SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
LDR419: Performing A Cybersecurity Risk Assessment
LDR419Cybersecurity Leadership
- 2 Days (Instructor-Led)
- 12 Hours (Self-Paced)
Course created by:
James Tarala
Course created by:James Tarala
- 12 CPEs
Apply your credits to renew your certifications
- In-Person, Virtual or Self-Paced
Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months
- Intermediate Skill Level
Course material is geared for cyber security professionals with hands-on experience
- 7 Hands-On Lab(s)
Apply what you learn with hands-on exercises and labs
Explore industry-leading strategies for conducting cybersecurity risk assessments that deliver actionable insights to protect your organization's critical assets and meet regulatory requirements.
Featured Quote
James is top notch. He brings so much expertise and is precise with clarifying when something doesn't make sense. By far my favorite SANS instructor!
Course Overview
Ever-evolving regulations require organizations to conduct cybersecurity risk assessments for compliance and audit purposes. Yet many organizations approach this without a specific strategy, resulting in random defenses, ineffective programs, and financial losses. This cybersecurity risk assessment course moves beyond theoretical concepts to provide practical knowledge for preparing and conducting meaningful risk assessments. Course participants learn to identify relevant risks within your specific organizational context, uncover these risks effectively, and present results to leadership for actionable outcomes. Through hands-on exercises and real-world scenarios using the Cyber42 leadership simulation game, you'll gain the foundational knowledge and practical skills needed to perform comprehensive risk assessments that directly impact an organization's security posture.
What You'll Learn
- Establish business context for risk management programs
- Create comprehensive risk assessment plans
- Evaluate cybersecurity documentation and safeguards
- Conduct third-party risk assessments effectively
- Present risk findings that drive leadership action
Business Takeaways
- Establish business cases for cybersecurity risk assessment
- Prepare assessments that matter to the business
- Meet and exceed regulatory requirements
- Effectively report results to key stakeholders
- Create strategic responses to identified risks
- Develop practical defense strategies
- Identify weaknesses in your cybersecurity program
Meet Your Author
James Tarala
Senior InstructorJames Tarala, managing partner at Cyverity, co-created the CIS Controls and Cybersecurity Standards Scorecard, transforming cybersecurity governance and empowering global organizations to operationalize risk into actionable defense strategies.
Read more about James TaralaCourse Syllabus
Explore the course syllabus below to view the full range of topics covered in LDR419: Performing A Cybersecurity Risk Assessment.
Section 1Preparing for A Cybersecurity Risk Assessment
Section one teaches students the foundational skills needed to prepare for and plan a cybersecurity risk assessment, emphasizing the importance of understanding business context and governance frameworks.
Topics covered
- Business Context for Risk Assessment
- Architecture for Governance and Risk
- Risk Management Lifecycle
- Selecting Cybersecurity Safeguards
- Internal vs Third-Party Assessments
Labs
- Analyzing a Governance Model
- Evaluating Cybersecurity Program Goals
- Creating Risk Assessment Plans
- Using Safeguard Inventory Tools
- Analyzing Internal vs Third-Party Scoping
Section 2Performing a Cybersecurity Risk Assessment
Section two guides students through performing a cybersecurity risk assessment using practical tools, real-world case studies, and instructor support, while also teaching how to act on assessment results and engage stakeholders.
Topics covered
- Risk Assessment Quality
- Evaluating Cybersecurity Documentation
- Evaluating Cybersecurity Safeguards
- Presenting Risk to Stakeholders
- Risk Remediation & Response
Labs
- Evaluating a Cybersecurity Policy
- Evaluating Cybersecurity Technical Safeguards
- Creating an Executive Risk Briefing
- Writing a Personal Action Plan
Things You Need To Know
Relevant Job Roles
Senior Security Leader
Cybersecurity LeadershipDaily focus is on the leadership of technical teams. Includes titles such as Technical Director, Manager, and Team Lead.
Explore learning pathAuthorizing Official/Designated Representative (DCWF 611)
DoD 8140: CybersecurityResponsible for accepting system risk on behalf of the organization, ensuring acceptable security levels for mission, reputation, and operations.
Explore learning pathExecutive Cybersecurity Leadership (OPM 901)
NICE: Oversight and GovernanceResponsible for establishing vision and direction for an organization's cybersecurity operations and resources and their impact on digital and physical spaces. Possesses authority to make and execute decisions that impact an organization broadly, including policy approval and stakeholder engagement.
Explore learning pathCybersecurity Policy and Planning (OPM 752)
NICE: Oversight and GovernanceResponsible for developing and maintaining cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity initiatives and regulatory compliance.
Explore learning pathCourse Schedule & Pricing
Looking for Group Purchasing Options?Contact Us
OnDemand Bundle
When purchasing a live, instructor-led course, add 4 months of online access. View price in the info icons below.
SANS Skills Quest by NetWars Core Edition
Add 6 months of hands-on skills practice. Add to your cart when purchasing your course.
Filter by:
Location & instructorDate & TimeCourse priceEnrollment options
- Location & instructor
Virtual (OnDemand)
Instructed by James TaralaDate & TimeOnDemand (Anytime)Self-Paced, 4 months accessCourse price$3,505 USD*Prices exclude applicable local taxesEnrollment options - Location & instructor
Chicago, IL, US & Virtual (live)
Instructed by James TaralaDate & TimeFetching schedule..View event detailsCourse price$3,505 USD*Prices exclude applicable local taxes - Location & instructor
Virtual (live)
Instructed by Russell EubanksDate & TimeFetching schedule..View event detailsCourse price$3,505 USD*Prices exclude applicable local taxesEnrollment options - Location & instructor
Virtual (live)
Instructed by Russell EubanksDate & TimeFetching schedule..View event detailsCourse price$3,505 USD*Prices exclude applicable local taxesEnrollment options
Showing 4 of 4
Learn Alongside Leading Cybersecurity Professionals From Around The World
- Slide 1 of 4Anyone looking to change careers [into cybersecurity] would be able to get their sea legs under them with the instruction provided.
- Slide 2 of 4The content is very relevant and can be directly applied to my work. It helped me get an overview on risk management frameworks before diving into how we do a risk assessment.
- Slide 3 of 4The Cyber42 exercises were a great way to demonstrate the realistic circumstance of having to weigh imperfect options against each other and make the best of what we have.
- Slide 4 of 4It gives people a good understanding of how we got to where we are with risk assessments and audits and the politics often involved.
Slide 1 of 0
(1/0)
Benefits of Learning with SANS
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources