Question 1

What Are The Laptop Requirements?

Accepted Answer

Important! Bring your own system configured according to these instructions. A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will not be able to fully participate in hands-on exercises in your course. Therefore, please arrive with a system meeting all the specified requirements. Back up your system before class. Better yet, use a system without any sensitive/critical data. SANS is not responsible for your system or data. Mandatory System Hardware Requirements Processor: CPU: 64-bit Intel i5/i7 (8th generation or newer), or AMD equivalent. A x64 bit, 2.0+ GHz or newer processor is mandatory for this class or Apple Mac systems using the M1/M2/M3 processor. Memory: 8GB of RAM or more is required. Free Disk Space: 20GB of free storage space or more is required. Wireless 802.11 capability: There is no wired Internet access in the classroom. USB-A read / write capability: This is recommended in case students need to exchange large files during class. At least one available USB 3.0 Type-A port. A Type-C to Type-A adapter may be necessary for newer laptops. Some endpoint protection software prevents the use of USB devices, so test your system with a USB drive before class. Mandatory Host Configuration and Software Requirements  Latest version of Windows 10, Windows 11, or macOS 10.15.x or newer. Fully patch your host operating system prior to the course to ensure you have the right drivers and patches installed. Local Administrator Rights: Local Administrator Access is required. (Yes, this is absolutely required. Don't let your IT team tell you otherwise.) If your company will not permit this access for the duration of the course, then you should make arrangements to bring a different laptop. Endpoint Protection Software: You should ensure that antivirus or endpoint protection software is disabled, fully removed, or that you have the administrative privileges to do so. Many of our courses require full administrative access to the operating system and these products can prevent you from accomplishing the labs. Operating System Updates: Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed. Linux Workstations: Linux hosts are not supported in the classroom due to their numerous variations. If you choose to use Linux as your host, you are solely responsible for configuring it to work with the course materials. Microsoft Office: Microsoft Office (any currently supported version) installed on your host. Note that you can download Office Trial Software online (free for 30 days). Open Office is NOT supported for this course. Web Browser: A web browser you feel comfortable using during class. Microsoft Edge, Google Chrome, or Mozilla Firefox will all be supported in class. If you choose to use a different browser on your host, you are solely responsible for configuring it to work with the course materials. If you have additional questions about the laptop specifications, please contact customer service.

Question 2

Who Should Attend LDR539 Training?

Accepted Answer

LDR539 is designed for cybersecurity leaders who are responsible for, or moving into, cyber risk management at the enterprise level. This includes CISOs, deputy CISOs, and senior security leaders who need to connect their risk programs to how the business makes decisions. It is also well-suited for aspiring cyber risk leaders who want to move beyond framework compliance and metric reporting into a role that directly enables leadership decisions. No formal prerequisites are required. Students should come with some experience in cybersecurity and an interest in how risk management operates at the organizational level.

Question 3

What Will You Get?

Accepted Answer

Printed and electronic courseware

Question 4

What Are The Prerequisites For This Course?

Accepted Answer

There are no formal prerequisites. This course is best suited for cybersecurity leaders and senior risk professionals who already operate in or near enterprise risk management. Students should have experience in a security leadership, GRC, or cyber risk role and a working familiarity with how their organization makes risk-related decisions. This is not an entry-level course. Students without prior exposure to security leadership or organizational risk management will find the content difficult to apply. It is most valuable for those in mid-to-large organizations where alignment between cybersecurity and enterprise risk is an active challenge.

Question 5

What Learning Path Is This Course A Part Of?

Accepted Answer

LDR539 is part of the SANS Cybersecurity Leadership curriculum, which develops security leaders who can operate effectively at the intersection of technical expertise and business strategy. The curriculum spans security management, governance, risk, and executive leadership, building the skills needed to lead programs, influence decisions, and drive outcomes at the organizational level.

Question 6

What is Enterprise Risk Management And Why Is It Important?

Accepted Answer

Enterprise risk management (ERM) is the discipline through which organizations identify, assess, and manage risk in a way that supports business strategy and leadership decision-making. For cybersecurity leaders, ERM is the operating environment where cyber risk either gets heard or gets ignored. When cyber risk is not aligned to ERM, programs can generate extensive data and still fail to influence a single leadership decision. When it is aligned, cyber risk becomes a direct input into how the business sets priorities, allocates resources, and takes action.

Question 7

How Will This Course Benefit My Career?

Accepted Answer

Senior security leaders are increasingly expected to do more than manage technical risk. They are expected to connect it to business outcomes. LDR539 gives you a transferable operating model for doing exactly that: interpreting risk appetite, contextualizing existing data, and enabling leadership decisions across any organization regardless of ERM maturity. Whether you are a GRC leader, a deputy CISO, or stepping into your first CISO role, this course builds the judgment and discipline that separates leaders who report on risk from those who shape how the business responds to it.

Question 8

What is the LDR539 Beta?

Accepted Answer

Beta courses are part of the SANS course development process, bringing new training to market in collaboration with the practitioner community. LDR539 delivers fully developed content, complete labs, and expert instruction at 25% off full course cost.

Question 9

Why Take The Beta?

Accepted Answer

Work directly with the author Ian Frist in a smaller cohort before general release Engage with content built from real-world ERM experience, not frameworks Shape the final course through direct feedback to the author Access the course at 25% off full course cost

SEC536: Adversarial AI - Penetration Testing AI Systems

LDR539: Enterprise Risk Management for CISOs

Course Overview

What You'll Learn

Business Takeaways

Meet Your Author

Ian Frist

Course Syllabus

Section 1Building Alignment: Don’t be the Sushi at the Italian Restaurant

Topics covered

Labs

Section 2Metrics Matter: Operationalizing Risk Management

Topics covered

Labs

Section 3Sustainment: Getting There Was Tough, Staying There Is Tougher

Topics covered

Labs

Things You Need To Know

Relevant Job Roles

Cyber Risk Officer

Senior Security Leader

Benefits of Learning with SANS