Management Strategies for IT Department

Management Strategies for IT Department

 

Date & Location: (08-12/Jan) Hong Kong – ( 16-20/Apr)  Amman – ( 03-07/Sep)  Istanbul – ( 26-30/Nov) Kuala Lumpur


Register Now

Course Overview

Introduction:
This course teaches security professionals how to navigate this new world of security by developing strategic plans, creating effective information security policy, and developing management and leadership skills.

 

Program Objectives:

  • Develop security strategic plans that incorporate business and organizational drivers
  • Develop and assess information security policy
  • Use management and leadership techniques to motivate and inspire your teams

 

Who Should Attend?

  • CISOs
  • Information Security Officers
  • Security Directors
  • Security Managers
  • Aspiring Security Leaders
  • Other Security Personnel Who Have Team Lead or Management Responsibilities

 

Program Outline:

 

Day 1: Strategic Planning Foundations
Topics
  • Vision and Mission Statements
    • What they tell you about the organization
    • Developing a security team mission statement that aligns with organizational goals
  • Stakeholder Management
    • Learn to identify, understand, and manage stakeholders in order to make the security team more successful
  • PEST Analysis
    • Identify market forces that drive the business in order to better understand business goals
  • Porter’s Five Forces
    • Understand how business leaders develop strategy
    • Apply this analysis to security vendors so you can make more informed purchase decisions
  • Threat Actors
    • Understand attacker motivations and techniques
    • Review real-word attack scenarios
  • Asset Analysis
    • Understand assets that are most valuable to the business and are of interest to attackers
  • Threat Analysis
    • Learn how the intrusion kill chain and threat intelligence can inform strategic planning

 

Day 2: Strategic Roadmap Development
Topics
  • Historical Analysis
    • Analyze the past in order to understand the probable future
  • Values and Culture
    • Understand the values and culture of your organization in order to align security with the corporate culture and define acceptable working norms
  • SWOT Analysis
    • Understand current Strengths, Weaknesses, Opportunities, and Threats
  • Vision and Innovation
    • Sustaining versus disruptive innovation
    • Jobs To Be Done Theory
    • Learning to innovate with the business
    • How to provide value to stakeholders
  • Security Framework
    • NIST Cybersecurity Framework
    • Measuring maturity
  • Gap Analysis
    • Identifying what needs to be done
  • Roadmap Development
    • Identifying what should be done first
  • Business Case Development
    • Approaches to obtaining funding
  • Metrics and Dashboards
    • Developing effective metrics
  • Marketing and Executive Communications
    • Promoting the work of the security team

 

Day 3: Security Policy Development and Assessment
Topics
  • Purpose of Policy
    • Role of policy
    • Establishing acceptable bounds for behavior
    • Empowering employees to do the right thing
    • How policy protects people, organizations, and information
    • Relationship of mission statement to policy
  • Policy Gap Analysis
    • Policy versus procedure
    • Policy needs assessment
  • Policy Development
    • Governing policy
    • Issue-specific policy
    • Positive and negative tone
  • Policy Review
    • Using the SMART approach
    • Policy review and assessment process
  • Awareness and Training
    • Role of psychology in implementing policy
    • Organizational culture

 

Day 4: Leadership and Management Competencies
Topics
  • Leadership Building Blocks
  • Creating and Developing Teams
  • Coaching and Mentoring
  • Customer Service Focus
  • Conflict Resolution
  • Effective Communication
  • Leading through Change
  • Relationship Building
  • Motivation and Self-direction
  • Teamwork
  • Leadership Development

 

Day 5: Strategic Planning Workshop
Topics

Case study topics include:

  • Creating a Security Plan for the CEO
  • Understanding Business Priorities
  • Enabling Business Innovation
  • Working with BYODs
  • Effective Communication
  • Stakeholder Management