C I S O S C O R E C A R D

SEC U RI T Y LEADE R SHIP SE CUR ITY MANAGE ME NT

DO YOU KNOW HOW TO : DO YOU KN OW HOW TO :

Manage information risk by implementing security capabilities Build a vulnerability management program

V U L N E R A B I L I T Y M A N AG E M E N T
• Security Program Structure • Program Frameworks (NIST CSF, ISO 27001) • Asset Management • Vulnerability Management • Vulnerability scanning
• Control Frameworks • Risk Frameworks (NIST 800-39, 800-37, 800-30) Governance Model architecture and design
(NIST 800-53, CIS Controls, CMMC) • Threat Frameworks (Kill Chain, MITRE ATT&CK)
Analyze and prioritize vulnerabilities
Lead modern security initiatives and technologies • CVSS severity scores • Leverage asset context • STIX, TAXII, STAXX

TECHNOLOGY
and ratings • Root cause analysis
• Security Architecture • Vulnerability Management Maturity Model

CISO Scorecard
• Zero Trust Model • Security Awareness Maturity Model
• Cloud Security Maturity Model • Negotiation Strategies Report and communicate vulnerability data
• Metrics Hierarchy • Define reporting frequency
Version 1.1 Structure your security program and team
AND • Roles and Responsibilities • Security Reporting Relationships Treat and remediate vulnerabilities to manage risk
• Guiding Principles • Three Lines of Defense Model • PIACT Process • Automated patch • Hardening and configuration

Cloud Security Maturity Model • How to Prioritize Work • RACI Matrix management guidance and templates

Build business enabling security capabilities Build relationships and processes to make vulnerability management fun
Coming Soon! • Product Security • Mobile Security
MGT
• Relationship Map • Define incentives, set goals,
hold challenges, reward effort
MGT
516
• Cloud Security • Emerging Technologies 5 DAYS

• DevSecOps • Security Due Diligence 512

For Cyber Leaders of Today and Tomorrow
5 DAYS

Implement and automate critical security controls

Develop a security strategic plan and roadmap • Minimum Controls Baselines • Windows Management Instrumentation (WMI)
and Sensors • iPost reporting and data feeds
• Security Roadmap • SWOT Analysis • Maturity Models
sans.org/cybersecurity-leadership
• PowerShell commands and scripting • Security Content Automation Protocol (SCAP)
• PEST Analysis • Gap Analysis

Get buy-in from all levels of the organization Measure effectiveness of security controls
• Mission and Vision • Stakeholder Management • Power/Interest Grid • Measures and metrics for the CIS • Root cause analysis

S E C U R I T Y CO N T RO L S
Statements Controls • Vulnerability scanning
• CIS-CAT to audit configurations • Red Team exercises & penetration testing
Craft effective presentations for senior leadership
ST R AT E G Y

• WIIFM approach • Maturity Models Manage projects, programs, and initiatives to successful completion

CURRICULUM • Elevator pitch • KPIs and metrics • Project Management Hierarchy

• Project Management Information
System (PMIS)
• Deming’s Plan-Do-Check-Act (PDCA) Cycle
• RACI Matrix
Create security policy and procedure • Project Priority Triangle
• Thomas-Kilmann Conflict Model
• Risk Breakdown Structure (RBS)
FORMULA FOR FORMULA FOR • Policy Pyramid • Policy voicing • SMART approach • Work Breakdown Structure • Decision Tree Analysis
TRANSFORMATIONAL OPERATIONAL
CYBERSECURITY LEADERS CYBERSECURITY EXECUTIVES Align with business objectives Build dashboards for security and compliance
• Security Business Case • Multi-Year Budget • SNAP approach for marketing
• Using spreadsheets as data sources • Adding Grafana data sources and building
MGT MGT Respond to legal and regulatory risks
and as visualization tools dashboard

512 516 • Conduct critical legal analysis • Case studies on policy, privacy, MGT
• Configuring Graphite and
loading data
• Building tactical reports directly from acquired
data using pivot tables and graphs

• Contract drafting styles digital evidence, contracts, regulatory 514

investigations, and liability 5 DAYS
Plan and execute effective audits
MGT MGT SEC MGT
514 521 566 551 • Scoping to cover highest risk areas
• Effective audit reports
• Approved baseline configurations
• Scripting audit tasks
SEC
566
5 DAYS

Create a sustainable cybersecurity culture

• The Culture Factor • Values Statement
MGT Security Leadership Essentials MGT Managing Security Vulnerabilities:
512 for Managers | GSLC 516 Enterprise and Cloud
Drive long-term organizational change Build a Security Operations Center (SOC)
5 DAYS Leading security initiatives to 5 DAYS Building and leading a vulnerability
manage information risk management program • SOC Functional Model • Collect, Detect, Triage, Investigate, Respond

S E C U R I T Y O P E R AT I O N S
• ADKAR Model • Kotter’s 8 Steps • Satir Model

Improve effectiveness and impact of security initiatives Lead incident response planning and execution
MGT Security Strategic Planning, SEC Implementing and Auditing
C U LT U R E

514 Policy, and Leadership | GSTRT 566 CIS Critical Controls | GCCC • Curse of Knowledge • Kirkpatrick Evaluation • System 1 vs. System 2 • RE&CT Framework • Hardening, Telemetry, • Plan activities
5 DAYS Aligning security initiatives with strategy 5 DAYS Building and auditing Critical Security Controls Model Process, and Practice
• ADDIE Model • Choice Overload

 ead, motivate, and inspire teams to execute

L Develop analysis techniques, playbooks, and detection use cases
• MITRE ATT&CK for use • Sigma and YARA for • Jupyter for data analysis
MGT Leading Cybersecurity Change: MGT Building and Leading the plan and improve security cases detections and threat hunting
521 Building a Security-Based Culture 551 Security Operations Centers
5 DAYS Leading & aligning security initiatives 5 DAYS Building and leading Security • Circle of Trust • Conflict Resolution • Ambassador Programs
with culture Operations Centers • FILE Feedback Model • AIDA Model • Incentive Framework Create metrics and strategies for SOC improvement
• ABCs of Delegation
• Metrics vs. KPIs. vs. OKRs
sans.org/cybersecurity-leadership
Build a mature security awareness program Implement training and retention strategies to prevent burnout
@secleadership MGT MGT
• Security Awareness • Maturity Model Indicators • BJ Fogg Behavior Model 521 • SOC Human Capital Model 551
Maturity Model Matrix 5 DAYS 5 DAYS
SANS Security Leadership
MGTPS_CISO-SC_v1.1_0921