Beta

LDR419: Performing A Cybersecurity Risk Assessment

  • Online
12 CPEs

Recent laws are requiring organizations to perform a cybersecurity risk assessment for compliance and audit reasons. However, many organizations do this without a specific strategy, which leads to random defenses, ineffective programs, and financial loss. Understanding the business context for the assessment promotes accurately discerning business risk and protecting accordingly. Go beyond theoretical and academic and truly understand how to perform risk assessments that matter - know what risks to look for in relation to your specific organizational context, how to uncover these risks effectively, and present results to leadership for actionable results. LDR419 teaches students the practical, hands-on skills they need to perform such risk assessments.

What You Will Learn

WHAT IS A CYBERSECURITY RISK ASSESSMENT?

A cybersecurity risk assessment is a tool organizations can use to help ensure that appropriate security safeguards are in place that allow technology systems to continue to meet the organization's goals, needs, and regulations.

Every organization should be performing risk assessments as a part of their cybersecurity program. Regular risk assessments allow organizations to create practical strategies for defense and evaluate where there are weaknesses in their cybersecurity program that could keep them from achieving their goals. Most cybersecurity risk courses are theoretical and academic, often leaving students unsure how to do the actual assessment work. This cyber security risk assessment training teaches students the practical, hands-on skills they need to perform risk assessments.

The course uses the Cyber42 leadership simulation game to put students into real-world scenarios that spur discussion and critical thinking of situations that they will encounter at work. Throughout the class students will participate in multiple Cyber42 activities to help them practice what they learn and ensure that they will be able to take these skills immediately back to the office.

BUSINESS TAKEAWAYS

  • Plan for and establish the context for a cybersecurity risk assessment
  • Meet and exceed regulatory requirements
  • Effectively export the results of a risk assessment to key stakeholders
  • Create a strategy for how to respond to identified cybersecurity risks

SKILLS LEARNED

  • Constructing a risk management program
  • Creating a cybersecurity program charter
  • Choosing appropriate cybersecurity safeguards
  • Performing third-party risk assessments
  • Performing a cyber security risk assessment
  • Evaluating cybersecurity documentation
  • Examining the implementation of cybersecurity safeguards
  • Thoroughly reporting risk to business stakeholders
  • Effectively reporting risk to technical stakeholders
  • Productively respond to risks identified during an assessment

HANDS-ON CYBERSECURITY RISK ASSESSMENT TRAINING

Each of the case studies in this course will be based on a fictitious technology company, Initech Systems, and its quest towards maintaining a more mature cybersecurity program. Students will have an opportunity to explore Initech's specific cybersecurity strategies and tactical plans, which are based on real-world examples. To facilitate these case studies, students will use the Cyber42 tabletop simulation game to put students in real-world scenarios that spur discussion and critical thinking of situations that they will encounter at their offices.

  • Evaluating an Organization's Governance Model
  • Evaluating a Cybersecurity Program's Goals to Create a Safeguard Inventory
  • Creating a Comprehensive Risk Assessment Plan for Internal and Third Parties
  • Evaluating a Cybersecurity Policy
  • Evaluating Cybersecurity Technical Safeguards
  • Creating an Executive Risk Briefing
  • Writing a Personal Action Plan

Section 1: Learn the practical, foundational skills necessary to prepare for and plan for performing a risk assessment.

Section 2: Learning the practical skills for how to perform a cybersecurity risk assessment and present risks to leadership.

WHAT YOU WILL RECEIVE

  • Printed and electronic courseware
  • Cybersecurity risk assessment templates, tools, and checklists
  • Access to the Cyber42 security leadership simulation web app
  • MP3 audio files of the complete course lecture
  • Exercise workbook and electronic workbook with detailed step-by-step instructions for case studies covered in class

WHAT COMES NEXT

Syllabus (12 CPEs)

Download PDF
  • Overview

    To effectively perform a risk assessment, cybersecurity professionals need to understand the business context for cybersecurity risk. Ultimately, risk assessments are not performed in a vacuum -- they can only exist in the context of technology and business objectives. Understanding risk requires students to understand a framework for cybersecurity governance and how risk fits into that framework. In other words, before someone can perform a risk assessment, they need to understand how to prepare themselves for a risk assessment and why they are performing a risk assessment. In this section of the course, students will learn the practical, foundational skills necessary to prepare for and plan for performing a risk assessment.

    Exercises
    • Evaluating an Organization's Governance Model
    • Evaluating a Cybersecurity Program's Goals to Create a Safeguard Inventory
    • Creating a Comprehensive Risk Assessment Plan for Internal and Third Parties
    Topics
    • The Business Context for Risk Assessment
    • An Architecture for Governance and Risk
    • The Risk Management Lifecycle
    • Selecting Cybersecurity Safeguards
    • Scoping Internal vs Third-Party Risk Assessments
  • Overview

    In this section of the course, students will learn the step-by-step practical skills to perform a cybersecurity risk assessment. Students will be provided templates, tools, and checklists for performing a cybersecurity risk assessment and taught the skills necessary to use those resources effectively. Through the extensive use of real-world case studies, students will have the opportunity to practice the skills they learn and be able to put them into practice under the guidance of an experienced instructor-mentor. To close the class, students will learn what to do with the results of their assessment and their role in encouraging an organization's stakeholders to take appropriate steps to respond to the risks identified throughout the process.

    Exercises
    • Evaluating a Cybersecurity Policy
    • Evaluating Cybersecurity Technical Safeguards
    • Creating an Executive Risk Briefing
    • Writing a Personal Action Plan
    Topics
    • Risk Assessment Quality
    • Evaluating Cybersecurity Documentation
    • Evaluating Cybersecurity Safeguards
    • Presenting Risk to Stakeholders
    • Risk Remediation & Response

Prerequisites

A basic understanding of information security and information security management topics is helpful for students attending this class. However, a strong background in any of these skills is not a pre-requisite for the class. In the class students will be taught a step-by-step approach for performing a risk assessment regardless of their technical information security or management background.

Laptop Requirements

Important! Bring your own system configured according to these instructions.

A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will not be able to fully participate in hands-on exercises in your course. Therefore, please arrive with a system meeting all the specified requirements.

This is common sense, but back up your system before class. Better yet, use a system without any sensitive/critical data. SANS is not responsible for your system or data.

MANDATORY LDR419 SYSTEM HARDWARE REQUIREMENTS
  • Wireless 802.11 capability: There is no wired Internet access in the classroom.
MANDATORY LDR419 HOST CONFIGURATION AND SOFTWARE REQUIREMENTS
  • Host Operating System: Latest version of Windows 10, Windows 11, or macOS 10.15.x or newer.
  • Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed.
  • Linux hosts are not supported in the classroom due to their numerous variations. If you choose to use Linux as your host, you are solely responsible for configuring it to work with the course materials and/or VMs.
  • Microsoft Office (any version) or OpenOffice installed on your host. Note that you can download Office Trial Software online (free for 30 days).

If you have additional questions about the laptop specifications, please contact laptop_prep@sans.org.

Author Statement

"Every organization needs to be performing risk assessments on a regular basis, no matter what kind of organization it is. We do risk assessments for two main reasons. First, we do risk assessments to figure out what defenses our organizations need to make sure our technology supports our business objectives. Second, we do risk assessments to identify where our organization is not doing the things, we should be doing to defend ourselves and ensure stakeholders understand those gaps.

I wrote this class to give students a practical understanding of how to perform risk assessments of all types. This course starts by teaching students the foundational context of risk and then quickly pivots to cover a specific, step-by-step approach for performing a cyber security risk assessment. Students will leave this class with the knowledge, tools, and templates they need to return to their offices and perform a risk assessment, communicate the results to business stakeholders, and productively respond to identified risks. I hope students will take what they learn and use it to make a difference in their organizations."

-James Tarala

"James clearly has a significant amount of experience in both teaching and conducting evaluations." - Matt P., US Government

Register for LDR419

Loading...