Talk With an Expert
Major updates

LDR521: Security Culture for Leaders

LDR521Cybersecurity Leadership
  • 5 Days (Instructor-Led)
  • 30 Hours (Self-Paced)
Course authored by:
Lance Spitzner
Lance Spitzner
LDR521: Security Culture for Leaders
Course authored by:
Lance Spitzner
Lance Spitzner
  • 30 CPEs

    Apply your credits to renew your certifications

  • In-Person, Virtual or Self-Paced

    Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months

  • 22 Hands-On Lab(s)

    Apply what you learn with hands-on exercises and labs

Gain proven behavioral science-based tools to measure and embed security culture into daily operations, turning it into a force multiplier that drives lasting success.

Course Overview

The SANS LDR521: Security Culture for Leaders course empowers cybersecurity leaders with the tools to build, measure, and institutionalize a strong cybersecurity culture across their organization. Through hands-on labs, real-world scenarios, and proven behavioral science frameworks, participants learn how to gain executive buy-in, engage the workforce, and integrate security into everyday business practices. This course is designed for experienced security professionals looking to drive meaningful cultural change and elevate the impact of their security programs.

What You'll Learn

  • Define, map and measure both organizational and security culture
  • Build a practical strategy leveraging the four key drivers of your security culture
  • Communicate the business value of security to gain executive buy-in
  • Engage and motivate your workforce to prioritize and adopt secure behaviors
  • Architect and embed security so it aligns with how people think and operate
  • Improve the success of security initiatives with actionable strategies and tools

Business Takeaways

  • Build a strong, positive brand for you and your security team, be perceived as enablers
  • Embed security at the start of all business initiatives
  • Increase buy-in and success rates of all security programs
  • Gain critical executive leadership support, speak in their language
  • Create a workforce that naturally prioritizes security
  • Reduce security team burnout through cultural alignment

Course Syllabus

Explore the course syllabus below to view the full range of topics covered in LDR521: Security Culture for Leaders.

Section 1Fundamentals of Organizational and Security Culture

Learn the fundamentals of culture and how to decipher your organizational and security culture.

Topics covered

  • Role of strategy vs. culture
  • Defining and mapping organizational culture
  • Role of AI in changing culture
  • Defining and indicators of security culture
  • Security culture assessment

Labs

  • Cyber42 Challenge #1: Mapping Linden Insurance’s Culture
  • Lab 1.1 Map your organization's culture
  • Cyber42 Challenge #2: Rating Linden Insurance’s Security Culture
  • Lab 1.2 Survey your security culture

Section 2Defining Your Strategy

Define what you want your security culture to be and develop an actionable strategy on how to achieve it.

Topics covered

  • Building your strategy to culture change
  • Proven organizational change models and frameworks
  • Motivating and Enabling change
  • Four drivers to your security culture
  • Developing your security principles and guidelines

Labs

  • Cyber42 Challenge #3: Preparing for a Breach
  • Cyber42 Challenge #4: Announcing Security
  • Lab 2.1: Define your Desired Security Culture
  • Cyber42 Challenge #5: Security Team Engagement
  • Lab 2.2: Define Your Security Guidelines

Section 3Motivating Change

Discover how to effectively engage and motivate your workforce to prioritize cybersecurity. Learn marketing models, persona development, and incentive programs that drive behavioral change across the organization.

Topics covered

  • Safety and motivation principles
  • Leveraging marketing models and frameworks
  • Creating engagement personas
  • Incentivizing security behaviors

Labs

  • Lab 3.1 Persona for Software Developers
  • Cyber42 Challenge #6: Getting to Know Accounts Payable
  • Lab 3.2 Selling DevSecOps
  • Lab 3.3 Creating a Custom GPT
  • Cyber42 Challenge #7: Incentivization Program

Section 4Enabling Change

Learn how to overcome the "Curse of Knowledge" and make security simple for your entire workforce. Master proven models so your security initiatives and priorities align with and become embedded in people’s daily processes and activities.

Topics covered

  • Architecting security so it aligns with people’s daily activities
  • Address cognitive biases effectively
  • Building security knowledge
  • Simplifying and embedding security processes

Labs

  • Lab 4.1: Passkeys email
  • Cyber42 Challenge #8: Engaging Training
  • Lab 4.2: Enabling a Human Sensor Network
  • Cybe42 Challenge #9: AI Security Policy

Section 5Measuring Change and Final Steps

Learn how to quantify your security culture and how the changes you are making support leadership’s strategic priorities. Sell your security initiatives and priorities in business terms that resonate with leadership.

Topics covered

  • Design effective security culture surveys
  • Analyze and quantify metrics for action items
  • Align metrics with leadership’s priorities
  • Build strong business cases
  • Create executive-ready summaries

Labs

  • Lab 5.1 Create Survey Questions
  • Lab 5.2 Analyze Open Ended Questions
  • Lab 5.3 Create an Executive Summary for Linden Insurance

Things You Need To Know

Relevant Job Roles

Cybersecurity Curriculum Development (OPM 711)

NICE: Oversight and Governance

Responsible for developing, planning, coordinating, and evaluating cybersecurity awareness, training, or education content, methods, and techniques based on instructional needs and requirements.

Explore learning path

Secure Project Management (OPM 802)

NICE: Oversight and Governance

Responsible for overseeing and directly managing technology projects. Ensures cybersecurity is built into projects to protect the organization’s critical infrastructure and assets, reduce risk, and meet organizational goals. Tracks and communicates project status and demonstrates project value to the organization.

Explore learning path

Systems Security Management (OPM 722)

NICE: Oversight and Governance

Responsible for managing the cybersecurity of a program, organization, system, or enclave.

Explore learning path

Senior Security Leader

Cybersecurity Leadership

Daily focus is on the leadership of technical teams. Includes titles such as Technical Director, Manager, and Team Lead.

Explore learning path

Cybersecurity Instruction (OPM 712)

NICE: Oversight and Governance

Responsible for developing and conducting cybersecurity awareness, training, or education.

Explore learning path

Transformational Leader

Cybersecurity Leadership

Align technology, business strategy, and people.

Explore learning path

Leadership

SCyWF: Leadership And Workforce Development

This role conducts supervises, manages and leads cybersecurity teams and work. Find the SANS courses that map to the Leadership SCyWF Work Role.

Explore learning path

Workforce Development

SCyWF: Leadership And Workforce Development

This role conducts leads cybersecurity teams and work. Develops cybersecurity human capital. Find the SANS courses that map to the Workforce Development SCyWF Work Role.

Explore learning path

Course Schedule & Pricing

Looking for Group Purchasing Options?Contact Us
  • Location & instructor

    Virtual (OnDemand)

    Instructed by
    Date & Time
    OnDemand (Anytime)Self-Paced, 4 months access
    Course price
    $8,260 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Orlando, FL, US & Virtual (live)

    Instructed by
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,260 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Washington, DC, US & Virtual (live)

    Instructed by
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,260 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Virtual (live)

    Instructed by
    Date & Time
    Fetching schedule..View event details
    Course price
    €7,715 EUR*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Arlington, VA, US & Virtual (live)

    Instructed by
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,260 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Amsterdam, NL & Virtual (live)

    Instructed by
    Date & Time
    Fetching schedule..View event details
    Course price
    €7,715 EUR*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Virtual (live)

    Date & Time
    Fetching schedule..View event details
    Course price
    $8,260 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Nashville, TN, US & Virtual (live)

    Date & Time
    Fetching schedule..View event details
    Course price
    $8,260 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    London, GB & Virtual (live)

    Date & Time
    Fetching schedule..View event details
    Course price
    £6,715 GBP*Prices exclude applicable taxes | EUR price available during checkout
    Registration Options
Showing 9 of 9

Benefits of Learning with SANS

Instructor teaching to a class

Get feedback from the world’s best cybersecurity experts and instructors

OnDemand Mobile App

Choose how you want to learn - online, on demand, or at our live in-person training events

Resources

Get access to our range of industry-leading courses and resources