SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsApply your credits to renew your certifications
Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months
Apply what you learn with hands-on exercises and labs
Master strategic cybersecurity risk management through practical frameworks, comprehensive threat modeling, and regulatory compliance-driven governance to strengthen enterprise resilience.
I really particularly enjoyed this class because not only is it relevant to my career, it is broken down into understandable content by an instructor who actually does this for a living and can recall a lot of his personal experience as he is teaching the course.
This course prepares students to manage cybersecurity risk across the full governance, risk, and compliance (GRC) lifecycle using proven practices. Students learn to establish governance structures, build threats and safeguard inventories, implement and validate controls, and communicate outcomes to both technical and executive stakeholders. Through case studies and the SANS Cyber42 simulation, they gain hands-on experience aligning security measures with business goals. Designed for assessors, auditors, and second-line professionals, the course builds the technical and organizational skills needed to lead resilient, compliant GRC programs.
James is a managing partner at Cyverity, specializing in cybersecurity risk and governance. A SANS instructor for 20+ years, he holds 14 GIAC certs including the GSE, and has helped author the CIS Controls, CRF resources, and courses like LDR419 and LDR519.
Read more about James TaralaExplore the course syllabus below to view the full range of topics covered in LDR519: Cybersecurity Risk Management and Compliance.
This section establishes the essential context for effective cybersecurity risk management. Students learn to define cybersecurity governance frameworks, align security with business objectives, and understand the foundational elements of risk-based security programs.
In this section, students learn to identify, categorize, and prioritize threats as a foundation for the GRC lifecycle. Using taxonomies, asset models, and intelligence, they build inventories to inform governance, safeguards, and compliance.
This is section teaches students to select, implement, and validate cybersecurity safeguards as part of the broader GRC lifecycle. Students learn structured approaches for evaluating safeguard effectiveness, aligning controls with identified threats, and ensuring safeguards support both risk reduction and compliance objectives.
In this section, students learn how to validate the effectiveness of safeguards and extend governance practices to third-party risk. The section emphasizes both internal validation and external oversight, ensuring safeguards and third-party relationships strengthen the overall GRC lifecycle.
Finally, students learn how to sustain the GRC lifecycle through continuous monitoring, risk analytics, and executive communication. They validate safeguards, align compliance programs, and use metrics to show effectiveness. By developing defensible reporting and improvement roadmaps, participants are prepared to guide ongoing governance and resilience.
Daily focus is on the leadership of technical teams. Includes titles such as Technical Director, Manager, and Team Lead.
Explore learning pathManage the organisation's cybersecurity-related risks aligned to the organisation’s strategy. Develop, maintain and communicate the risk management processes and reports.
Explore learning pathResponsible for developing and maintaining business, systems, and information processes to support enterprise mission needs. Develops technology rules and requirements that describe baseline and target architectures.
Explore learning pathThis role governs cybersecurity structures and processes. Find the SANS courses that map to the Governance, Risk, and Compliance SCyWF Work Role.
Explore learning pathManages an organisation’s cybersecurity strategy and its implementation to ensure that digital systems, services and assets are adequately secure and protected.
Explore learning pathResponsible for establishing vision and direction for an organization's cybersecurity operations and resources and their impact on digital and physical spaces. Possesses authority to make and execute decisions that impact an organization broadly, including policy approval and stakeholder engagement.
Explore learning pathResponsible for developing and maintaining cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity initiatives and regulatory compliance.
Explore learning pathWhen purchasing a live, instructor-led course, add 4 months of online access. View price in the info icons below.
Add 6 months of hands-on skills practice. Add to your cart when purchasing your course.
James has a wealth of risk management experience and doesn't just give us theory but real world/practical guidance to becoming better risk management professionals!
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources