LDR519: Cybersecurity Risk Management and Compliance

  • Online
30 CPEs

LDR519: Cybersecurity Risk Management and Compliance, addresses a significant problem in the cybersecurity domain: the challenge of effectively managing and mitigating cybersecurity risks while ensuring regulatory compliance. This problem is increasingly relevant due to the complex and evolving nature of cyber threats, which can significantly impact organizational operations, data security, and overall business continuity. This comprehensive course delves into threat modeling, safeguard frameworks, and risk analytics to equip you with the skills needed to manage cybersecurity risks effectively. Learn to prioritize threats, select appropriate safeguards, and ensure regulatory compliance. Gain practical insights through multiple real-world case studies and SANS Cyber42 simulations that enhance your understanding of cybersecurity governance and program management. Join us to master the art of risk management and compliance, and secure your organization's digital future.

What You Will Learn

Master the essentials of risk management and compliance with SANS Institute's LDR519: Cybersecurity Risk Management and Compliance course. This course is designed to equip cybersecurity professionals with the skills necessary to navigate the complex landscape of cybersecurity risks. Through a systematic approach, students will delve into threat modeling, risk assessments, and safeguard implementation, ensuring their organizations remain resilient against evolving cyber threats.

LDR519 focuses on practical methodologies and industry best practices, providing participants with a thorough understanding of risk management and compliance frameworks. By exploring real-world case studies and engaging in hands-on simulations, students will learn to develop comprehensive threat inventories, prioritize cybersecurity defenses, and align security measures with business objectives. The curriculum integrates established frameworks such as NIST SP 800-30 and the Cybersecurity Risk Foundation's Governance and Risk Model (CRF-GRM), offering a structured approach to managing cybersecurity risks and ensuring regulatory adherence.

Enroll in LDR519 to transform your cybersecurity strategy and lead your organization towards robust risk management and compliance. Gain insights from seasoned experts and leverage cutting-edge tools to enhance your decision-making capabilities. With a focus on practical applications and strategic planning, this course empowers you to implement effective cybersecurity safeguards, validate their impact, and communicate risks to stakeholders confidently. Join us at the SANS Institute and elevate your cybersecurity expertise today.

What Is Cybersecurity Risk Management and Compliance?

Cybersecurity risk management is the systematic process of identifying, assessing, and prioritizing risks, followed by the coordinated application of resources to minimize, monitor, and control the probability or impact of unfortunate events. Compliance refers to adhering to laws, regulations, guidelines, and specifications relevant to an organization's operations, ensuring ethical and legal conduct.

Business Takeaways

  • Equip employees with advanced skills to identify, assess, and mitigate cybersecurity risks, enhancing organizational security.
  • Align cybersecurity efforts with business goals through a structured approach to risk management and compliance.
  • Enhance decision-making capabilities by integrating threat modeling and risk analytics into strategic planning.
  • Strengthen organizational resilience against evolving cyber threats through proactive risk management strategies.
  • Ensure compliance with industry standards and regulatory requirements, reducing the risk of legal and financial repercussions.
  • Implement robust cybersecurity safeguards tailored to your organization's specific risk profile.
  • Foster a culture of security awareness and critical thinking among team members to improve overall security posture.
  • Gain insights from expert instructors and practical case studies to apply theoretical knowledge in real-world scenarios.
  • Improve the effectiveness of cybersecurity governance practices, ensuring comprehensive oversight and alignment with business objectives.

Skills Learned

  • Gain practical skills in identifying and managing cybersecurity risks through structured threat modeling and assessment methodologies.
  • Learn to prioritize and allocate resources effectively by understanding the criticality of various cybersecurity threats and vulnerabilities.
  • Develop proficiency in using industry-standard frameworks, such as NIST Risk Management Framework (RMF) and FAIR, to enhance your organization's cybersecurity posture.
  • Apply hands-on exercises and real-world case studies to reinforce theoretical knowledge and validate your cybersecurity strategies.
  • Master the process of conducting comprehensive cybersecurity risk assessments and audits to ensure compliance with regulatory standards.
  • Enhance your decision-making capabilities with data-driven insights and simulations, preparing you for real-world cybersecurity challenges.

Hands-On Cybersecurity Risk Management and Compliance Training

LDR519: Cybersecurity Risk Management and Compliance uses a combination of case studies and SANS Cyber42 simulations to deepen students' understanding of the concepts covered in the course. Through detailed case studies based on the fictitious company Initech Systems, students can apply theoretical knowledge to real-world scenarios. This approach allows learners to analyze vulnerabilities, develop threat models, and manage risk registers effectively. By pausing to reflect on the concepts learned, students gain practical insights into cybersecurity risk management strategies, enhancing their decision-making skills.

The SANS Cyber42 simulations offer an interactive environment where students confront realistic cybersecurity incidents. These simulations provide hands-on experiences in managing resources, responding to evolving threats, and implementing strategic initiatives. By engaging with these dynamic scenarios, students practice critical thinking, problem-solving, and collaboration techniques essential for effective cybersecurity leadership. The combination of case studies and simulations ensures that students not only understand theoretical principles but also acquire the practical skills needed to navigate complex cybersecurity challenges confidently.

Syllabus Summary

  • Section 1: Students will learn to conduct comprehensive cybersecurity risk assessments, including threat modeling, safeguard selection, and creating risk registers. They will gain insights into various risk management frameworks such as NIST RMF and FAIR, and how to integrate them into business-centric cybersecurity strategies.
  • Section 2: Students will learn to conduct comprehensive threat modeling, create detailed cybersecurity threat inventories, and integrate threat intelligence with safeguard frameworks. They will gain practical knowledge in applying various risk management models, such as NIST RMF and FAIR, and develop skills in third-party risk management, cloud security, and continuous monitoring for effective cybersecurity governance and compliance.
  • Section 3: Students will learn about cybersecurity frameworks, including the NIST CSF, CIS Controls, and ISO/IEC 27001, and the importance of mapping threats to safeguards. They will gain practical knowledge in inventorying cybersecurity threats, selecting appropriate safeguards, validating those safeguards, and applying risk analytics for comprehensive risk management and compliance.
  • Section 4: Students will learn about creating comprehensive cybersecurity risk assessment plans, managing third-party and cloud security risks, and validating cybersecurity safeguards. They will also gain practical knowledge in resource allocation, continuous monitoring, and the application of safeguard frameworks to mitigate cybersecurity risks effectively.
  • Section 5: Students will learn about strategies for managing cybersecurity risks, including threat modeling, safeguard selection and validation, risk analytics, and response. They will also gain insights into continuous monitoring, asset-centric risk management, and presenting cybersecurity risks to stakeholders.

Additional Free Resources

What You Will Receive

  • Printed and electronic courseware
  • Cybersecurity risk assessment templates, tools, and checklists
  • Access to the Cyber42 security leadership simulation web app
  • MP3 audio files of the complete course lecture
  • Exercise workbook and electronic workbook with detailed step-by-step instructions for case studies covered in class

What Comes Next?

Depending on your current role or future plans, one of these courses is a great next step in your cloud security journey:

Syllabus (30 CPEs)

Download PDF
  • Overview

    This section of the course provides a detailed overview of cybersecurity risk assessments within an organizational context. The course emphasizes the alignment of cybersecurity practices with business objectives, focusing on defining and managing cybersecurity risks through frameworks like the NIST RMF and the CRF-GRM. It covers essential topics such as threat modeling, safeguard selection and prioritization, and the documentation of cybersecurity safeguards to ensure consistency and guidance for implementation. Additionally, the course highlights the significance of cybersecurity governance and risk management, addressing program maturity, stakeholder responsibilities, and effective communication of cybersecurity risks to both executive and technical stakeholders.

    • Cyber42 Case Study 0.0: Preparing for Class and Cyber42
    • Cyber42 Case Study 1.1: Defining Why to Invest in Cybersecurity
    • Cyber42 Case Study 1.2: Creating a Business Impact Analysis (BIA)
    • What Is the Purpose of This Course?
    • The Business Context for Cybersecurity Risk Assessment
    • An Introduction to Cybersecurity Governance and Risk Models
    • Understanding and Comparing Popular Cybersecurity Risk Management Models
    • Quantifying Cybersecurity Risk and Business Impact Analysis (BIA)
  • Overview

    This section of the course offers an in-depth exploration of threat modeling, safeguard selection, and risk assessment. The course covers comprehensive theoretical concepts and practical steps for creating a cybersecurity threat inventory, leveraging well-known frameworks like the Open Threat Taxonomy (OTT) and MITRE's ATT&CK. It emphasizes integrating data from industry threat reports and tools such as Monte Carlo simulations to manage and quantify cybersecurity risks effectively. Participants will gain the knowledge needed to develop robust threat models, map threats to safeguards, and prioritize vulnerabilities, ensuring their organizations can proactively address and mitigate cybersecurity threats.

    • Cyber42 Case Study 2.3: Creating a Cybersecurity Threat Inventory
    • Cyber 42Case Study 2.4: Creating a Cybersecurity Threat Model
    • Cyber42 Case Study 2.5: Managing a Cybersecurity Risk Register
    • Understanding Risk Management for Safeguard Selection - Creating a Threat Inventory
    • Understanding Risk Management for Safeguard Selection - Creating a Threat Model
    • Understanding Risk Management for Safeguard Selection - Quantifying a Threat Model
    • Understanding Risk Management for Safeguard Selection - Mapping Threats to Safeguards
    • Understanding Threat Modeling for Vulnerability Management
  • Overview

    The section of the course provides insights into evaluating and selecting cybersecurity safeguards through various frameworks such as NIST, CIS, and ISO. It emphasizes the importance of initiating a cybersecurity governance program, creating a detailed cybersecurity threat inventory, and modeling threats to align safeguards effectively. Participants will gain practical knowledge on implementing cybersecurity policies, conducting risk assessments, and employing tools for risk quantification. The course also discusses leveraging the SANS Cyber42 simulation game to enhance hands-on learning and strategic decision-making in cybersecurity risk management.

    • Cyber 42 Case Study 3.6: Categorizing Cybersecurity Safeguard Frameworks
    • Cyber 42 Case Study 3.7: Prioritizing Cybersecurity Safeguards
    • Cyber 42 Case Study 3.8: Evaluating Cybersecurity Policies and Safeguards
    • The Cybersecurity Safeguard Framework Landscape
    • Understanding the NIST, CIS, and ISO Frameworks
    • Understanding the CRF - Safeguards
    • Documenting, Educating, and Implementing Cybersecurity Safeguards
  • Overview

    This section of the course covers essential topics such as conducting internal and third-party cybersecurity risk assessments, creating detailed cybersecurity risk assessment plans, and implementing robust threat modeling practices. It emphasizes the importance of evaluating and validating cybersecurity safeguards through practical tools like the CRF-Safeguards Assessment Tool. Additionally, it explores the significance of continuous monitoring, Business Impact Analysis (BIA), and leveraging frameworks such as NIST and ISO for effective cybersecurity risk management. Participants will gain valuable insights into aligning their cybersecurity strategies with organizational goals, ensuring a systematic and thorough approach to fortifying their digital defenses.

    • Cyber 42 Case Study 4.9: Creating a Comprehensive Cybersecurity Risk Assessment Plan
    • Cyber 42 Case Study 4.10: Evaluating Cybersecurity Safeguards
    • Cyber 42 Case Study 4.11: Third-Party Inventory and Threat Modeling
    • Validating Cybersecurity Safeguards
    • Understanding How to Evaluate Cybersecurity Policies and Safeguards During a Risk Assessment
    • Managing Third-Party Cybersecurity Risk
    • Managing Cybersecurity Risk in the Cloud
  • Overview

    This section of the course emphasizes the integration of governance, risk, and compliance (GRC) principles with continuous monitoring, asset-centric risk management, and safeguard validation. It covers essential tools and methodologies such as automated cybersecurity risk analytics, penetration testing, and the use of IT Service Management (ITSM) tools for tracking and validating cybersecurity safeguards. Participants will learn to aggregate and present risk data effectively to different stakeholders, including senior leadership and technical teams, ensuring clear communication of cybersecurity risks. Additionally, the course addresses the expectations of senior leadership, the responsibilities of the Board of Directors in cybersecurity governance, and the use of the SANS Cyber42 simulation game for hands-on learning and strategic decision-making.

    • Cyber 42 Case Study 5.12: Performing Asset-Oriented Risk Assessment
    • Cyber 42 Case Study 5.13: Creating an Executive Risk Briefing
    • Cyber 42 Case Study 5.14: Creating a Cybersecurity Strategy
    • Continuous Monitoring and Asset-Centric Risk Management
    • Presenting Cybersecurity Risk to Stakeholders
    • Cybersecurity Risk Remediation & Response
    • Course Summary


A basic understanding of information security and information security management topics is helpful for students attending this class. However, a strong background in any of these skills is not a prerequisite for the class. In the class, students will be taught a step-by-step approach for performing a risk assessment regardless of their technical information security or management background.

Ideally, students would take LDR419: Performing a Cybersecurity Risk Assessment prior to this course. However, it is not necessary if students feel they have a strong understanding of these introductory concepts.

In addition, students may want to consider reviewing the free white papers from the Cybersecurity Risk Foundation (CRF) on cybersecurity governance and risk that can be downloaded from

Laptop Requirements

Important! Bring your own system configured according to these instructions.

A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will not be able to fully participate in hands-on exercises in your course. Therefore, please arrive with a system meeting all the specified requirements.

This is common sense, but back up your system before class. Better yet, use a system without any sensitive/critical data. SANS is not responsible for your system or data.

  • Processor: CPU: 64-bit Intel i5/i7 (8th generation or newer), or AMD equivalent. A x64 bit, 2.0+ GHz or newer processor is mandatory for this class or Apple Mac systems using the M1/M2/M3 processor.
  • Memory: 8GB of RAM or more is required.
  • Free Disk Space: 20GB of free storage space or more is required.
  • Wireless 802.11 capability: There is no wired Internet access in the classroom.
  • USB-A read / write capability: This is recommended in case students need to exchange large files during class. At least one available USB 3.0 Type-A port. A Type-C to Type-A adapter may be necessary for newer laptops. Some endpoint protection software prevents the use of USB devices, so test your system with a USB drive before class.
  • Host Operating System: Latest version of Windows 10, Windows 11, or macOS 10.15.x or newer. Fully patch your host operating system prior to the course to ensure you have the right drivers and patches installed.
  • Local Administrator Rights: Local Administrator Access is required. (Yes, this is absolutely required. Don't let your IT team tell you otherwise.) If your company will not permit this access for the duration of the course, then you should make arrangements to bring a different laptop.
  • Endpoint Protection Software: You should ensure that antivirus or endpoint protection software is disabled, fully removed, or that you have the administrative privileges to do so. Many of our courses require full administrative access to the operating system and these products can prevent you from accomplishing the labs.
  • Operating System Updates: Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed.
  • Linux Workstations: Linux hosts are not supported in the classroom due to their numerous variations. If you choose to use Linux as your host, you are solely responsible for configuring it to work with the course materials.
  • Microsoft Office: Microsoft Office (any currently supported version) installed on your host. Note that you can download Office Trial Software online (free for 30 days). Open Office is NOT supported for this course.
  • Web Browser: A web browser you feel comfortable using during class. Microsoft Edge, Googler Chrome, or Mozilla Firefox will all be supported in class. If you choose to use a different browser on your host, you are solely responsible for configuring it to work with the course materials.

If you have additional questions about the laptop specifications, please contact support.

Author Statement

"Every organization must prioritize cybersecurity risk management and compliance to protect its digital assets and ensure operational continuity. In today's rapidly evolving digital landscape, performing regular risk assessments is crucial for identifying necessary defenses and communicating vulnerabilities to stakeholders effectively. This course, LDR519: Cybersecurity Risk Management and Compliance, was designed to provide students with a comprehensive understanding of how to assess, manage, and mitigate cybersecurity risks systematically. Students will gain practical skills in conducting risk assessments that align technology with business objectives by exploring foundational concepts and progressing through a detailed, step-by-step approach."

"I developed this course to empower students with the knowledge, tools, and templates needed to perform risk assessments proficiently. Throughout the course, students will learn to navigate complex cybersecurity frameworks, validate safeguards, and integrate threat intelligence into their risk models. The goal is for students to apply what they learn to enhance cybersecurity practices within their organizations, proactively address identified risks, and communicate critical findings to stakeholders. Ultimately, I hope students leave this course equipped to make a tangible impact on their organization's security posture and resilience against cyber threats."

-James Tarala, SANS Course Author

Register for LDR519

Learn about Group Pricing

Prices below exclude applicable taxes and shipping costs. If applicable, these will be shown on the last page of checkout.