LDR514: Security Strategic Planning, Policy, and Leadership

GIAC Strategic Planning, Policy, and Leadership (GSTRT)
GIAC Strategic Planning, Policy, and Leadership (GSTRT)
  • In Person (5 days)
  • Online
30 CPEs
The next generation of security leadership must bridge the gap between security staff and senior leadership by strategically planning how to build and run effective security programs. Yet, creating a security strategy, executing a plan that includes sound policy coupled with top-notch leadership is hard for IT and security professionals because we spend so much time responding and reacting. We almost never do strategic planning until we get promoted to a senior position, and then we are not equipped with the skills we need to run with the pack. This information security course will provide you with the tools to build a cybersecurity strategic plan, an entire IT security policy, and lead your teams in the execution of your plan and policy. By the end of class you will have prepared an executive presentation, read 3 business case studies, responded to issues faced by 4 fictional companies, analyzed 15 case scenarios, and responded to 15 Cyber42 events.
Course Authors:

What You Will Learn

Aligning Security Initiatives with Strategy

As security professionals, we have seen the landscape change. Cybersecurity is now more vital and relevant to the growth of your organization than ever before. As a result, information security teams have more visibility, more budget, and more opportunity. However, with this increased responsibility comes more scrutiny. This course gives you tools to become a security business leader who can build and execute strategic plans that resonate with other business executives, create effective information security policy, and develop management and leadership skills to better lead, inspire, and motivate your teams.

Policy is a manager's opportunity to express expectations for the workforce, set the boundaries of acceptable behavior, and empower people to do what they ought to be doing. These policies must be aligned with an organization's culture. In LDR514, we break down the steps to policy development so that you have the ability to design and assess policies that can successfully guide your organization.

Leadership is a skill that must be learned, exercised, and developed to better ensure organizational success. Strong leadership is brought about primarily through selfless devotion to the organization and staff, tireless effort in setting the example, and having the vision to see and effectively use available resources toward the end goal. Effective leadership entails persuading team members to accomplish their objectives, removing the obstacles preventing them from doing it, and maintaining the well-being of the team in support of the organization's mission. LDR514 will teach you to use management tools and frameworks to better lead, inspire, and motivate your teams.

"Really helpful and aligned with my current need in security strategy within my organization. There wasn't a day or section that was not directly applicable to issues I'm facing and strategies to address them." - Scott Quenneville, American Transmission Company

What Is Cyber Security Strategy?

Simply put, strategy is the ability to get from one place to another in a beneficial way. Your job as a leader is to figure out how to do that for your business, your team, and yourself. You need a wide combination of skills that go beyond the technical nitty gritty to progress into a more senior leadership role and build rapport with executive leadership. This includes being able to build a strategic plan, conduct gap analysis, understand both the business and threat landscape, build a compelling business case, and create effective security policy. On top of all this you must ensure that your team can actually get the work done by leading, motivating, and inspiring them to actually WANT to get the work done. In summary, the ability to build a cybersecurity strategy will help you take the next step in your career, build higher performing teams, and align cybersecurity with business objectives.

Business Takeaways

This course will help your organization:

  • Create a security plan that resonates with customers
  • Develop leaders that know how to align cybersecurity with business objectives
  • Build higher performing security teams

Skills Learned

  • How to develop strategic security plans
  • Create effective information security policy
  • Understand the different phases of the strategic planning process
  • Increase knowledge of key planning tools
  • Cultivate fundamental skills to create strategic plans that protect your company
  • Enable key innovations
  • Facilitate working effectively with your business partners
  • Advance security strategic plans that incorporate business and organizational drivers
  • Foster and assess information security policy
  • Use management and leadership techniques to motivate and inspire your team

Hands-On Cyber Security Strategy Training

LDR514 uses business case studies, fictional companies, and the Cyber42 leadership simulation game to put you in real-world scenarios that spur discussion and critical thinking of situations that you will encounter at work. This web application-based game is a continuous tabletop exercise where students play to improve security culture, manage budget and schedule, and improve security capabilities at a fictional organization. This puts you in real-world scenarios that spur discussion and critical thinking of situations that you will encounter at work.

The course also uses case studies from Harvard Business School, case scenarios, team-based exercises, and discussions that put students in real-world situations. You will be able to use these same activities with your own team members at work.

  • Section 1: LABS: CISO First Impression, Relationship Management, Strategy Map. Cyber42 Events: Cloud Migration Buy-In, Crown Jewels, Prioritizing Threat Defense
  • Section 2: LABS: Mission Statement, SWOT Analysis, Roadmap Development. Cyber42 Events: Dropbox or Bust, Making Your Case, Make Metrics Matter
  • Section 3: LABS: Positive and Negative Voicing, Vulnerability Management Policy, Cloud Computing Policy. Cyber42 Events: Where's the Policy?, Unexpected AI, Cloud Storage Policy
  • Section 4: LABS: Management and Leadership, Performance Review, Delegation. Cyber42 Events: The First Team Meeting, Strategic Communications, Employee Interactions
  • Section 5: Case Study Analysis 1 - 4. Cyber42 Events: Attack Aftermath, Merger Due Diligence, Executive Presentation

"I have truly enjoyed the labs and exercises. They have broke up the course throughout the weak. There has been a lot of information, but these exercises and labs helped us to put the knowledge into action." - Antoinette Stowers Lewis, Kaiser Permanente

"[The] strength of the course is live labs and exercise." - Ajay Kumar, National Grid

"I enjoy the use of Cyber 42. I particularly enjoyed the extra addition of going through the answers and discussing which answers had what effects to everyone's scores." - Alexander Walker, TechVets

"I love the lab and exercises. They are exactly what I am looking for as the new Marketplace Security PM on my team." - Rebecca Gaudet, Microsoft

Syllabus Summary

  • Section 1: Decipher the business and threat landscape
  • Section 2: Create a security team roadmap and strategic plan
  • Section 3: Develop and assess security policy
  • Section 4: Lead, motivate, and inspire your team to implement the strategic plan
  • Section 5: Analyze business school case studies using strategic planning tools from class

Additional Free Resources

What You Will Receive

  • Electronic Courseware containing the entire course content
  • Printed course books
  • Access to the Cyber42 security leadership simulation game
  • MP3 audio files of the complete course lecture

What Comes Next?

Syllabus (30 CPEs)

Download PDF
  • Overview

    Creating security strategic plans requires a fundamental understanding of the business and a deep understanding of the threat landscape. Deciphering the history of the business ensures that the work of the security team is placed in the appropriate context. Stakeholders must be identified and appropriately engaged within this framework. This includes understanding their motivations and goals, which is often informed by the values and culture your organization espouses. Successful security leaders also need a deep understanding of business goals and strategy. This business understanding needs to be coupled with knowledge of the threat landscape - including threat actors, business threats, and attacker tactics, techniques, and procedures - that informs the strategic plan.

    • Lab 1.1: CISO First Impression
    • Lab 1.2: Relationship Management
    • Lab 1.3: Strategy Map
    • Cyber42 Round 1 Event #1: Cloud Migration Buy-In
    • Cyber42 Round 1 Event #2: Crown Jewels
    • Cyber42 Round 1 Event #3: Prioritizing Threat Defense

    Strategic Planning Overview

    • 30-60-90 Day Plan

      • Building a plan for your leadership, your team, and for yourself

    Decipher the Business

    • Historical Analysis

      • Analyze the past in order to understand the probable future
    • Stakeholder Management

      • Learn to identify, understand, and manage stakeholders in order to make the security team more successful
    • Values and Culture

      • Understand the values and culture of your organization in order to align security with the corporate culture and define acceptable working norms
    • Business Strategy

      • Use a strategy map to understand how to align with business objectives
    • Asset Analysis

      • Understand assets that are most valuable to the business and are of interest to attackers

    Decipher the Threats

    • Threat Actors
      • Understand attacker motivations and techniques
      • Review real-word attack scenarios
    • Political, Economic, Social and Technological (PEST) Analysis

      • Identify business threats
    • Threat Analysis

      • Learn how the intrusion kill chain and MITRE ATT&CK inform strategic planning
  • Overview

    With a firm understanding of the drivers of business and the threats facing the organization, you will develop a plan to analyze the current situation, identify the target state, perform gap analysis, and develop a prioritized roadmap. In other words, you will be able to determine (1) what you do today (2) what you should be doing in the future (3) what you don't want to do, and (4) what you should do first. Once this plan is in place, you will learn how to build and execute it by developing a business case, defining metrics for success, and effectively marketing your security program.

    • Lab 2.1: Mission Statement
    • Lab 2.2: SWOT Analysis
    • Lab 2.3: Roadmap Development
    • Cyber42 Round 1 Event #4: Dropbox or Bust
    • Cyber42 Round 1 Event #5: Making Your Case
    • Cyber42 Round 1 Event #6: Make Metrics Matter

    Define the Current State

    • Vision and Mission
      • What they tell you about the organization
      • Develop a Security Team Mission Statement that Aligns with Organizational Goals
    • SWOT Analysis
      • Analysis of strengths, weaknesses, opportunities, and threats (SWOT)
      • Understanding of current SWOT

    Develop the Plan

    • Vision and Innovation
      • Sustaining versus disruptive innovation
      • Jobs to be done theory
      • Learning to innovate with the business
      • How to provide value to stakeholders
    • Security Framework
      • NIST Cybersecurity Framework
      • Measuring maturity
    • Roadmap Development
      • Gap analysis
      • Security roadmap
    • Business Care Development

      • Approaches to obtaining funding

    Deliver the Program

    • Security Metrics Program

      • Developing effective metrics
    • Marketing and Executive Communications
      • Promoting the work of the security team
  • Overview

    Policy is one of the key tools that security leaders have to influence and guide the organization. Security managers must understand how to review, write, assess, and support security policy and procedures. This includes knowing the role of policy in protecting the organization along with its data, systems, and people. In developing policy, you also need to know how to choose the appropriate language and structure so that it fits with your organization's culture. As policy is developed you must manage the entire lifecycle from approval and socialization to measurement in order to make necessary modifications as time goes on. This is why assessing policy and procedure is so important. Policy must keep up to date with the changing business and threat landscape. This includes coverage of technologies like Generative Artificial Intelligence (GenAI).

    • Lab 3.1: Positive and Negative Voicing
    • Lab 3.2: Vulnerability Management Policy
    • Lab 3.3: Cloud Computing Policy
    • Cyber42 Round 2 Event #7: Where's the Policy?
    • Cyber42 Round 2 Event #8: Unexpected AI
    • Cyber42 Round 2 Event #9: Cloud Storage Policy

    Purpose of Policy

    • Role of Policy
    • Establishing Acceptable Bounds for Behavior
    • Empowering Employees to Do the Right Thing
    • How Policy Protects People, Organizations, and Information

    Develop Policy

    • Language of Policy
    • Policy Structure
    • Policy and Culture
    • Define Requirements

    Managing Policy

    • Approve, Socialize, and Measure Policy

    Assess Policy and Procedure

    • Using the SMART Approach
    • Policy Review and Assessment Process
  • Overview

    This course section will teach the critical skills you need to lead, motivate, and inspire your teams to achieve your organization's goals. By establishing a minimum standard for the knowledge, skills, and abilities required to develop leadership, you will understand how to motivate employees and develop from a manager into a leader.

    • Lab 4.1: Management and Leadership
    • Lab 4.2: Performance Review
    • Lab 4.3: Delegation
    • Cyber42 Round 3 Event #10: The First Team Meeting
    • Cyber42 Round 3 Event #11: Strategic Communications
    • Cyber42 Round 3 Event #12: Employee Interactions

    Why Choose Leadership

    • Understanding Leadership
    • Leadership Building Blocks

    Leadership Essentials

    • Building Trust
    • Servant Leadership

    Effective Communications

    • Communication Process
    • Active Listening
    • Providing Feedback
    • Challenging Conversations

    Build Effective Teams

    • Creating and Leading Teams
    • Learning to Delegate
    • Coaching, Mentoring, and Sponsorship

    Leading Change

    • Psychology of Change
    • Organizational Change
  • Overview

    Using case studies, students will work through real-world scenarios by applying the skills and knowledge learned throughout the course. The case studies are taken directly from Harvard Business School, which pioneered the case study method. The case studies focus specifically on information security management and leadership competencies. The Strategic Planning Workshop serves as a capstone exercise for the course, enabling students to synthesize and apply concepts, management tools, and methodologies learned in class.

    • Case Study Analysis #1
    • Case Study Analysis #2
    • Case Study Analysis #3
    • Case Study Analysis #4
    • Cyber42 Round 4 Event #13: Attack Aftermath
    • Cyber42 Round 4 Event #14: Merger Due Diligence
    • Cyber42 Round 4 Event #15: Executive Presentation

    Case study topics include:

    • Creating a Presentation for the CEO
    • Briefing the Board of Directors
    • Creating a Strategic Plan
    • Understanding Business Priorities
    • Enabling Business Innovation
    • Effective Communication
    • Stakeholder Management

GIAC Strategic Planning, Policy, and Leadership

The GIAC Strategic Planning, Policy, and Leadership (GSTRT) certification validates a practitioner's understanding of developing and maintaining cyber security programs as well as proven business analysis, strategic planning, and management tools. GSTRT certification holders have demonstrated their knowledge of building and managing cyber security programs with an eye towards meeting the needs of the business, board members, and executives.

  • Business and Threat Analysis
  • Security Programs and Security Policy
  • Effective Leadership and Communications
More Certification Details


  • A strong desire to grow as a leader
  • A strong desire to develop strategic plans that resonate with IT and other business leaders
  • Willingness to participate in group exercises and team discussions

Laptop Requirements

Important! Bring your own system configured according to these instructions.

A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will not be able to fully participate in hands-on exercises in your course. Therefore, please arrive with a system meeting all of the specified requirements.

Back up your system before class. Better yet, use a system without any sensitive/critical data. SANS is not responsible for your system or data.

  • Wireless networking (802.11 standard) is required. There is no wired Internet access in the classroom.
  • A laptop or mobile device with the latest web browser is required to play the Cyber42 leadership simulation game.
  • The Cyber42 game used in this course is hosted in the cloud. Students must have a computer that does not restrict access to the ranges.io web site. Corporate machines may have a VPN, intercepting proxy, or egress firewall filter that causes connection issues communicating with certain web sites. Students must be able to configure or disable these services to access the Cyber42 game.

If you have additional questions about the laptop specifications, please contact support.

Author Statement

"This is the course I wish I had taken when I first started my career. You don't have to wait until you are in a management position to focus on your strategic planning, management, and leadership skills. Have you ever found yourself in a situation where you thought, 'Something I'm doing isn't working'? This course will set you on the path to address that concern. It's commonly stated that to succeed as a modern security leader you need to understand and align with the business to support the organization's mission. But what does that actually mean in practice? Instead of trying to get there on your own, join us to learn practical tools and lessons that have worked for countless other leaders, security officers, and CISOs." - Frank Kim

"Frank Kim is an awesome instructor! His teaching style is great and his grasp on the course material, live examples and ability to bring people together is exceptional!!" - Arvin Bansal, Amerisource Bergen


The content is a great addendum to my MBA. The course is a good primer for leading a security organization and provides tools necessary to better understand strategic/operational level of thinking.
Phillip Addison
The Hershey Company
Content continues to be relevant and seems largely agnostic to different strategies rather than teaching a single way of leading.
Jackie Wilson
The course is excellent. It is one of the best classes I have taken to date.
Stephane Denis
I don’t think words can portray how valuable this course has been and will be for my imminent career.
Ben Sweet
I don't think words can portray how valuable this course has been and will be for my imminent career.
Ben Sweet
SANS provides the absolute best training material. I'm ready to roll up my sleeves and implement what I've learned, which was challenging and really made me rethink how I approach leadership and security strategy.
Michael Jacobs
The course is one of the best classes I have taken to date. The content and labs are very well thought out and help hone in the skills you learned in class or those you've developed over the course of your career.
Stephane Denis
SANS provides the absolute best training material. I'm ready to roll up my sleeves and implement what I’ve learned this week, which was challenging and made me think how I approach leadership and security strategy.
Michael Jacobs

    Register for LDR514

    Learn about Group Pricing

    Prices below exclude applicable taxes and shipping costs. If applicable, these will be shown on the last page of checkout.