ISC2 Pre-Conference Trainings 2024This year’s ISC2 Security Congress proudly boasts the theme “Boldly Forward” which transcends into the pre-conference training opportunities. The available sessions’ overarching topics include cybersecurity leadership, securing your organization and certification training. Participants can engage in once-a-year opportunities like hands-on threat modeling, a tabletop exercise development workshop and more. These cyber trainings will take place on-site at Caesars Palace Las Vegas the weekend before cybersecurity’s premier event, Saturday and Sunday, October 12-13. Each workshop is expertly curated and led by a cybersecurity expert. Seasoned ISC2 educator Kevin Stoffel, CISSP will be facilitating Evaluating the Security Risks of Products and Services and recently discussed his 15 years of being an ISC2 instructor saying, “What I find as a highlight is the aha moments that I get from learners or students." We anticipate many an “aha” moment to come from this workshop where Kevin introduces an analytical technique to product managers, and other roles, to better determine security risks.

This year’s pre-conference workshops are shaping up to be some of the most impactful cybersecurity educational trainings available. Each one has limited capacity, and we anticipate seats will fill quickly.

Cybersecurity Leadership

Elevating Cyber Leaders - Effective cyber leadership goes beyond technical expertise, requiring the ability to align cyber initiatives with broader organizational goals, engage with stakeholders across departments, and articulate cybersecurity risks and priorities to executive leadership and the board of directors. This workshop will empower learners with the knowledge, tools and strategies necessary to effectively lead teams, drive innovation and contribute to organizational success. 

Securing Your Organization

Building Resilient Web Applications with Threat Modeling - Explore the latest industry-standard methodologies and best practices for threat modeling. Hands-on training and exercises will help you apply what you’ve learned to real-world scenarios. Whether you’re a security professional, developer, architect or IT manager, this course is a must for anyone looking to enhance their organization’s security posture.

Evaluating the Security Risks of Products and Services - Developmental product security and product end-user third-party risk management share common goals in addressing security risk. This workshop will introduce analytical techniques that can be used by product developers and acquirers to better determine the security risks associated with products and services.

Learn to Build and Conduct Tabletop Exercises - Tabletop exercises are a valuable tool for organizations to prepare for cyber/privacy incidents and ensure that their incident response plans and playbooks are effective. In this one-day workshop, attendees will learn the basics of planning, developing, conducting and evaluating tabletop exercises and gain hands-on experience in their creation and facilitation.

Securing AI: Cybersecurity Strategy - This advanced workshop will focus on embracing the power of AI while strategically managing risks. Learners will ensure their organization's AI practices are aligned with established risk management and emerging industry best practices. Attendees will learn to implement security across the AI lifecycle using secure-by-design and default principles.

Cybersecurity Certification

CISSP Essentials for Certification and Practice - Engage in a high-level overview of the eight domains of the CISSP certification exam outline and deepen your knowledge of information security in this fast-paced, two-day workshop. Dive into the current security landscape including problem resolution, application security, network security, infrastructure planning, legal considerations, international privacy, investigations, forensics and more.

CGRC® Essentials for Certification and Practice - In this two-day workshop, learners will discover the seven domains in the ISC2 CGRC certification exam outline and expand their understanding of security assessment and authorization. Dig into the most pertinent content to understand before taking the exam with topics including information security risk management programs, scope of the information system, selection, approval, implementation and assessment of controls and more.