Cybersecurity is no longer just a technology challenge; it is now also a human one. As organizations invest more in the human side of cybersecurity and interest continues to grow, they can look to SANS Institute, which offers two different courses specializing in this field. Below is an overview of each, aimed at helping you decide which course is the best fit for you and your organization. You can find more details for each course on their respective webpage.
This intense three-day course focuses on managing your organization’s human risk by changing your workforce’s behavior. As a student, you gain an in-depth understanding of how to build, manage, and measure a mature security awareness program (also often called behavior and culture, influence and engagement, or training and education). If you are new to the field of cybersecurity or risk management and need to to motivate and enable behavior change in your workforce, or if you need to take your existing awareness program to the next level, this is the course for you. In addition, this course prepares you for the SANS Security Awareness Professional (SSAP), the industry’s leading credential recognizing your expertise in managing human risk.
This five-day course is designed for more senior security leaders who already have a strong background in risk management. Of the two courses, this is the more advanced. This course does not focus on risk or behavior, but primarily on culture, your workforce’s attitudes, perceptions, and beliefs about cybersecurity. This course is more of a master’s level course that goes into detail on what organizational culture is, how to define and measure it, and ultimately how to change it. As a result of a stronger security culture, not only will your workforce behave more securely, but your security initiatives and overall security program will be far more successful.
Still not sure which of these two courses is the best for you? Reach out to me at lspitzner@sans.org and I’ll be happy to help answer any questions you have.
