SEC405: Business Finance Essentials

  • Online
6 CPEs
The successful information security leader is responsible for more than just managing cybersecurity teams that protect their organization's interests. There are few disciplines more critical to organizational success than financial stewardship, so an effective information security leader must also have solid knowledge of business finance. This course will take information security leaders on a journey to help them understand and successfully navigate their organization's financial status. Understanding and effectively communicating financial stewardship will contribute to your own success, the success of the cybersecurity team that you are privileged to lead, and, ultimately, the success of your organization.

What You Will Learn

Turn Your Financial Uncertainty into Financial Clarity!

SEC405: Business Finance Essentials will:

  • Increase your business financial literacy
  • Improve your understanding and awareness of business financial health
  • Prepare you to partner with your organization's finance team
  • Provide you with the skills and knowledge to serve as a trusted financial advisor to your organization

Course Overview

What would it feel like to have confidence in navigating your business financials before dedicating another hour to cybersecurity work or spending another dollar of your cybersecurity budget? This course will give you the confidence and clarity to understand and effectively communicate financial stewardship. The knowledge and skills you learn in SEC405 will contribute to your own success as well as the success of the cybersecurity team you are privileged to lead, and, ultimately, the success of your organization.

In Business Finance Essentials you will learn the importance of a clear business case by creating one yourself during a course exercise. Need to design a multi-year budget? No problem! We will talk about the rationale for that design and then undertake an exercise to create such a budget. You'll be able to use these examples as templates later when you need to do these tasks yourself!


What will this course immediately prepare you to do?

  • Fully understand what your Chief Financial Officer (CFO) and finance team are saying
  • Stand out as an engaged partner in shared business success
  • Follow a repeatable eight-step Finance Framework that helps you understand and communicate finance more effectively
  • Discover and successfully interpret an organization's financial goals
  • Better align the cybersecurity program to the strategic priorities of the organization
  • Better understand the business side of an enterprise, including business decisions and tradeoffs
  • Improve partnerships with key leaders
  • Achieve alignment of your cybersecurity program

What will the Chief Financial Officer notice after you take this course and apply the concepts you've learned?

  • You ask better questions of your CFO, Controller, and Finance team
  • You can interpret common financial statements
  • You demonstrate strong financial stewardship
  • You are able to create a multi-year budget
  • You make a greater effort to work with finance colleagues

What strategies can build a meaningful relationship with your Chief Financial Officer?

  • Understand what is important to your CFO
  • Demonstrate the interest, skills, and knowledge that make you stand out
  • More specifically, be able to interpret a balance sheet, cash flow statement, and income statement

How can you demonstrate financial stewardship?

  • Think through and assess such concepts as "before the next dollar is spent" and "before the next hour is spent"
  • Ensure that your efforts are definitively focused on the highest risks

What does a Chief Information Security Officer need to know about finance to be successful?

  • How to successfully navigate the mysterious realm of business finance
  • How to secure multi-year funding for cybersecurity projects
  • How to create a business case

What You Will Receive

  • Electronic courseware for learning how to understand business finance
  • Course book
  • Lab workbook with completed examples
  • MP3 audio files of the complete course lecture
  • An enabling and repeatable eight-step Finance Framework created to help you understand and communicate finances more effectively

What Courses To Take Next

  • SANS SEC402: Cybersecurity Writing: Hack the Reader
  • SANS SEC403: Secrets to Successful Cybersecurity Presentation

Syllabus (6 CPEs)

Download PDF
  • Exercises
    • Developing a clear business case
    • Creating a multi-year budget
    • What you must know about finance
      • Priorities of the CFO
      • Metrics
    • A clear business case

      • Lab 1: Developing a clear business case
    • Financial stewardship
      • Your three key financial documents
      • The Finance Framework
      • Navigating vendor negotiation
      • After-action report
    • A multi-year budget

      • Lab 2: Creating a multi-year budget
    • How we do this work
      • Tips for the cyber leader
      • Course conclusions


A basic understanding of information security and information security management topics is helpful for students attending SEC405. However, it is not necessary to have a strong background in these areas. The course presents a step-by-step approach to understand business finance that students will be able to follow regardless of their technical information security or management background.

Laptop Requirements

Important! Bring your own system configured according to these instructions.

A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will not be able to fully participate in hands-on exercises in your course. Therefore, please arrive with a system meeting all of the specified requirements.

Back up your system before class. Better yet, use a system without any sensitive/critical data. SANS is not responsible for your system or data.

  • Wireless networking (802.11 standard) is required. There is no wired Internet access in the classroom.
  • Your host operating system must be the latest version of Windows 10, Windows 11, or macOS 10.15.x or newer.
  • Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed.
  • Linux hosts are not supported in the classroom due to their numerous variations. If you choose to use Linux as your host, you are solely responsible for configuring it to work with the course materials and/or VMs.

If you have additional questions about the laptop specifications, please contact support.

Author Statement

"It should not be so hard for the cybersecurity leader to understand how business finance works. SEC405 Business Finance Essentials will allow you to better understand the language spoken by business, and in turn make sure your message gets heard. You will have a better understanding of concepts that many cybersecurity leaders avoid at their peril.

"Get wisdom as cheaply as you can" is the best advice I have ever received. Throughout this course, you can do just that. You will migrate from confusion to clarity as we tackle several critical topics that, once mastered, will set you apart from your peers and impress your boss!"

- Russell Eubanks

Register for SEC405

Learn about Group Pricing

Prices below exclude applicable taxes and shipping costs. If applicable, these will be shown on the last page of checkout.