Graduate Certificate Programs: Cybersecurity Management

Designed for working information security professionals, the graduate certificate in Cybersecurity Management prepares you to build and execute strategic plans that resonate with business executives, create effective information security policy, design and deploy information security environments, and lead, inspire, and motivate cybersecurity teams.

Format Option: A 100% online option is available
Courses: 5
GIAC Certifications: 5
Credits: 15
Duration: 18-24 months
Total Program Cost: $28,500 USD


Strengthen Your Technical Knowledge and Skills

Gain practical skills you can immediately apply at your job or in a new infosec role.

  • Learn the latest cybersecurity tactics to protect your organization
  • Keep your skills current for career growth and advancement
  • Earn professional GIAC certifications as you complete the program
  • Train on your schedule, to balance work and school
  • Get personalized support from a student advisor 


The SANS.edu Advantage

Because cyber threats are constantly changing, our courses are continually updated for real-world relevance. But that's just the beginning.

GIAC Certifications

Earn 5 industry-recognized GIAC cybersecurity certifications.


100% Online Option Available

You have the option of completing the program through live or rewindable online courses.


World-class Faculty

Learn the latest skills and techniques from the world's top cybersecurity practitioners.


Pathway to a Master’s Degree

All credits earned in this program can transfer into our master’s degree program.


SANS.edu Academic Pricing

Get SANS.edu academic pricing on SANS courses and GIAC certifications.


Powerful Network

Make connections with some of the most talented students and teachers in the industry.

InfoSec professional attends SANS.edu info session

Join an Online Info Session for Graduate Cybersecurity Programs

  • Learn more about our cybersecurity master's degree and graduate certificate programs for working professionals. Have questions? We'll answer them. Tue, Dec 12, 1 pm (ET). Register here.

  • Get tips on crafting a strong application to our cybersecurity master’s degree program and information on the next steps in the admissions process. Tue, Dec 19, 12 pm (ET). Register here.

“I have my master's in computer science, but I completed three graduate certificate programs with SANS so I could truly dive deep into technical areas of cybersecurity and learn from instructors who are leading the industry.” - Jeff Sass, Director of Application Security, Adobe

Learn How To:

  • Manage the information security function in an enterprise in a way that takes into account the relationship between and responsibilities shared by the communities of interest, including the general business, information technology, and information security.
  • Apply a standards-based approach to risk management, including business impact analyses, cost-benefit analyses, and implementation methods that map to business needs/requirements.
  • Integrate enterprise security operations, including policy, strategic and continuity planning, implementation programs, and personnel into an operation that can effectively manage the security needs of an enterprise.
  • Articulate legal positions to meet ethical and business needs associated with the protection of information and privacy of an enterprise.
  • Devise and implement strategies for incident detection and response, including business continuity planning and disaster recovery planning (BCP/DRP), that are cost effective and meet the business needs of the enterprise.

Curriculum | 15 Credit Hours

In this hands-on program, you'll learn from some of the world's top cybersecurity experts, gaining hands-on technical and leadership experience you can apply immediately on the job. This is the curriculum order for this program.

Required Core Courses | 9 credit hours

  • SANS Course: MGT512: Leadership Essentials for Security Managers Training Course
    Certification: GIAC Security Leadership (GSLC)

    3 Credit Hours

    ISE 5001 uses case studies, group discussions, team-based exercises, in-class games, and a security leadership simulation to help you absorb both technical and management topics. Covering a wide range of security topics across the entire security stack, this course empowers you to become an effective security manager and get up to speed quickly on information security issues and terminology. Data, network, host, application, and user controls are examined in conjunction with key management topics that address the overall security lifecycle, including governance and technical controls focused on protecting, detecting, and responding to security issues.

    The course will prepare you to:

    • Make sense of different cybersecurity frameworks
    • Understand and analyze risk
    • Understand the pros and cons of different reporting relationships
    • Manage technical personnel
    • Build a vulnerability management program
    • Inject security into modern DevOps workflows
    • Strategically leverage a SIEM
    • Change behavior and build a security-aware culture
    • Effectively manage security projects
    • Enable modern security architectures and the cloud
  • SANS Course: SEC530: Defensible Security Architecture and Engineering: Implementing Zero Trust for the Hybrid Enterprise
    Certification: GIAC Defensible Security Architect Certification (GDSA)

    3 Credit Hours

    Effective security requires a balance between detection, prevention, and response capabilities. Defensible Security Architecture and Engineering is designed to help you establish and maintain a holistic and layered approach to security. You’ll explore the fundamentals of up-to-date defensible security architecture and how to engineer it, with a heavy focus on leveraging current infrastructure (and investment), including switches, routers, and firewalls. You’ll learn how to reconfigure these devices to significantly improve your organization’s prevention capabilities in the face of today's dynamic threat landscape. The course will also delve into the latest technologies and their capabilities, strengths, and weaknesses. Multiple hands-on labs will reinforce key points in the course and provide actionable skills you will be able to leverage immediately at work.

  • SANS Course: MGT514: Security Strategic Planning, Policy, and Leadership
    Certification: GIAC Strategic Planning, Policy, and Leadership (GSTRT)

    ISE 5650 covers the critical processes to be employed by technical leaders to develop the skills and techniques to select, train, equip, and develop a team into a single cohesive unit with defined roles that operate together in harmony toward team-objective accomplishment.

    Topics covered include:

    • Leadership development
    • Coaching and training
    • Employee involvement
    • Conflict resolution
    • Change management
    • Vision development
    • Motivation
    • Communication skills
    • Self-direction
    • Brainstorming techniques
    • Strategic planning and policy development
    • The 10 core leadership competencies

    *Both MGT 514 and SEC 405 must be taken in the OnDemand modality.

Elective Courses | 6 credit hours

Students select two of the following.

  • SANS Course: MGT525: Managing Cybersecurity Initiatives & Effective Communication
    Certification: GIAC Certified Project Manager (GCPM)

    3 Credit Hours

    In ISE 5800 you will learn how to improve your project planning methodology and project task scheduling to get the most out of your critical IT resources. The course utilizes project case studies that highlight information technology services as deliverables. ISE 5800 follows the basic project management structure from the PMP® Guide 5th edition and also provides specific techniques for success with information assurance initiatives. All aspects of IT project management are covered — from initiating and planning projects through managing cost, time, and quality while your project is active, to completing, closing, and documenting as your project finishes.

  • SANS Course: SEC566: Implementing and Auditing Security Frameworks and Controls
    Certification: GIAC Critical Controls Certification (GCCC)

    3 Credit Hours

    Cybersecurity attacks are increasing and evolving so rapidly that is more difficult than ever to prevent and defend against them. ISE 6001 will help you to ensure that your organization has an effective method in place to detect, thwart, and monitor external and internal threats to prevent security breaches. As threats evolve, an organization's security should too. Standards based implementation takes a prioritized, risk-based approach to security and shows you how standardized controls are the best way to block known attacks and mitigate damage from successful attacks.

  • SANS Course: SEC595: AI, Applied Data Science, and Machine Learning for Cybersecurity Professionals
    Certification: GIAC Machine Learning Engineer (GMLE)

    3 Credit Hours

    This course is squarely centered on solving information security problems. This course covers the necessary mathematics theory and fundamentals students absolutely must know to allow them to understand and apply the machine learning tools and techniques effectively. The course progressively introduces and applies various statistic, probabilistic, or mathematic tools (in their applied form), allowing you to leave with the ability to use those tools. The hands-on projects provide a broad base from which you can build your own machine learning solutions. This course teaches how AI tools like ChatGPT really work so that you can intelligently discuss their potential use by organizations and how to build effective solutions to solve real cybersecurity problems using machine learning and AI.

  • SANS Course: AUD507: Auditing Systems, Applications, and the Cloud
    Certification: GIAC Systems and Network Auditor Certification (GSNA)

    3 Credit Hours

    ISE 6715 is organized specifically to provide a risk driven method for tackling the enormous task of designing an enterprise security validation program. After covering a variety of high level audit issues and general audit best practice, students have the opportunity to dive deep into the technical how to for determining the key controls that can be used to provide a level of assurance to an organization. Tips on how to repeatably verify these controls and techniques for continuous monitoring and automatic compliance validation are given from real world examples.

  • SANS Course: LEG523: Law of Data Security and Investigations
    Certification: GIAC Law of Data Security & Investigations (GLEG)

    3 Credit Hours

    (Not available as an elective in the MSISM program)

    ISE 6720 introduces students to the new laws on privacy, e-discovery, and data security so students can bridge the gap between the legal department and the IT department. It also provides students with skills in the analysis and use of contracts, policies, and records management procedures.

Study with the best faculty in cybersecurity


Take Your Next Step

Need more information? We’re happy to answer your questions. Join us for an info session, email info@sans.edu or call 301.241.7665.

Ready to apply? We look forward to learning about you and your career goals.

“Earning a graduate certificate from SANS is what really accelerated my career. The technical skills I learned in the program have given me the confidence to successfully lead my team and prepare them for new challenges.” - David Cox, Manager, Cyber Threat Management, EY

“You get a lot of personal attention to get through the program because of the student advisors. They are the foundation of the SANS.edu experience.” - Christopher Hurless, Systems Engineer, Northwestern University in Qatar

Christopher Haller

SANS.edu Graduate Certificate Student Wins National Cyber League Championship

Christopher Haller beat out more than 6,000 competitors to earn the #1 individual player ranking in the Spring 2022 National Cyber League competition. See why he chose to pursue a graduate certificate at SANS.edu — and learn about his career path from the US Navy to his current role as Director of Professional Services at Centripetal Networks.

Course Delivery Options

Your mind has no borders. Why should your college? Our online and in-person course options are designed to fit your life and how you like to learn.

Join us for a free online info session to learn more.



Total program cost: $28,500 USD

Tuition includes the cost of the course, textbooks, and certification tests that serve as mid-term or final exams for courses.

Get the Credit You Deserve
Students who have taken SANS training classes and have active GIAC certifications may be able to waive one course and GIAC certification into the program. See our waiver policy.


Fund Your SANS.edu Program in Monthly Installments with No Interest

For students who are U.S. citizens or permanent residents — and don’t use employer education benefits or veterans’ education benefits to fund their SANS.edu program — we offer a Tuition Payment Program (TPP) that enables eligible you to spread out the cost of your program in monthly installments with no interest.


Finance your education, build new skills, and add value for your company — using your employer-sponsored education benefits.

If you want to get the best education in cybersecurity while you work, and your organization offers education benefits, let them help you take your next step. SANS.edu cybersecurity degree and certificate programs are designed for working professionals, and your employee benefits package may help cover the cost of pursing your goals.


We're happy to help. Email info@sans.edu or call 301.241.7665.

About the SANS Technology Institute

Founded in 2005, the SANS Technology Institute (SANS.edu) is the independent, regionally-accredited, VA-approved subsidiary of SANS, the world's largest and most trusted provider of cybersecurity training, certification, and research. Offering graduate and undergraduate programs at the cutting edge of cybersecurity, SANS.edu is strengthening the cyber workforce through a career-focused curriculum built on proven SANS courses and industry-recognized GIAC certifications.

The SANS Technology Institute is accredited by The Middle States Commission on Higher Education (1007 North Orange Street, 4th Floor, MB #166, Wilmington, DE 19801 - 267.284.5000), an institutional accrediting agency recognized by the U.S. Secretary of Education and the Council for Higher Education Accreditation.