GRC Training Options - Training for a Governance, Risk, and Compliance (GRC) Career in Cybersecurity

Ken Underhill - Cybersecurity Training
19 Jan 202406:57

Summary

TLDRThe video discusses GRC (Governance, Risk, and Compliance) training options for those interested in entering the field. It highlights a training bundle from EC-Council covering security risk management and frameworks like NIST RMF. The speaker emphasizes the importance of connecting theoretical knowledge to real-world scenarios by creating case studies based on actual companies' challenges. He also mentions another GRC masterclass and offers advice on showcasing skills on LinkedIn and in interviews. The video provides affiliate links for discounted training but encourages using free resources if on a budget.

Takeaways

  • 📚 GRC (Governance, Risk, and Compliance) is a popular career field, and many viewers are interested in related training.
  • 📖 Jerry's GRC Masterclass is recommended, and it might still be available for free or at a nominal fee.
  • 💼 EC Council offers training on security risk management, including three courses covering the fundamentals of risk management, auditing, and frameworks like NIST RMF.
  • 🔗 The speaker advises using training to learn fundamentals and then applying this knowledge to real-world scenarios, such as analyzing case studies from companies.
  • 💡 Building your own case studies from company examples can demonstrate practical knowledge and help with job applications, especially on platforms like LinkedIn.
  • 💻 Practical application of training is key for getting noticed by hiring managers, who are more impressed by those who can 'connect the dots' between training and real-world use cases.
  • 📊 Certifications and degrees are helpful, but connecting theoretical knowledge to practical experience can make a candidate stand out even more.
  • 🎯 The speaker emphasizes that many job listings are automated or fake, so it's important to focus on building skills and showcasing them instead of mass job applications.
  • 💼 The speaker is an EC Council affiliate, and any purchases through their links offer a discount, typically around $79 (compared to $200), though prices may vary by region.
  • 🤝 The speaker uses affiliate income to support community initiatives like providing scholarships and sending people to conferences, rather than for personal luxury.

Q & A

  • What is the primary focus of the video?

    -The video focuses on GRC (Governance, Risk, and Compliance) training opportunities for individuals seeking to enter the GRC field, including courses and strategies to enhance job prospects.

  • What training does the speaker recommend for learning GRC fundamentals?

    -The speaker recommends a bundle of three courses from EC Council that cover the fundamentals of security risk management, auditing, and the application of frameworks like NIST RMF. Additionally, they mention Jerry aer's GRC master class as another useful resource.

  • What advice does the speaker give for applying the knowledge from GRC training?

    -The speaker suggests applying the knowledge gained from GRC training to real-world scenarios by studying case studies of companies you want to work for, creating hypothetical solutions for their challenges, and sharing this work on platforms like LinkedIn.

  • Why does the speaker emphasize 'connecting the dots' in the job application process?

    -The speaker believes that being able to apply learned knowledge to real-world situations and demonstrating this understanding to potential employers is crucial. They argue that connecting theoretical knowledge to practical scenarios is often more valuable than having numerous certifications or degrees.

  • What is the benefit of using the speaker’s affiliate link for the EC Council training?

    -Using the speaker’s affiliate link provides a discount on the EC Council training, reducing the price from around $200 to $79 for U.S. customers. The speaker also mentions that the earnings from the affiliate link help fund scholarships and other opportunities for the community.

  • How does the speaker suggest showcasing the knowledge gained from GRC training?

    -The speaker recommends showcasing knowledge by creating case studies, applying the learning to real or hypothetical company scenarios, and then sharing these examples on social media platforms, especially LinkedIn, to attract the attention of hiring managers.

  • What is the significance of case studies according to the speaker?

    -Case studies are significant because they provide real-world examples of how companies solve security challenges. The speaker advises using these to demonstrate the application of learned concepts and to help connect theoretical knowledge to practical, real-world problems.

  • What alternative does the speaker offer for those who may not have the budget for paid courses?

    -For those who cannot afford paid courses, the speaker suggests utilizing free content like YouTube videos to learn GRC fundamentals and then applying this knowledge in the same way as with paid courses—by creating case studies and demonstrating practical understanding.

  • What does the speaker say about the job market and hiring process in cybersecurity?

    -The speaker highlights that many job listings are not real (referred to as 'fake jobs') and emphasizes that showcasing practical knowledge and the ability to connect concepts to real-world applications is more effective in getting interviews than blindly applying to numerous jobs.

  • Why does the speaker recommend fixing your LinkedIn profile?

    -The speaker advises fixing your LinkedIn profile to better showcase your skills, knowledge, and ability to apply GRC concepts. A well-optimized LinkedIn profile can help make a strong impression on hiring managers and improve the chances of landing interviews.

Outlines

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Mindmap

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Keywords

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Highlights

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Transcripts

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now
Rate This

5.0 / 5 (0 votes)

Related Tags
GRC trainingCybersecurityRisk managementEthical hackingCareer tipsEC CouncilJob preparationCertificationsLinkedIn profileCase studies