materials for SANS's MGT514: Security Strategic Planning, Policy, and Leadership

aleksej

Wanted to take SANS mgt514 (GSTRT certificate). it's so expensive that  my company refused me to. Do you know of any other source of info to get similar knowledge at lower price? I prefer paper back book ...but anything would be of help.

My second choice would be an MGT551: Building and Leading Security Operations Centers. but the price here is about the same. this knowledge probably is easier to get elsewhere. but maybe some advices where to start to get whole picture?

regards

JDMurray

Maybe the pages for those SANS courses and GIAC certs will have a reference list of materials used to build those courses.

aleksej

got there once again. I suppose I will add SANS youtube channel to bookmarks. thanks. it didn't catch my attention earlier.

still, no list of materials.

SteveLavoie

Hi @aleksej, welcome to the group. 

I would suggest you to look at this class from Antisyphon. It has been founded a few years ago and most of their instructor are ex-SANS instructor. Their founder is John Strands famous for the GCIH course. 

Chris Brenton has written a class very similar to SANS MGT514 (but shorter, only 16h). I took this class last year and I really liked it. It is only 545$USD. It is online and in 4 chunk of 4h in the afternoon (12h-4PM EST)

https://www.antisyphontraining.com/security-leadership-and-management-w-chris-brenton/

The next class is in April. 

Another idea is an online program from University of Toronto Continuing education called "Cyber Security Management". It is a short non-credited program with only 3 course, the content is very much aligned toward the ISACA CISM course, but their intent is not to be a CISM bootcamp. It is relatively cheap (2K$ USD). I did the first 2 class and it is great. Internaltional student are permitted. 

https://learn.utoronto.ca/programs-courses/certificates/cyber-security-management

aleksej

SteveLavoie said:

Hi @aleksej, welcome to the group. 

Thanks. I've been here before, but in RO mode only. Succesfuly looking for recommendation which sec certs are worth the effort.

Antisyphon seems like for a manager. I would rather be an team leader or a strong influencing team player. SANS seems like addressing those needs better, putting emphases on "leadership". I will get this into consideration as the cost far more attractive than SANS.

toronto university course seems interesting. time consumming and expensive, but sure seems like a lot of knowledge. And it has the key words "program design", "IR". I believe those and also "polices" and "leadership" are those that I am looking  for.

I am a technical guy and for the next few years i plan to keep it that way. Rather thought about architect / blue team / SOC leader but maybe I should get what is within my reach. Thanks I will consider those 2 options.

UnixGuy

I did the course few months ago using the Work Study so perhaps look into that: https://www.sans.org/work-study-program/

I don't recommend spending money on the course, it's mainly leadership theories, I wrote a review a mini review: https://community.infosecinstitute.com/discussion/138472/passed-sans-giac-gstrt-mini-review

As was suggested above, look into CRISC/CISM, that's a cheaper alternative. There is countless free leadership material from universities online that you can study too

aleksej

thanks for all the answers. I believe I should look at CISM/CISP in 2 years or so. for now I want bo be an engineer with  leading skills not a manager. so maybe CASP from comptia. but it seems like I need to look for and put the puzzles together by myself. seems like a good suggestion to go for courses/university knowledge this year. It should save so much additional time on preparing for cert typical question

I believe I now know what to look for. Thanks.

UnixGuy

@aleksej if you want to be an engineer with leadership skill then GSTRT is definitely not the course you're looking for. CASP is a lot more aligned to what you're looking for.

What area of security engineering are you looking at? Some of the best engineers i met have zero certs, but they're absolute guns when it comes to implementing solutions, troubleshooting, etc. They all seem to have a genuine interest in the tools and practice/learn after work at home labs/cloud

aleksej

I also don't think certs are mandatory. I believe certs are a good mean to cover areas that you don't work with, but are important to understand.

I agree that to learn specyfic tool it's better to have your lab on one screen and google on 2nd. but it's no longer true if talking about soft and planing skills. So overall security is within my interests and also developing polices around SOC and making it work.

UnixGuy

@aleksej got ya. I know the course description of GSTRT have security policy development as part of the curriculum but i honestly didn't find it particularly great. They have some policy development tools, I mean they're nice to explore but I'm not 100% convinced.

I don't know of a cert that teaches this, but from experience, I learned this by being in SOCs, being a consultant, looking at previous examples of policies, learning from my (and others) mistakes and seeing what policies are practical and what end up not being used, etc etc.

I wish there was a single good course that teaches that. I found working for a consulting firm to be the quickest way to learn this

JDMurray

I'm in the SANS MGT551 course on-demand right now with the GSOM certification due out in a month or two. This course is just the ticket if you want to learn how to build out and manage a SOC in a very small to very large organization.

UnixGuy

@JDMurray Didn't know this course exists! Looks look a perfect for what the OP is looking for!

aleksej

JDMurray said:

I'm in the SANS MGT551 course on-demand right now

It has also drawn my attention. but as those are SANS courses the pricing is out of reach either for my company or my own packet. but maybe in the future? @JDMurray what's your opinion on this one?

JDMurray

I'll be writing a review of SANS MGT551 and the corresponding GSOM cert when I am finished with the course in March.

JDMurray

It looks like I passed the GIAC GSOM beta exam with a score of 74% (The minimum passing score is 66%.) My index was hastily put together, as I didn't have much time to go through the material, but it apparently was enough to net me the Analyst #61 spot for this cert. I'll write a review of the experience in a new discussion.

Aharrell

Congrats on your pass! I look forward to your review.  I just got the material this week.  I finished SOC Design and Operational Planning yesterday.

JDMurray

Aharrell said:

I just got the material this week.  I finished SOC Design and Operational Planning yesterday.

How are you doing in the coursework?