Cyber Security Writing Course

What You Will Learn

Want to write better? Learn to hack the reader! Discover how to find an opening, break down your readers' defenses, and capture their attention to deliver your message--even if they're too busy or indifferent to others' writing. This unique course, built exclusively for cybersecurity professionals, will strengthen your writing skills and boost your security career.

You will:

Uncover the five "golden elements" of effective reports, briefings, emails, and other cybersecurity writing.
Make these elements part of your arsenal through hands-on exercises that draw upon common security scenarios.
Learn the key topics you need to address in security reports and other written communications.
Understand how to pick the best words, structure, look, and tone.
Begin improving your skills at once by spotting and fixing weaknesses in security samples.
Receive practical checklists to ensure you'll write clearly and effectively right away.

This isn't your normal writing course:

The course builds upon the author's two decades of cybersecurity experience. You'll learn from examples relevant to security professionals, whether they're experts or beginners, managers or individual team members.
The course focuses on common writing problems you'll learn to avoid, instead of presenting tedious grammar rules or theoretical explanations. You'll advance your writing by reviewing and improving real-world cybersecurity samples.

Master the writing secrets that'll make you stand out in the eyes of your peers, colleagues, managers, and clients. Learn to communicate your insights, requests, and recommendations persuasively and professionally. Make your cybersecurity writing remarkable.

SANS Video

Syllabus (12 CPEs)

Overview
Day 1 - Section 1: How to Strengthen Your Writing Skills--A Reader-Centered Approach
CPE/CMU Credits: 0.5
You'll learn how a reader-centered approach to writing allows you to prepare cybersecurity materials that connect with your audience. You'll discover how the five "golden elements" of writing work together to assist you with these tasks. These elements, which we discuss throughout the course, are:
- The right structure
- The right look
- The right words
- The right tone
- The right information
You'll understand how to use the hands-on exercises in this course to avoid problems common to the security reports, emails, and other content you regularly create.
Day 1 - Section 2: The Right Structure
CPE/CMU Credits: 2.5
We all have way too much to read. You'll learn how to structure your writing so readers don't want to put it down. You'll discover how to:
- Open with the idea your readers cares about most.
- Organize the supporting ideas to make them easy to find, read, skip, and skim.
- Design the structure to meet the needs of all your readers.
You'll understand how to use the right structure by spotting and fixing structural issues with many cybersecurity examples.
Day 1 - Section 3: The Right Look
CPE/CMU Credits: 3
You have just seconds to grab your reader. You'll learn how to give your writing the right look to hook your readers at a first glance. You'll be able to:
- Create an appealing layout with lists and headings
- Design readable paragraphs
- Capitalize words correctly
- Use just the right amount of formatting
- Pick the best graphic for your objectives
- Handle screenshots and tables effectively
You'll master the right look by examining security writing samples that have an amazingly misguided look. (Expect much fun.)
Overview
Day 2 - Section 4: The Right Words
CPE/CMU Credits: 2.5
The word is mightier than the sword. You'll learn how to pick the right words to inform and persuade your readers. You'll find out how to make sure your words are:
- Clear: Use words your readers understand.
- Concise: Cut words you don't need.
- Consistent: Use parallel structure and uniform style.
- Correct: Use proper terms and spelling.
The key to using the right words is deliberate practice. You'll have many opportunities to improve poorly worded cybersecurity text.
Day 2 - Section 5: The Right Tone
CPE/CMU Credits: 2
Tone is the key to creating a bond with your reader. You'll learn how to make your tone:
- Professional and appropriate for the reader
- Responsive to difficult situations
- Constructive, helping the reader solve problems
- Persuasive, motivating the reader to take action or make a decision
Real-world examples will help you learn to spot tone problems, so you can turn them into writing that says just what your reader will understand and appreciate.
Day 2 - Section 6: The Right Information - Cybersecurity Incident Reports
CPE/CMU Credits: 0.5
What do readers of your cybersecurity incident report want to know? You'll learn to include the right information in such writing, so you can:
- Inform your readers about the incident
- Instill confidence that the proper steps have been taken
- Address concerns about relevant business risks
- Highlight the need for improvements, if any
The best way to learn how to write a good incident report is to look for problems in bad ones. You'll have many opportunities to do this.
Day 2 - Section 7: The Right Information - Pen Testing and Other Security Assessment Reports
CPE/CMU Credits: 0.5
Learn how to craft a security assessment report so the readers truly benefit from your insights. Master the skill of including just the right information to:
- Describe assessment methodology and scope
- Provide meaningful analysis, rather than raw findings
- Offer guidance that readers appreciate
- Include figures to support your conclusions
You'll review many problematic penetration testing and other security assessment reports, so you'll understand how to avoid their pitfalls.
Day 2 - Section 8: The Right Information - Malware and Other Threat Reports
CPE/CMU Credits: 0.5
Writing about cybersecurity threats, such as phishing messages, malware infections, and attack groups, can be challenging because of the multiple audiences that might read the reports. Learn how to include the right information in such writing, so your readers:
- Understand why the threat is relevant
- Know what to do after reviewing your report
- Trust the basis for your analysis
- Appreciate your research and advice
Guess what? You'll learn to include the right information in threat reports with the help of hands-on exercises, during which you'll spot and fix information-related weaknesses.

Author Statement

How can you stand out from other cybersecurity professionals with similar technical skills? How can you get your managers, clients, and colleagues to notice your contribution, accept your advice, and appreciate your input? Write better!

Here's an uncommon opportunity to improve your writing skills without sitting through tedious lectures or writing irrelevant essays. You'll make your writing remarkable by learning how to avoid common mistakes, working on real-world exercises to spot and correct cybersecurity writing problems. You'll write clearly and effectively right away with the help of practical checklists.

This course captures my experience of writing in cybersecurity for over two decades and incorporates insights from other members of the community. It's a course I wish I could have attended when I needed to improve my own writing skills. It's a course I know will help you propel your own cybersecurity career.

-- Lenny Zeltser

Ways to Learn

OnDemand

Study and prepare for GIAC Certification with four months of online access. Includes labs and exercises, and support.

Who Should Attend SEC402?

If your cybersecurity job involves writing emails, reports, proposals, or other content, you'll find this course indispensable, whether you are:

A manager or an individual team member
A consultant or an internally-focused employee
An expert or a beginner
A defender or an attacker
An earthling or an alien

You get the idea--the course is for all cybersecurity professionals who want to improve their written communications and boost their careers.

Reviews

Outstanding course. Provides a writing framework/rubric to evaluate & guide future writing.

Jordan Whitley

New York Life

Cyber security writing skills are critical for professional development.

R. Wajda

Secure Cloud LLC

I attended a training at my company right before coming here related to improving written communication. I notice similarities here but the cybersecurity focus here is invaluable!

Andrew Walker

Novant Health

Display times in

Africa/Abidjan

Africa/Accra

Africa/Addis Ababa

Africa/Algiers

Africa/Asmara

Africa/Asmera

Africa/Bamako

Africa/Bangui

Africa/Banjul

Africa/Bissau

Africa/Blantyre

Africa/Brazzaville

Africa/Bujumbura

Africa/Cairo

Africa/Casablanca

Africa/Ceuta

Africa/Conakry

Africa/Dakar

Africa/Dar es Salaam

Africa/Djibouti

Africa/Douala

Africa/El Aaiun

Africa/Freetown

Africa/Gaborone

Africa/Harare

Africa/Johannesburg

Africa/Juba

Africa/Kampala

Africa/Khartoum

Africa/Kigali

Africa/Kinshasa

Africa/Lagos

Africa/Libreville

Africa/Lome

Africa/Luanda

Africa/Lubumbashi

Africa/Lusaka

Africa/Malabo

Africa/Maputo

Africa/Maseru

Africa/Mbabane

Africa/Mogadishu

Africa/Monrovia

Africa/Nairobi

Africa/Ndjamena

Africa/Niamey

Africa/Nouakchott

Africa/Ouagadougou

Africa/Porto-Novo

Africa/Sao Tome

Africa/Timbuktu

Africa/Tripoli

Africa/Tunis

Africa/Windhoek

America/Adak

America/Anchorage

America/Anguilla

America/Antigua

America/Araguaina

America/Argentina/Buenos Aires

America/Argentina/Catamarca

America/Argentina/ComodRivadavia

America/Argentina/Cordoba

America/Argentina/Jujuy

America/Argentina/La Rioja

America/Argentina/Mendoza

America/Argentina/Rio Gallegos

America/Argentina/Salta

America/Argentina/San Juan

America/Argentina/San Luis

America/Argentina/Tucuman

America/Argentina/Ushuaia

America/Aruba

America/Asuncion

America/Atikokan

America/Atka

America/Bahia

America/Bahia Banderas

America/Barbados

America/Belem

America/Belize

America/Blanc-Sablon

America/Boa Vista

America/Bogota

America/Boise

America/Buenos Aires

America/Cambridge Bay

America/Campo Grande

America/Cancun

America/Caracas

America/Catamarca

America/Cayenne

America/Cayman

America/Chicago

America/Chihuahua

America/Coral Harbour

America/Cordoba

America/Costa Rica

America/Creston

America/Cuiaba

America/Curacao

America/Danmarkshavn

America/Dawson

America/Dawson Creek

America/Denver

America/Detroit

America/Dominica

America/Edmonton

America/Eirunepe

America/El Salvador

America/Ensenada

America/Fort Nelson

America/Fort Wayne

America/Fortaleza

America/Glace Bay

America/Godthab

America/Goose Bay

America/Grand Turk

America/Grenada

America/Guadeloupe

America/Guatemala

America/Guayaquil

America/Guyana

America/Halifax

America/Havana

America/Hermosillo

America/Indiana/Indianapolis

America/Indiana/Knox

America/Indiana/Marengo

America/Indiana/Petersburg

America/Indiana/Tell City

America/Indiana/Vevay

America/Indiana/Vincennes

America/Indiana/Winamac

America/Indianapolis

America/Inuvik

America/Iqaluit

America/Jamaica

America/Jujuy

America/Juneau

America/Kentucky/Louisville

America/Kentucky/Monticello

America/Knox IN

America/Kralendijk

America/La Paz

America/Lima

America/Los Angeles

America/Louisville

America/Lower Princes

America/Maceio

America/Managua

America/Manaus

America/Marigot

America/Martinique

America/Matamoros

America/Mazatlan

America/Mendoza

America/Menominee

America/Merida

America/Metlakatla

America/Mexico City

America/Miquelon

America/Moncton

America/Monterrey

America/Montevideo

America/Montreal

America/Montserrat

America/Nassau

America/New York

America/Nipigon

America/Nome

America/Noronha

America/North Dakota/Beulah

America/North Dakota/Center

America/North Dakota/New Salem

America/Nuuk

America/Ojinaga

America/Panama

America/Pangnirtung

America/Paramaribo

America/Phoenix

America/Port-au-Prince

America/Port of Spain

America/Porto Acre

America/Porto Velho

America/Puerto Rico

America/Punta Arenas

America/Rainy River

America/Rankin Inlet

America/Recife

America/Regina

America/Resolute

America/Rio Branco

America/Rosario

America/Santa Isabel

America/Santarem

America/Santiago

America/Santo Domingo

America/Sao Paulo

America/Scoresbysund

America/Shiprock

America/Sitka

America/St Barthelemy

America/St Johns

America/St Kitts

America/St Lucia

America/St Thomas

America/St Vincent

America/Swift Current

America/Tegucigalpa

America/Thule

America/Thunder Bay

America/Tijuana

America/Toronto

America/Tortola

America/Vancouver

America/Virgin

America/Whitehorse

America/Winnipeg

America/Yakutat

America/Yellowknife

Antarctica/Casey

Antarctica/Davis

Antarctica/DumontDUrville

Antarctica/Macquarie

Antarctica/Mawson

Antarctica/McMurdo

Antarctica/Palmer

Antarctica/Rothera

Antarctica/South Pole

Antarctica/Syowa

Antarctica/Troll

Antarctica/Vostok

Arctic/Longyearbyen

Asia/Aden

Asia/Almaty

Asia/Amman

Asia/Anadyr

Asia/Aqtau

Asia/Aqtobe

Asia/Ashgabat

Asia/Ashkhabad

Asia/Atyrau

Asia/Baghdad

Asia/Bahrain

Asia/Baku

Asia/Bangkok

Asia/Barnaul

Asia/Beirut

Asia/Bishkek

Asia/Brunei

Asia/Calcutta

Asia/Chita

Asia/Choibalsan

Asia/Chongqing

Asia/Chungking

Asia/Colombo

Asia/Dacca

Asia/Damascus

Asia/Dhaka

Asia/Dili

Asia/Dubai

Asia/Dushanbe

Asia/Famagusta

Asia/Gaza

Asia/Harbin

Asia/Hebron

Asia/Ho Chi Minh

Asia/Hong Kong

Asia/Hovd

Asia/Irkutsk

Asia/Istanbul

Asia/Jakarta

Asia/Jayapura

Asia/Jerusalem

Asia/Kabul

Asia/Kamchatka

Asia/Karachi

Asia/Kashgar

Asia/Kathmandu

Asia/Katmandu

Asia/Khandyga

Asia/Kolkata

Asia/Krasnoyarsk

Asia/Kuala Lumpur

Asia/Kuching

Asia/Kuwait

Asia/Macao

Asia/Macau

Asia/Magadan

Asia/Makassar

Asia/Manila

Asia/Muscat

Asia/Nicosia

Asia/Novokuznetsk

Asia/Novosibirsk

Asia/Omsk

Asia/Oral

Asia/Phnom Penh

Asia/Pontianak

Asia/Pyongyang

Asia/Qatar

Asia/Qostanay

Asia/Qyzylorda

Asia/Rangoon

Asia/Riyadh

Asia/Saigon

Asia/Sakhalin

Asia/Samarkand

Asia/Seoul

Asia/Shanghai

Asia/Singapore

Asia/Srednekolymsk

Asia/Taipei

Asia/Tashkent

Asia/Tbilisi

Asia/Tehran

Asia/Tel Aviv

Asia/Thimbu

Asia/Thimphu

Asia/Tokyo

Asia/Tomsk

Asia/Ujung Pandang

Asia/Ulaanbaatar

Asia/Ulan Bator

Asia/Urumqi

Asia/Ust-Nera

Asia/Vientiane

Asia/Vladivostok

Asia/Yakutsk

Asia/Yangon

Asia/Yekaterinburg

Asia/Yerevan

Atlantic/Azores

Atlantic/Bermuda

Atlantic/Canary

Atlantic/Cape Verde

Atlantic/Faeroe

Atlantic/Faroe

Atlantic/Jan Mayen

Atlantic/Madeira

Atlantic/Reykjavik

Atlantic/South Georgia

Atlantic/St Helena

Atlantic/Stanley

Australia/ACT

Australia/Adelaide

Australia/Brisbane

Australia/Broken Hill

Australia/Canberra

Australia/Currie

Australia/Darwin

Australia/Eucla

Australia/Hobart

Australia/LHI

Australia/Lindeman

Australia/Lord Howe

Australia/Melbourne

Australia/NSW

Australia/North

Australia/Perth

Australia/Queensland

Australia/South

Australia/Sydney

Australia/Tasmania

Australia/Victoria

Australia/West

Australia/Yancowinna

Brazil/Acre

Brazil/DeNoronha

Brazil/East

Brazil/West

CET

CST6CDT

Canada/Atlantic

Canada/Central

Canada/Eastern

Canada/Mountain

Canada/Newfoundland

Canada/Pacific

Canada/Saskatchewan

Canada/Yukon

Chile/Continental

Chile/EasterIsland

Cuba

EET

EST

EST5EDT

Egypt

Eire

Etc/GMT

Etc/GMT+0

Etc/GMT+1

Etc/GMT+10

Etc/GMT+11

Etc/GMT+12

Etc/GMT+2

Etc/GMT+3

Etc/GMT+4

Etc/GMT+5

Etc/GMT+6

Etc/GMT+7

Etc/GMT+8

Etc/GMT+9

Etc/GMT-0

Etc/GMT-1

Etc/GMT-10

Etc/GMT-11

Etc/GMT-12

Etc/GMT-13

Etc/GMT-14

Etc/GMT-2

Etc/GMT-3

Etc/GMT-4

Etc/GMT-5

Etc/GMT-6

Etc/GMT-7

Etc/GMT-8

Etc/GMT-9

Etc/GMT0

Etc/Greenwich

Etc/UCT

Etc/UTC

Etc/Universal

Etc/Zulu

Europe/Amsterdam

Europe/Andorra

Europe/Astrakhan

Europe/Athens

Europe/Belfast

Europe/Belgrade

Europe/Berlin

Europe/Bratislava

Europe/Brussels

Europe/Bucharest

Europe/Budapest

Europe/Busingen

Europe/Chisinau

Europe/Copenhagen

Europe/Dublin

Europe/Gibraltar

Europe/Guernsey

Europe/Helsinki

Europe/Isle of Man

Europe/Istanbul

Europe/Jersey

Europe/Kaliningrad

Europe/Kiev

Europe/Kirov

Europe/Lisbon

Europe/Ljubljana

Europe/London

Europe/Luxembourg

Europe/Madrid

Europe/Malta

Europe/Mariehamn

Europe/Minsk

Europe/Monaco

Europe/Moscow

Europe/Nicosia

Europe/Oslo

Europe/Paris

Europe/Podgorica

Europe/Prague

Europe/Riga

Europe/Rome

Europe/Samara

Europe/San Marino

Europe/Sarajevo

Europe/Saratov

Europe/Simferopol

Europe/Skopje

Europe/Sofia

Europe/Stockholm

Europe/Tallinn

Europe/Tirane

Europe/Tiraspol

Europe/Ulyanovsk

Europe/Uzhgorod

Europe/Vaduz

Europe/Vatican

Europe/Vienna

Europe/Vilnius

Europe/Volgograd

Europe/Warsaw

Europe/Zagreb

Europe/Zaporozhye

Europe/Zurich

GB-Eire

GMT

GMT+0

GMT-0

GMT0

Greenwich

HST

Hongkong

Iceland

Indian/Antananarivo

Indian/Chagos

Indian/Christmas

Indian/Cocos

Indian/Comoro

Indian/Kerguelen

Indian/Mahe

Indian/Maldives

Indian/Mauritius

Indian/Mayotte

Indian/Reunion

Iran

Israel

Jamaica

Japan

Kwajalein

Libya

MET

MST

MST7MDT

Mexico/BajaNorte

Mexico/BajaSur

Mexico/General

NZ-CHAT

Navajo

PRC

PST8PDT

Pacific/Apia

Pacific/Auckland

Pacific/Bougainville

Pacific/Chatham

Pacific/Chuuk

Pacific/Easter

Pacific/Efate

Pacific/Enderbury

Pacific/Fakaofo

Pacific/Fiji

Pacific/Funafuti

Pacific/Galapagos

Pacific/Gambier

Pacific/Guadalcanal

Pacific/Guam

Pacific/Honolulu

Pacific/Johnston

Pacific/Kiritimati

Pacific/Kosrae

Pacific/Kwajalein

Pacific/Majuro

Pacific/Marquesas

Pacific/Midway

Pacific/Nauru

Pacific/Niue

Pacific/Norfolk

Pacific/Noumea

Pacific/Pago Pago

Pacific/Palau

Pacific/Pitcairn

Pacific/Pohnpei

Pacific/Ponape

Pacific/Port Moresby

Pacific/Rarotonga

Pacific/Saipan

Pacific/Samoa

Pacific/Tahiti

Pacific/Tarawa

Pacific/Tongatapu

Pacific/Truk

Pacific/Wake

Pacific/Wallis

Pacific/Yap

Poland

Portugal

ROC

ROK

Singapore

Turkey

UCT

US/Alaska

US/Aleutian

US/Arizona

US/Central

US/East-Indiana

US/Eastern

US/Hawaii

US/Indiana-Starke

US/Michigan

US/Mountain

US/Pacific

US/Samoa

UTC

Universal

W-SU

WET

Zulu

Filters:

Register for SEC402

In Person

Training events and topical summits feature presentations and courses in classrooms around the world.

Learn more

Live Online

Live, interactive sessions with SANS instructors over the course of one or more weeks, at times convenient to students worldwide.

Learn more

OnDemand

Study and prepare for GIAC Certification with four months of online access. Includes labs and exercises, and support.

Learn more

SEC402: Cybersecurity Writing: Hack the Reader

Course Authors:

Lenny Zeltser

What You Will Learn

Syllabus (12 CPEs)

Overview

Overview

Author Statement

Ways to Learn

Who Should Attend SEC402?

Reviews

Filters:

Register for SEC402

Loading...