GSLC

LDR512: Security Leadership Essentials for Managers™ Security Leadership

giac.org/gslc

5 30 Laptop Leading Security Initiatives to Manage Information Risk

Day Program CPEs Required
Take this security management course to learn the key elements of any modern security
program. LDR512 covers a wide range of security topics across the entire security stack.
You Will Be Able To Learn to quickly grasp critical information security issues and terminology, with a focus on
• Make sense of different cybersecurity frameworks security frameworks, security architecture, security engineering, computer/network security,
• Understand and analyze risk vulnerability management, cryptography, data protection, security awareness, cloud security,
• Decipher the pros and cons of different reporting application security, DevSecOps, generative AI security, and security operations.
relationships
• Manage and lead technical teams and projects The training course uses the Cyber42 leadership simulation game to put you in real-world
• Build a vulnerability management program scenarios that spur discussion and critical thinking of situations that you will encounter at
• Inject security into modern DevOps workflows work. Throughout the class you will participate in 23 Cyber42 activities.
• Strategically leverage a SIEM
What Is Security Management?
• Lead a Security Operations Center (SOC)
• Change behavior and build a security-aware Security management is all about managing information risk. This means that you need
culture the appropriate level of technical knowledge and leadership skills to gain the respect
• Effectively manage security projects of technical team members, understand what technical staff are actually doing, and
• Enable modern security architectures and the appropriately plan and manage security projects and initiatives. This is a big and important
cloud
job that requires an understanding of a wide array of security topics. Being an effective
• Build security engineering capabilities using
automation and Infrastructure as Code (IaC) security leader requires you to get up to speed quickly on information security issues and
• Understand and secure generative AI (GenAI) terminology to build a modern security program. Creating a high-performing security team
services means that you can anticipate what security capabilities need to be built to enable the
• Get up to speed quickly on information security business and mitigate threats.
issues and terminology
• Establish a minimum standard of security Business Takeaways
knowledge, skills, and abilities
• Speak the same language as technical security This course will help your organization:
professionals • Develop leaders that know how to build a modern security program
• Anticipate what security capabilities need to be built to enable the business and
GSLC mitigate threats
Security Leadership • Create higher-performing security teams
giac.org/gslc

GIAC Security Leadership Hands-On Security Manager Training

The GIAC Security Leadership (GSLC) certification This leadership-focused security training course uses case scenarios, group discussions,
validates a practitioner’s understanding of
governance and technical controls focused
team-based exercises, in-class games, and a security leadership simulation to help students
on protecting, detecting, and responding to absorb both technical and management topics. About 60–80 minutes per day is dedicated to
security issues. GSLC certification holders have these learning experiences using the Cyber42 leadership simulation game.
demonstrated knowledge of data, network, host,
application, and user controls along with key This leadership simulation game is a continuous tabletop exercise where students play to
management topics that address the overall improve security culture, manage budget and schedule, and improve security capabilities
security lifecycle.
at a fictional organization. This puts you in real-world scenarios that spur discussion and
• Cryptography concepts and applications for
managers, networking concepts and monitoring critical thinking of situations that you will encounter at work.
for managers
• Managing a security operations center,
application security, negotiations and vendors,
and program structure
“This is an excellent primer for management types. I come from a
• Managing security architecture, security
awareness, security policy, and system security technical background and can see the value there plain as day.”
• Risk management and security frameworks, —Matt Zaycer, Pilot Flying J
vulnerability management, incident response
and business continuity

• Watch a preview of this course

sans.org/LDR512 • Discover how to take this course: Online, In-Person
Section Descriptions

SECTION 1: Building Your Security Program SECTION 4: Security Management and Who Should Attend
The course starts with a tour of the information that effective Leadership • CISOs
security managers and leaders must know to function in the Section 4 covers what managers need to know • Information security officers
modern security environment. This includes an understanding about leading security initiatives. Every security
of the different types of cybersecurity frameworks available • Security directors
leader should know how to build a vulnerability
to structure your security team and program. Risk is central to management program and the associated process to • Security managers
effective information security management, so we’ll discuss key successfully find and fix vulnerabilities. Additionally, • Aspiring security leaders
risk concepts in order to lay the foundation for effective risk security awareness is a huge component of any
assessment and management. Security policy is a key tool that • Security personnel who have team
security program that helps drive activities to change
security managers use to manage risk. We’ll cover approaches to lead or management responsibilities
human behavior and create a more risk-aware and
policy to help you plan and manage your policy process. Finally, security-aware culture. To implement new initiatives, • Anyone who wants to go beyond
we’ll discuss security functions, reporting relationships, and security leaders must also develop negotiation skills technical skills
roles and responsibilities to give the advancing manager a view and conduct thorough analysist of vendors. Finally, • Technical professionals who want to
into effective security team and program structure. for any project or initiative, security leaders must also learn to communicate with senior
TOPICS: Security Frameworks; Understanding Risk; Security be able to drive effective project execution. Having leaders in business terms
Policy; Program Structure a well-grounded understanding of the management
and leadership practices makes it easier to move
your projects forward.
SECTION 2: Technical Security Architecture TOPICS: Vulnerability Management; Security
NICE Framework Work Roles
Section 2 provides coverage of traditional and modern security Awareness; Negotiations Primer; Vendor Analysis; • Information Systems Security
architectures focused on technical topics. This includes a Managing and Leading Teams Manager (OPM 722)
thorough discussion of network security that is modeled around • Cyber Workforce Developer and
the various layers of the network stack. As modern attacks are Manager (OPM 751)
also focused on the computing devices we cover malware and SECTION 5: Detecting and Responding
• Cyber Policy and Strategy Planner
attack examples along with corresponding host security controls to Attacks (OPM 752)
for the endpoint and server. The cloud is a major initiative that
Section 5 focuses on detection and response
many organizations is changing the way organizations operate • Executive Cyber Leadership (OPM 901)
capabilities. This includes gaining appropriate
and design their controls. To get ready for these initiatives, we • Program Manager (OPM 801)
visibility via logging, monitoring, and strategic
provide an overview of Amazon Web Services (AWS) to serve as a
thinking about a security information and event • IT Project Manager (OPM 802)
reference point and discuss key cloud security issues. The cloud,
management (SIEM) system. Once implemented,
the rise of mobile devices, and other factors are highlighting
the logs in a SIEM are a core component of any
weaknesses in traditional, perimeter-oriented security
Security Operations Center (SOC). We’ll discuss the
architecture which leads into a discussion of the Zero Trust Model.
key functions of a SOC along with how to manage
TOPICS: Security Architecture Overview; Network Security; and organize your organization’s security operations.
Host Security; Cloud Security; Identity and Access Management; The incident response process is discussed in
Zero Trust relation to identifying, containing, eradicating, and
recovering from security incidents. This leads into
a discussion of longer-term business continuity
SECTION 3: Security Engineering planning and disaster recovery. Managers must also “This course is great
Section 3 focuses on security engineering best practices. This understand physical security controls that, when content for leaders within
includes building an understanding of cryptography concepts, not implemented appropriately, can cause technical
encryption algorithms, and applications of cryptography which security controls to fail or be bypassed. the field. It pushes people
are foundational elements of building any secure system. TOPICS: Logging and Monitoring; Security Operations to stop always focusing
Since encrypting data alone is not sufficient, we discuss the Center (SOC); Incident Handling; Contingency
distinction between privacy and security to give managers Planning; Physical Security
on the technical aspects
a primer on key privacy concepts. Managers must also be of cybersecurity and
knowledgeable about software development processes, issues,
and application vulnerabilities. We cover application security really understand what
and leading development processes built on DevSecOps. Current
engineering approaches also include modern infrastructure as
the business needs from
code approaches and tools to automate consistent deployment its security function as
of standard configurations. Finally, generative AI has led to the
growth of AI usage and newer Large Language Model application a whole to enable the
architectures which need to be secured. business.”
TOPICS: Security Engineering; Data Protection; Privacy Primer;
—Alexander Walker, TechVets
Application Security; Privacy Engineering