materials for SANS's MGT514: Security Strategic Planning, Policy, and Leadership

aleksej · January 2022

Wanted to take SANS mgt514 (GSTRT certificate). it's so expensive that my company refused me to. Do you know of any other source of info to get similar knowledge at lower price? I prefer paper back book ...but anything would be of help.

My second choice would be an MGT551: Building and Leading Security Operations Centers. but the price here is about the same. this knowledge probably is easier to get elsewhere. but maybe some advices where to start to get whole picture?

regards

JDMurray · January 2022

Maybe the pages for those SANS courses and GIAC certs will have a reference list of materials used to build those courses.

aleksej · January 2022

got there once again. I suppose I will add SANS youtube channel to bookmarks. thanks. it didn't catch my attention earlier.

still, no list of materials.

SteveLavoie · January 2022

Hi @aleksej, welcome to the group.

I would suggest you to look at this class from Antisyphon. It has been founded a few years ago and most of their instructor are ex-SANS instructor. Their founder is John Strands famous for the GCIH course.

Chris Brenton has written a class very similar to SANS MGT514 (but shorter, only 16h). I took this class last year and I really liked it. It is only 545$USD. It is online and in 4 chunk of 4h in the afternoon (12h-4PM EST)

https://www.antisyphontraining.com/security-leadership-and-management-w-chris-brenton/

The next class is in April.

Another idea is an online program from University of Toronto Continuing education called "Cyber Security Management". It is a short non-credited program with only 3 course, the content is very much aligned toward the ISACA CISM course, but their intent is not to be a CISM bootcamp. It is relatively cheap (2K$ USD). I did the first 2 class and it is great. Internaltional student are permitted.

https://learn.utoronto.ca/programs-courses/certificates/cyber-security-management

aleksej · January 2022

SteveLavoie said:

Hi @aleksej, welcome to the group.

Thanks. I've been here before, but in RO mode only. Succesfuly looking for recommendation which sec certs are worth the effort.

Antisyphon seems like for a manager. I would rather be an team leader or a strong influencing team player. SANS seems like addressing those needs better, putting emphases on "leadership". I will get this into consideration as the cost far more attractive than SANS.

toronto university course seems interesting. time consumming and expensive, but sure seems like a lot of knowledge. And it has the key words "program design", "IR". I believe those and also "polices" and "leadership" are those that I am looking for.

I am a technical guy and for the next few years i plan to keep it that way. Rather thought about architect / blue team / SOC leader but maybe I should get what is within my reach. Thanks I will consider those 2 options.

UnixGuy · January 2022

I did the course few months ago using the Work Study so perhaps look into that: https://www.sans.org/work-study-program/

I don't recommend spending money on the course, it's mainly leadership theories, I wrote a review a mini review: https://community.infosecinstitute.com/discussion/138472/passed-sans-giac-gstrt-mini-review

As was suggested above, look into CRISC/CISM, that's a cheaper alternative. There is countless free leadership material from universities online that you can study too

aleksej · January 2022

thanks for all the answers. I believe I should look at CISM/CISP in 2 years or so. for now I want bo be an engineer with leading skills not a manager. so maybe CASP from comptia. but it seems like I need to look for and put the puzzles together by myself. seems like a good suggestion to go for courses/university knowledge this year. It should save so much additional time on preparing for cert typical question

I believe I now know what to look for. Thanks.

UnixGuy · January 2022

@aleksej if you want to be an engineer with leadership skill then GSTRT is definitely not the course you're looking for. CASP is a lot more aligned to what you're looking for.

What area of security engineering are you looking at? Some of the best engineers i met have zero certs, but they're absolute guns when it comes to implementing solutions, troubleshooting, etc. They all seem to have a genuine interest in the tools and practice/learn after work at home labs/cloud

aleksej · January 2022

I also don't think certs are mandatory. I believe certs are a good mean to cover areas that you don't work with, but are important to understand.

I agree that to learn specyfic tool it's better to have your lab on one screen and google on 2nd. but it's no longer true if talking about soft and planing skills. So overall security is within my interests and also developing polices around SOC and making it work.

UnixGuy · January 2022

@aleksej got ya. I know the course description of GSTRT have security policy development as part of the curriculum but i honestly didn't find it particularly great. They have some policy development tools, I mean they're nice to explore but I'm not 100% convinced.

I don't know of a cert that teaches this, but from experience, I learned this by being in SOCs, being a consultant, looking at previous examples of policies, learning from my (and others) mistakes and seeing what policies are practical and what end up not being used, etc etc.

I wish there was a single good course that teaches that. I found working for a consulting firm to be the quickest way to learn this

JDMurray · January 2022

I'm in the SANS MGT551 course on-demand right now with the GSOM certification due out in a month or two. This course is just the ticket if you want to learn how to build out and manage a SOC in a very small to very large organization.

UnixGuy · January 2022

@JDMurray Didn't know this course exists! Looks look a perfect for what the OP is looking for!

aleksej · January 2022

JDMurray said:

I'm in the SANS MGT551 course on-demand right now

It has also drawn my attention. but as those are SANS courses the pricing is out of reach either for my company or my own packet. but maybe in the future? @JDMurray what's your opinion on this one?

JDMurray · January 2022

I'll be writing a review of SANS MGT551 and the corresponding GSOM cert when I am finished with the course in March.

JDMurray · March 2022

It looks like I passed the GIAC GSOM beta exam with a score of 74% (The minimum passing score is 66%.) My index was hastily put together, as I didn't have much time to go through the material, but it apparently was enough to net me the Analyst #61 spot for this cert. I'll write a review of the experience in a new discussion.

Aharrell · March 2022

Congrats on your pass! I look forward to your review. I just got the material this week. I finished SOC Design and Operational Planning yesterday.

JDMurray · June 2022

Aharrell said:

I just got the material this week. I finished SOC Design and Operational Planning yesterday.

How are you doing in the coursework?

Growwithme · March 2023

Hello I am looking for GSTRT Training

SteveLavoie · March 2023

In most case, GIAC certs without the SANS class are not worth it. Their value derive from the class you took.

There are a few exception, like GSEC who is a basic certs and GCIH because there are some third party books.

E Double U · March 2023

Growwithme said:

Hello I am looking for GSTRT Training

Then look no further https://www.sans.org/cyber-security-courses/security-strategic-planning-policy-leadership/

SteveLavoie · March 2023

E Double U said:

Growwithme said:

Hello I am looking for GSTRT Training

Then look no further https://www.sans.org/cyber-security-courses/security-strategic-planning-policy-leadership/

Of course.. obvious

materials for SANS's MGT514: Security Strategic Planning, Policy, and Leadership

Answers