SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense, Artificial Intelligence
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
Cybersecurity Leadership Triads
Three structured learning paths focused on transformation, operational execution, and risk management, each built as a three-course curriculum to develop advanced cybersecurity leaders. Each pathway strengthens a critical dimension of leadership—building strategy and culture, driving consistent operational performance, or managing risk with business context.
Together, they develop well-rounded executives who can translate strategy into execution, prioritize what matters most, and align cybersecurity outcomes with business priorities.
Professionals who complete a Triad will have their name published on this page and receive a challenge coin recognizing their achievement.
Planning Her Path to CISO
Jeneé Saunders is the first SANS Cybersecurity Leadership professional to earn the Transformational and Operational Triads. Her goal is to become a CISO, and she found the Triads to be the perfect path for her to pursue.
Transformational Cybersecurity Leaders Triad
Build the context, strategy, and culture needed to align cybersecurity with business priorities and influence enterprise decisions.
- Slide 1 of 3
LDR512: Security Leadership Essentials for Managers
UPDATEDIntermediate LDR512Cybersecurity Leadership
- GIAC Security Leadership (GSLC)
- 5 Days (Instructor-Led)
- 30 CPEs / 30 Hours (Self-Paced)
- Labs: 25 Hands-On Labs
- Slide 2 of 3
LDR514: Security Strategic Planning, Policy, and Leadership
Advanced LDR514Cybersecurity Leadership
- GIAC Strategic Planning, Policy, and Leadership (GSTRT)
- 5 Days (Instructor-Led)
- 30 CPEs / 30 Hours (Self-Paced)
- Labs: 32 Hands-On Labs
- Slide 3 of 3
LDR521: Security Culture for Leaders
MAJOR UPDATESAdvanced LDR521Cybersecurity Leadership
- 5 Days (Instructor-Led)
- 30 CPEs / 30 Hours (Self-Paced)
- Labs: 22 Hands-On Labs
Transformational Leadership Outcomes
A Transformational Leader will be able to:
- Align cybersecurity strategy with business goals, risk tolerance, and growth objectives
- Translate technical risk into business impact and executive-level decisions
- Build and defend a multi-year security roadmap grounded in enterprise priorities
- Break down silos and improve cross-functional decision-making
- Establish governance structures that scale beyond individual expertise
- Embed security into organizational culture, incentives, and accountability
Operational Cybersecurity Executive Triad
Drive consistent security outcomes through disciplined control implementation, focused exposure management, and coordinated incident leadership.
- Slide 1 of 3
LDR516: Strategic Vulnerability and Threat Management
MAJOR UPDATESAdvanced LDR516Cybersecurity Leadership
- 5 Days (Instructor-Led)
- 30 CPEs / 30 Hours (Self-Paced)
- Labs: 21 Hands-On Labs
- Slide 2 of 3
LDR551: Building and Leading Security Operations Centers
Advanced LDR551Cybersecurity Leadership
- GIAC Security Operations Manager (GSOM)
- 5 Days (Instructor-Led)
- 30 CPEs / 30 Hours (Self-Paced)
- Labs: 19 Hands-On Labs
- Slide 3 of 3
SEC566: Implementing and Auditing CIS Controls
MAJOR UPDATESIntermediate SEC566Cybersecurity Leadership
- GIAC Critical Controls Certification (GCCC)
- 5 Days (Instructor-Led)
- 30 CPEs / 30 Hours (Self-Paced)
- Labs: 23 Hands-On Labs
Operational Leadership Outcomes
An Operational Leader will be able to:
- Implement and validate security controls with measurable effectiveness across the enterprise
- Prioritize vulnerabilities based on threat, impact, and business context
- Shift from vulnerability tracking to exposure management
- Establish consistent processes for control ownership, validation, and exception handling
- Lead and coordinate incident response under pressure with clear decision authority
- Build feedback loops that strengthen controls, detection, and response over time
Cyber Risk Officer Triad
Elevate cybersecurity into enterprise risk governance by formalizing risk decisions, strengthening accountability, and guiding executive action during uncertainty.
- Slide 1 of 3
LDR512: Security Leadership Essentials for Managers
UPDATEDIntermediate LDR512Cybersecurity Leadership- GIAC Security Leadership (GSLC)
- 5 Days (Instructor-Led)
- 30 CPEs / 30 Hours (Self-Paced)
- Labs: 25 Hands-On Labs
- Slide 2 of 3
LDR519: Cybersecurity Risk Management and Compliance
Advanced LDR519Cybersecurity Leadership
- 5 Days (Instructor-Led)
- 30 CPEs / 30 Hours (Self-Paced)
- Labs: 16 Hands-On Labs
- Slide 3 of 3
LDR553: Cyber Incident Management
Advanced LDR553Cybersecurity Leadership
- GIAC Cyber Incident Leader (GCIL)
- 5 Days (Instructor-Led)
- 30 CPEs / 30 Hours (Self-Paced)
- Labs: 28 Hands-On Labs
Cyber Risk Leadership Outcomes
A Cyber Risk Leader will be able to:
- Evaluate and communicate cyber risk in the context of enterprise impact and tradeoffs
- Build and maintain a defensible, audit-ready risk management and compliance program
- Define risk ownership, acceptance, and accountability across the organization
- Translate technical findings into clear, actionable risk decisions for executives and boards
- Guide leadership through high-stakes incident decisions with structured options and consequences
- Align cybersecurity risk with financial, operational, and regulatory priorities
.png?width=1920&quality=75&format=webp)