SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
Major updates
LDR521: Security Culture for Leaders
LDR521Cybersecurity Leadership
- 5 Days (Instructor-Led)
- 30 Hours (Self-Paced)
Course authored by:
Lance Spitzner
Course authored by:Lance Spitzner
- 30 CPEs
Apply your credits to renew your certifications
- In-Person, Virtual or Self-Paced
Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months
- 22 Hands-On Lab(s)
Apply what you learn with hands-on exercises and labs
LDR521 turns decades of behavioral science into practical steps you can apply immediately, making security culture measurable, actionable, and sustainable through hands-on labs and tools.
Featured Quote
This content is helping bring back concepts that get forgotten when you go from a doer to a senior leadership role. It brought back good concepts and a way to utilize them in the Security Context as well as getting leadership to think differently.
Course Overview
The SANS LDR521: Security Culture for Leaders course empowers cybersecurity leaders with the tools to build, measure, and institutionalize a strong cybersecurity culture across their organization. Through hands-on labs, real-world scenarios, and proven behavioral science frameworks, participants learn how to gain executive buy-in, engage the workforce, and integrate security into everyday business practices. This course is designed for experienced security professionals looking to drive meaningful cultural change and elevate the impact of their security programs.
What You'll Learn
- Define, map and measure both organizational and security culture
- Build a practical strategy leveraging the four key drivers of your security culture
- Communicate the business value of security to gain executive buy-in
- Engage and motivate your workforce to prioritize and adopt secure behaviors
- Architect and embed security so it aligns with how people think and operate
- Improve the success of security initiatives with actionable strategies and tools
Business Takeaways
- Build a strong, positive brand for you and your security team, be perceived as enablers
- Embed security at the start of all business initiatives
- Increase buy-in and success rates of all security programs
- Gain critical executive leadership support, speak in their language
- Create a workforce that naturally prioritizes security
- Reduce security team burnout through cultural alignment
Meet Your Author
Lance Spitzner
Senior InstructorLance revolutionized cyber defense by founding the Honeynet Project. At SANS, he has empowered over 350 organizations worldwide to build resilient security cultures, transforming human risk management into a cornerstone of modern cybersecurity.
Read more about Lance SpitznerCourse Syllabus
Explore the course syllabus below to view the full range of topics covered in LDR521: Security Culture for Leaders.
Section 1Fundamentals of Organizational and Security Culture
Learn the fundamentals of culture and how to decipher your organizational and security culture.
Topics covered
- Role of strategy vs. culture
- Defining and mapping organizational culture
- Role of AI in changing culture
- Defining and indicators of security culture
- Security culture assessment
Labs
- Cyber42 Challenge #1: Mapping Linden Insurance’s Culture
- Lab 1.1 Map your organization's culture
- Cyber42 Challenge #2: Rating Linden Insurance’s Security Culture
- Lab 1.2 Survey your security culture
Section 2Defining Your Strategy
Define what you want your security culture to be and develop an actionable strategy on how to achieve it.
Topics covered
- Building your strategy to culture change
- Proven organizational change models and frameworks
- Motivating and Enabling change
- Four drivers to your security culture
- Developing your security principles and guidelines
Labs
- Cyber42 Challenge #3: Preparing for a Breach
- Cyber42 Challenge #4: Announcing Security
- Lab 2.1: Define your Desired Security Culture
- Cyber42 Challenge #5: Security Team Engagement
- Lab 2.2: Define Your Security Guidelines
Section 3Motivating Change
Discover how to effectively engage and motivate your workforce to prioritize cybersecurity. Learn marketing models, persona development, and incentive programs that drive behavioral change across the organization.
Topics covered
- Safety and motivation principles
- Leveraging marketing models and frameworks
- Creating engagement personas
- Incentivizing security behaviors
Labs
- Lab 3.1 Persona for Software Developers
- Cyber42 Challenge #6: Getting to Know Accounts Payable
- Lab 3.2 Selling DevSecOps
- Lab 3.3 Creating a Custom GPT
- Cyber42 Challenge #7: Incentivization Program
Section 4Enabling Change
Learn how to overcome the "Curse of Knowledge" and make security simple for your entire workforce. Master proven models so your security initiatives and priorities align with and become embedded in people’s daily processes and activities.
Topics covered
- Architecting security so it aligns with people’s daily activities
- Address cognitive biases effectively
- Building security knowledge
- Simplifying and embedding security processes
Labs
- Lab 4.1: Passkeys email
- Cyber42 Challenge #8: Engaging Training
- Lab 4.2: Enabling a Human Sensor Network
- Cybe42 Challenge #9: AI Security Policy
Section 5Measuring Change and Final Steps
Learn how to quantify your security culture and how the changes you are making support leadership’s strategic priorities. Sell your security initiatives and priorities in business terms that resonate with leadership.
Topics covered
- Design effective security culture surveys
- Analyze and quantify metrics for action items
- Align metrics with leadership’s priorities
- Build strong business cases
- Create executive-ready summaries
Labs
- Lab 5.1 Create Survey Questions
- Lab 5.2 Analyze Open Ended Questions
- Lab 5.3 Create an Executive Summary for Linden Insurance
Things You Need To Know
Relevant Job Roles
Cybersecurity Curriculum Development (OPM 711)
NICE: Oversight and GovernanceResponsible for developing, planning, coordinating, and evaluating cybersecurity awareness, training, or education content, methods, and techniques based on instructional needs and requirements.
Explore learning pathSecure Project Management (OPM 802)
NICE: Oversight and GovernanceResponsible for overseeing and directly managing technology projects. Ensures cybersecurity is built into projects to protect the organization’s critical infrastructure and assets, reduce risk, and meet organizational goals. Tracks and communicates project status and demonstrates project value to the organization.
Explore learning pathSystems Security Management (OPM 722)
NICE: Oversight and GovernanceResponsible for managing the cybersecurity of a program, organization, system, or enclave.
Explore learning pathSenior Security Leader
Cybersecurity LeadershipDaily focus is on the leadership of technical teams. Includes titles such as Technical Director, Manager, and Team Lead.
Explore learning pathCybersecurity Instruction (OPM 712)
NICE: Oversight and GovernanceResponsible for developing and conducting cybersecurity awareness, training, or education.
Explore learning pathTransformational Leader
Cybersecurity LeadershipAlign technology, business strategy, and people.
Explore learning pathLeadership
SCyWF: Leadership And Workforce DevelopmentThis role conducts supervises, manages and leads cybersecurity teams and work. Find the SANS courses that map to the Leadership SCyWF Work Role.
Explore learning pathWorkforce Development
SCyWF: Leadership And Workforce DevelopmentThis role conducts leads cybersecurity teams and work. Develops cybersecurity human capital. Find the SANS courses that map to the Workforce Development SCyWF Work Role.
Explore learning pathCourse Schedule & Pricing
Looking for Group Purchasing Options?Contact Us
OnDemand Bundle
When purchasing a live, instructor-led course, add 4 months of online access. View price in the info icons below.
SANS Skills Quest by NetWars Core Edition
Add 6 months of hands-on skills practice. Add to your cart when purchasing your course.
Location & instructorDate & TimeCourse priceRegistration Options
- Date & TimeOnDemand (Anytime)Self-Paced, 4 months accessCourse price$8,260 USD*Prices exclude applicable local taxesRegistration Options
- Date & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxes
- Date & TimeFetching schedule..View event detailsCourse price€7,715 EUR*Prices exclude applicable local taxesRegistration Options
- Date & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxes
- Date & TimeFetching schedule..View event detailsCourse price€7,715 EUR*Prices exclude applicable local taxes
- Date & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxesRegistration Options
- Location & instructor
Nashville, TN, US & Virtual (live)
Date & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxes - Location & instructor
London, GB & Virtual (live)
Date & TimeFetching schedule..View event detailsCourse price£6,715 GBP*Prices exclude applicable taxes | EUR price available during checkout
Showing 8 of 8
Learn Alongside Leading Cybersecurity Professionals From Around The World
- Slide 1 of 2Entertaining and thought provoking and helped me understand what actions I can take to change the culture of my company.
- Slide 2 of 2I love the way each lab built on previous topics covered culminating in the last day where we could apply everything we learnt. Everytime we did a lab they were well explained and at no time did i feel rushed, or like we had too much time to complete them.
Slide 1 of 0
(1/0)
Benefits of Learning with SANS
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources