SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense, Artificial Intelligence
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
MAJOR UPDATES
LDR519: Cybersecurity Governance, Risk, and Compliance (GRC)
LDR519Cybersecurity Leadership
- 5 Days (Instructor-Led)
- 30 Hours (Self-Paced)
Course authored by:
James Tarala
Course authored by:James Tarala
- 30 CPEs
Apply your credits to renew your certifications
- In-Person, Virtual or Self-Paced
Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months
- Advanced Skill Level
Course material is geared for cyber security professionals with hands-on experience
- 16 Hands-On Lab(s)
Apply what you learn with hands-on exercises and labs
Empower yourself to take command of the full GRC lifecycle: build threat models, assess risk, prioritize safeguards, and apply AI-assisted tools to drive cybersecurity decisions that deliver results.
Featured Quote
I really particularly enjoyed this class because not only is it relevant to my career, it is broken down into understandable content by an instructor who actually does this for a living and can recall a lot of his personal experience as he is teaching the course.
Course Overview
This course prepares students to manage cybersecurity risk across the full governance, risk, and compliance (GRC) lifecycle using proven practices. Students learn to establish governance structures, build threats and safeguard inventories, implement and validate controls, and communicate outcomes to both technical and executive stakeholders. Through case studies and the SANS Cyber42 simulation, they gain hands-on experience aligning security measures with business goals. Designed for assessors, auditors, and second-line professionals, the course builds the technical and organizational skills needed to lead resilient, compliant GRC programs.
What You’ll Learn
- Establish governance structures for cybersecurity decisions
- Build threat and safeguard inventories
- Select and prioritize safeguards using frameworks and threat modeling
- Operationalize GRC through policy and program management
- Design and execute risk assessments
- Use AI and continuous monitoring to measure controls
- Communicate risk to executive and technical stakeholders
Business Takeaways
- Apply a repeatable, end-to-end GRC lifecycle
- Improve visibility into cybersecurity risk
- Align security efforts with business goals
- Make defensible, evidence-based decisions
- Increase efficiency with AI and automation
- Strengthen consistency across teams and environments
- Enhance resilience and audit readiness
Meet Your Author
James Tarala
Senior InstructorJames is a managing partner at Cyverity, specializing in cybersecurity risk and governance. A SANS instructor for 20+ years, he holds 14 GIAC certs including the GSE, and has helped author the CIS Controls, CRF resources, and courses like LDR419 and LDR519.
Read more about James TaralaCourse Syllabus
Explore the course syllabus below to view the full range of topics covered in LDR519: Cybersecurity Governance, Risk, and Compliance (GRC).
Section 1Foundations of Cybersecurity Governance and Risk
This section builds the foundation for a cybersecurity GRC program. Students learn how governance and risk decisions align with business goals, explore risk models, tooling, and Artificial Intelligence (AI), and apply these concepts through the Initiate and Inventory phases to define program structure, ownership, and scope.
Topics covered
- Cybersecurity Governance and Program Foundations
- Risk Management Models and Frameworks
- GRC Program Structure and Decision-Making
- GRC tooling and AI in Practice
- Asset Inventory and Business Impact Analysis (BIA)
Labs
- Cyber42 Case Study: Selecting a Risk Model
- Cyber42 Case Study: Choosing a GRC Tool
- Cyber42 Case Study: Approving a Business Impact Analysis
Section 2Selecting and Prioritizing Cybersecurity Safeguards
This section focuses on selecting and prioritizing cybersecurity safeguards to address risk and support business goals. Students evaluate frameworks, navigate multi-framework environments and apply threat modeling to map threats to safeguards. The result is a structured, defensible approach to safeguard selection based on likelihood, impact and business need.
Topics covered
- Cybersecurity Framework Landscape and Comparison
- Framework Selection and Adoption
- Multi-Framework and Control Integration
- Threat Modeling Concepts and Methods
- Threat-Based Safeguard Prioritization
Labs
- Cyber42 Case Study: Business-Driven Cybersecurity Framework Selection
- Cyber42 Case Study: Categorizing Cybersecurity Safeguard Frameworks
- Cyber42 Case Study: Creating a Cybersecurity Threat Model
Section 3Cybersecurity GRC Program Management
This section focuses on operationalizing cybersecurity decisions by translating safeguards into governance, documentation, education, and implementation. Students learn to formalize policy, assign ownership, enable the workforce, and manage execution. The focus is on consistent, organization-wide execution that turns decisions into measurable outcomes.
Topics covered
- Cybersecurity Governance Through Policy and Documentation
- AI-Enabled Documentation and Governance
- Workforce Enablement and Program Execution
- GRC Program Management and Operational Visibility
- Extending Governance to Third-Party and Cloud Environments
Labs
- Cyber42 Case Study: Governing Cybersecurity Documentation
- Cyber42 Case Study: Managing Visibility with a Risk Register
- Cyber42 Case Study: Governing Third-Party AI Risk
Section 4Validating Cybersecurity Safeguards
This section focuses on validating whether cybersecurity safeguards are implemented and operating as intended. Students learn to design and execute risk assessments, including scoping, reviewing documentation, evaluating technical controls, and analyzing evidence. The focus is on making defensible decisions based on multiple forms of evidence.
Topics covered
- GRC Validation and Assessment Planning
- Assessment Scope and Stakeholder Definition
- Evidence Collection and Evaluation Methods
- Technical Safeguard Validation and Analysis
- AI-Enabled and Defensible Decision-Making
Labs
- Cyber42 Case Study: Scoping Who Will Perform a Cybersecurity Risk Assessment
- Cyber42 Case Study: Evaluating Cybersecurity Documentation
- Cyber42 Case Study: Validating Multi-Factor Authentication
- Cyber42 Case Study: Prioritizing Cybersecurity Safeguards
Section 5AI-Enabled Continuous Monitoring and Risk Reporting
This section focuses on transitioning cybersecurity risk management from periodic assessments to continuous, data-driven monitoring and reporting. Students learn to use business intelligence, automation, and AI to measure safeguards, reduce uncertainty, and support decisions. The focus is on continuous measurement, analysis, communication, and response.
Topics covered
- AI-Enabled Continuous Monitoring and Risk Measurement
- Cybersecurity Data and Business Intelligence
- Data Integration and Risk Visibility
- Metrics and Risk Communication
- Risk Response and Lifecycle Management
Labs
- Cyber42 Case Study: Asset-Oriented Risk Assessment
- Cyber42 Case Study: Managing a Cybersecurity Risk Register
- Cyber42 Case Study: Capstone Project – International Program Expansion
Things You Need To Know
Relevant Job Roles
Cyber Risk Officer
Cybersecurity LeadershipLead cybersecurity risk strategy at the highest level.
Explore learning pathCyber Legal, Policy & Compliance Officer
European Cybersecurity Skills FrameworkManages compliance with cybersecurity-related standards, legal and regulatory frameworks based on the organisation’s strategy and legal requirements.
Explore learning pathSenior Security Leader
Cybersecurity LeadershipDaily focus is on the oversight of technical teams while aligning them to overall business strategies. Includes titles such as Technical Director, Information Security Officer, and CISO.
Explore learning pathCybersecurity Risk Manager
European Cybersecurity Skills FrameworkManage the organisation's cybersecurity-related risks aligned to the organisation’s strategy. Develop, maintain and communicate the risk management processes and reports.
Explore learning pathEnterprise Architecture (OPM 651)
NICE: Design and DevelopmentResponsible for developing and maintaining business, systems, and information processes to support enterprise mission needs. Develops technology rules and requirements that describe baseline and target architectures.
Explore learning pathGovernance, Risk, and Compliance
SCyWF: Governance, Risk, Compliance And LawsThis role governs cybersecurity structures and processes. Find the SANS courses that map to the Governance, Risk, and Compliance SCyWF Work Role.
Explore learning pathChief Information Security Officers Training, Salary, and Career Path
European Cybersecurity Skills FrameworkChief Information Security Officers lead cybersecurity initiatives, aligning strategic vision with operational execution, fostering a resilient security culture, and proactively managing risks to safeguard organisational assets and reputation.
Explore learning pathExecutive Cybersecurity Leadership (OPM 901)
NICE: Oversight and GovernanceResponsible for establishing vision and direction for an organization's cybersecurity operations and resources and their impact on digital and physical spaces. Possesses authority to make and execute decisions that impact an organization broadly, including policy approval and stakeholder engagement.
Explore learning pathCourse Schedule and Pricing
Have Questions?Contact Us
Group and Private Pricing
Enroll your team as a group or arrange a private session for your organization. We’ll help you choose the format that fits your goals.
Location & instructorDate & TimeCourse priceRegistration Options
- Date & TimeOnDemand (Anytime)Self-Paced, 4 months accessCourse price$8,260 USD*Prices exclude applicable local taxesRegistration Options
- Date & TimeFetching schedule..Course price$8,260 USD*Prices exclude applicable local taxes
- Date & TimeFetching schedule..Course price$8,260 USD*Prices exclude applicable local taxes
- Date & TimeFetching schedule..Course price$8,260 USD*Prices exclude applicable local taxes
- Date & TimeFetching schedule..Course price$8,260 USD*Prices exclude applicable local taxes
- Date & TimeFetching schedule..Course price$8,260 USD*Prices exclude applicable local taxes
- Date & TimeFetching schedule..Course price$8,375 USD*Prices exclude applicable local taxes
- Date & TimeFetching schedule..Course price€7,715 EUR*Prices exclude applicable local taxesRegistration Options
- Date & TimeFetching schedule..Course price$8,260 USD*Prices exclude applicable local taxes
- Date & TimeFetching schedule..Course price$8,375 USD*Prices exclude applicable local taxes
Showing 10 of 17
Learn Alongside Leading Cybersecurity Professionals From Around The World
James has a wealth of risk management experience and doesn't just give us theory but real world/practical guidance to becoming better risk management professionals!
Benefits of Learning with SANS
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources