MGT525: Managing Cybersecurity Initiatives and Effective Communication

GIAC Certified Project Manager (GCPM)
GIAC Certified Project Manager (GCPM)
  • In Person (5 days)
  • Online
30 CPEs

Many cybersecurity professionals are highly technical but often unfamiliar with project management terminology, methodologies, resource management, and leading teams. Overseeing diverse groups of stakeholders and team members, estimating resources accurately, as well as analyzing risk as applied to different organizational structures and relationships is a struggle for many new technical project leaders. Today's virtual work environment only increases these complexities. It is critically important to understand how to leverage a wide range of development approaches and project management framework components to maximize resources across various business units for project success. Confidently lead security initiatives that deliver on time, within budget, reduce organizational risk and complexity while driving bottom line value. 35 Exercises

What You Will Learn

Meet and exceed your security program's goals.

SANS MGT525: Managing Security Initiatives and Effective Communication provides the training necessary to maintain the Project Management Professional (PMP)® and other professional credentials. SANS Institute is a PMI® authorized training partner.

This course is focused on delivering bottom line value from security initiatives while following modern adaptive, agile, iterative, and predictive development approaches and leveraging the benefits of increased effective organizational communication. During this class students learn how to improve project planning methodology and project task scheduling to get the most out of critical IT resources. We utilize cyber security project case studies to increase practical understanding of real-world issues. MGT525 follows the basic methodologies and principles from the updated PMBOK® Guide, also providing specific implementation techniques for success. Throughout the 5 sections, all aspects of leading security initiatives - from project business justification analysis, selecting the appropriate development approach that fits your stakeholder and organizational structure using predictive, adaptive, and hybrid implementations tailored to drive value - are covered. We focus on planning for and managing cost, time, quality, and risk while your project is active, to completing, closing, and documenting as your project finishes. A copy of the PMBOK® Guide Seventh edition is provided to all participants. Students can reference the PMBOK® Guide and use course material along with the knowledge gained in class to prepare for the GIAC Certified Project Manager Exam (GCPM) and earn PDUs/CPEs to maintain the Project Management Professional (PMP)® and other professional credentials.

Project management methodologies and frameworks are highlighted that can be applied across any product life cycle, in any industry. Although our primary focus is the application of security initiatives, our approach is transferable to any projects that create and maintain services as well as general product development. We cover in-depth how cost, time, quality, risk, and compliance aspects affect the services we provide to others. We will also address practical human resource management as well as effective communication and conflict resolution. You will learn specific tools to bridge the communications gap between managers and technical staff.

NOTE: PMP® and PMBOK® are registered marks of the Project Management Institute, Inc. PMP® exams are not hosted by SANS. You will need to make separate arrangements to take the PMP® exam and this course is not an official PMP® prep class.

BUSINESS TAKEAWAYS:

  • Improve the effectiveness, efficiency, and success of cybersecurity initiatives
  • Develop internal leaders who can relate to and communicate with technical teams, management, and other stakeholders
  • Streamline project timelines, costs, and communications
  • Present accurate status and forecasting to stakeholders on all projects and initiatives
  • Decrease organizational risk while implementing security initiatives and increase return on investment
  • Take key cybersecurity professionals to the next level, adding value to your organization

SKILLS LEARNED:

  • Understand predictive / waterfall, adaptive / agile development approaches and how they interact with product and project life cycles.
  • Learn how to use and implement lean / agile tools, complexity models, root cause analysis
  • Recognize the top failure mechanisms related to security projects, so that your projects can avoid common pitfalls
  • Create a project charter which increases stakeholder engagement
  • Document project requirements and create requirements traceability matrix to track changes throughout the project lifecycle
  • Clearly define the scope of a project in terms of cost, schedule, and technical deliverables
  • Develop a project schedule, including critical path tasks and milestones
  • Cultivate user stories to drive adaptive sprint cycles
  • Create accurate project cost and time estimates
  • Develop planned and earned value metrics for your project deliverables and automate reporting functions
  • Effectively manage conflict situations and build communication skills with your project team
  • Analyze project risks in terms of probability and impact, assign triggers and risk response responsibilities
  • Create project earned value baselines and project forecasts based on actual performance
  • Communicate effectively with stakeholders, technical staff, and management teams

HANDS-ON TRAINING:

MGT525 uses many types of exercises to enhance and solidify understanding of the material, such as table top exercises involving self-assessments, group and individual discussion, reviewing case studies to implement security remediation initiatives with various development approaches, and following risk identification, assessment, and mitigation through common case-study security initiatives. No computers are needed. Reveiw the summary of activies in each section:

Section 1: Discussion of modern security projects - predictive, adaptive, hybrid development approaches; project business justification analysis; responsibility assignment matrices; acquiring project resources

Section 2: Stakeholder Identification and analysis; issue logs; stakeholder communications channels; understanding project priorities; project charter and requirements development; building negotiating skill sets; team project development; conflict management and resolution

Section 3: Project brief development; process improvement; sprint release planning; cost estimating; estimating resources; project schedule development; critical path method; earned value analysis and schedule forecasting

Section 4: Effective listening; trend analysis; building effective communication skills; make-or-buy analysis; procurement and vendor evaluation criteria; contract types; collecting and documenting requirements; scope planning; work breakdown structure and decomposition steps; project quality planning

Section 5: Defining quality metrics; cost budgeting and earned value; forecasting; understanding stakeholder risk appetite; risk ID; risk analysis; probability and impact analysis; risk response planning

SYLLABUS SUMMARY:

Section 1: Galvanize your understanding of various project methodologies and be able to tailor your approach to meet your organizational needs.

Section 2: Build strong stakeholder communications, improve resource management skills while refining overall team interaction through motivation and dynamic leadership.

Section 3: Learning to operationalize planning techniques, including estimating, staffing, and scheduling, utilizing predictive, adaptive, and hybrid approaches to meet the needs of your organization.

Section 4: Improving knowledge management to drive return on investment with effective communication for strategic initiatives that deliver value throughout the project life cycle.

Section 5: Establishing metrics, baselines, and dashboards to be able to forecast and present information, while analyzing and managing risk throughout cybersecurity initiatives.

ADDITIONAL FREE RESOURCES:

WHAT YOU WILL RECEIVE:

  • Printed and electronic courseware
  • MP3 audio files of the complete course lecture
  • PMBOK® Guide Seventh Edition

WHAT COMES NEXT:

Syllabus (30 CPEs)

Download PDF
  • Overview

    In Section One, our focus is on driving value for the organization including a primer on development approaches, including Agile, Waterfall, DevOps, and hybrid approaches, as well as introducing a wide array of project management standards, methodologies, and framework components. We dive into how to tailor frameworks and approaches for modern implementation, as well as cover change management. We introduce a cybersecurity case study that will be followed throughout the course and towards the end of the section, we introduce the PMI 12 delivery principles.

    Exercises
    • Discussion of modern, adaptive, predictive, and hybrid development approaches
    • Project business justification analysis
    • Responsibility assignment matrices
    • Acquiring project resources

    Topics
    • Delivering Value
    • Project business justification analysis
    • Adaptive, Predictive, Hybrid development approaches
    • Iterative and incremental life cycles
    • Lean manufacturing overview
    • Types of organizational structures
    • Tailoring methodology to meet enterprise needs
    • Stewardship
    • Team
    • Stakeholders
    • Value
    • Holistic thinking
    • Leadership
    • Tailoring
    • Quality
    • Complexity
    • Opportunities & threats
    • Adaptability & resilience
    • Change management
  • Overview

    Section two takes on project stakeholder management. We start with identification and analysis of stakeholders, how to engage successfully, communicate effectively, and align management with the overall project goals. The other key component of project success is a strong team. Learning to establish team ground rules, develop a welcoming culture that leads to productive implementation and effective communication is a key to driving value. Team leadership also includes motivational concepts and refining interpersonal skills.

    Exercises
    • Stakeholder Identification and analysis
    • Issue logs
    • Stakeholder communications channels
    • Understanding project priorities
    • Project charter development
    • Gathering requirements
    • Building negotiating skill sets
    • Team project development
    • Conflict management and resolution
    Topics
    • Stakeholder Identification, Engagement
    • Addressing stakeholder issues
    • Communication and Management
    • Scope planning
    • Project charter development
    • Resource management
    • Team ground rules
    • Team culture and development
    • Negotiation
    • Conflict resolution
    • Leadership
    • Motivation and leadership and Interpersonal skills
    • Earned value analysis
  • Overview

    Today's modern world has a strong focus on delivering value in both iterative and incremental life cycles. We reinforce how agile, predictive, and hybrid development approaches accomplish this through interactions with product and project life cycles. Students learn how to incorporate planning processes, components, and artifacts that are tailored to meet organizational needs. We end the section with estimating techniques, understanding nuances of dependencies, scheduling project work, accurate budgeting.

    Exercises
    • Project brief development
    • Process improvement
    • Sprint release planning
    • Cost estimating
    • Estimating resources
    • Project schedule development
    • Critical path methodology
    • Schedule forecasting
    Topics
    • Development approaches
    • Product and Project life cycles
    • Kanban
    • Complexity models
    • Root cause analysis
    • Iteration and flow based agile
    • Artifacts tailored to meet organizational needs
    • Estimating techniques
    • Dependencies
    • User stories
    • Sprint cycles
    • Scheduling project work
    • Critical path method
    • Schedule optimization
    • Project communications planning
    • Cost estimating and budgeting
  • Overview

    In section four we cover resource management, increasing team focus, communication engagement, and then move into a procurement primer and establishing bid documents, as well as the bid processes, vendor evaluation, and contracting. It is critical to focus on knowledge management throughout the project life cycle through understanding value delivery. These components are tied together by gathering stakeholder requirements, establishing requirements traceability and decomposing the complexity of initiatives through the work breakdown structure process and agile release planning. The end of section four includes quality topics and a section on the Cost of Quality.

    Exercises
    • Effective listening
    • Tend analysis
    • Building effective communication skills
    • Make-or-buy analysis
    • Procurement and vendor evaluation criteria
    • Contract types
    • Collecting and documenting requirements
    • Scope planning
    • Work breakdown structure and decomposition steps
    • Project quality planning
    Topics
    • Resource and team management
    • Effective communication
    • Communication models
    • Forecasting
    • Procurement management
    • Bid documents and process
    • Contract types
    • Source selection and evaluation
    • Make-or-buy analysis
    • Knowledge management throughout the project lifecycle
    • Understanding value delivery
    • Collecting project requirements
    • Work breakdown structures
    • Agile release planning
    • Quality management functions
    • Cost of Quality
  • Overview

    Section five kicks off with establishing metrics, baselines, and understanding the value of dashboards which are enabled through measuring project status, deliverable focused metrics, and measurements. Key course topics are again collectively presented, tying together concepts such as business value, earned value management, forecasting, and presenting information. In the next segment we define uncertainty through ambiguity, complexity, and volatility to focus on mitigating project risk. Using a case study approach, we take a wide view of cybersecurity project risk and drive understanding to identify, analyze, and alleviate project risks through risk response planning and implementation.

    Exercises
    • Defining quality metrics
    • Cost budgeting and earned value
    • Forecasting
    • Understanding stakeholder risk appetite
    • Risk ID
    • Risk analysis
    • Probability and impact analysis
    • Risk response planning
    Topics
    • Quality control measurements and tools
    • Deliverable focused metrics and measurements
    • Business value
    • Earned value management
    • Forecasting
    • Presenting information
    • Visual controls and measurement pitfalls
    • Uncertainty, Ambiguity, Complexity, and Volatility
    • Cybersecurity risk approach
    • Risk ID and Analysis
    • Managing technical resources
    • Probability and impact analysis
    • Risk data presentation
    • Expected monetary value analysis
    • Panning risk responses
    • Managing risk through cybersecurity initiatives

GIAC Certified Project Manager

The GIAC Certified Project Manager (GCPM) certification validates a practitioner's knowledge of technical project management methodology and implementation. GCPM certification holders have demonstrated the critical skill sets associated with making projects successful, including effective communication and time, cost, quality, procurement and risk management of IT projects and application development.

  • Project management structure and framework
  • Time and cost management, communications, and human resources
  • Quality and risk management, procurement, stakeholder management, and project integration
More Certification Details

Author Statement

"Managing projects to completion, with an alert eye on quality, cost, and time, is something most of us need to do on an ongoing basis. In this course, we review common development approaches, break down project management frameworks into their fundamental components and galvanize your understanding of the key concepts with an emphasis on practical application and execution. Since project managers spend the vast majority of their time communicating with others, throughout the week we focus on traits and techniques that enable effective technical communication. As people are the most critical asset in the project management process, effective and thorough communication is essential."

- Jeff Frisk

"Jeff Frisk did a wonderful job keeping my attention throughout the entire course and delivered great insight into project management concepts. [I would] highly recommend anyone to have him as an instructor." - Matthew Aloia, US Military

Reviews

Course content is excellent, easy to understand.
Christine Kosh
Very valuable because it deals with exactly what I do in my career area.
Melanie K.
US Military
As a technical leader, I am now responsible for the success of high-profile projects. SANS MGT525 gives me the skills & tools to be effective and successful.
Alfredo Hickman
Rackspace
The concepts, procedures, structure that this class offers make a world of difference by breaking them down in simple pieces and connecting them to make the entire picture easy to comprehend.
Miguel Vargas
FedEx Ground
I've never attended a course that opened my mind like this one.
Gary S.
U.S. Military

    Register for MGT525

    Loading...