change
Day 05 - Advanced Applications and Real-World Integration
• Friday Test and Review
Case Studies
• Lecture + Lab: Case Study - Wanna Cry
• Lecture + Lab: Case Study - Sony Pictures Hack
• Lecture + Lab: Case Study - Colonial Pipeline
• Lecture + Lab: Case Study - Security Leadership at ArborSafe
Interacting with Leadership
• Lecture: Interacting with Marketing and Executives
Stakeholders Management
• Lecture + Lab: Interacting with Stakeholders - No SMTP Attachment Policy
Driving Innovation
• Lecture: Values and Culture
• Lecture: Innovating with Visioning
• Lecture + Lab: Innovation
• Lecture: Emerging Technologies
Appendix
• References and Additional Reading
• Glossary
Sorry! It looks like we haven’t updated our dates for the class you selected yet. There’s a quick way to find out. Contact us at 502.265.3057 or email info@training4it.com
Request a Date