Another significant element raised in the report is the evolution of computing power, particularly the use of powerful GPUs for AI. which is the focus of our LDR516 class on strategic vulnerability and threat management.
Finally, concerning external access risks, these are fundamentally identity-related issues. The prevailing consensus is that identity is the new perimeter. While many of our cloud courses cover identity components, we are launching a dedicated new class in 2026 called SEC559, which will specifically focus on identity security and corresponding threat defence.
How does SANS’ training in Security Architecture and DevSecOps integrate with Performance Reviews to strategically close proven skills gaps?
This highlights two indispensable components: architecture and DevSecOps. A central challenge, both regionally and globally, is the escalating complexity across the technology, business and threat landscapes. This necessitates that security teams design a comprehensive architecture capable of addressing this confluence of advanced factors. A prime example is the shift to the cloud: virtually every large organisation is multi-cloud, often by design or incidentally via acquisitions. Constructing this appropriately requires leveraging cloud-native capabilities.
This links directly to DevSecOps, which involves implementing automated pipelines and corresponding controls. We must adopt a strategic approach, viewing security from a defensible architecture and Zero Trust perspective.
For professionals seeking to build these specific competencies, relevant SANS training courses are available:
• The foundational principles of Defensible Architecture and Zero Trust are covered in SEC530
• Cloud Security Architecture is the focus of SEC549
• Cloud-Native Security, automation and DevOps are addressed by SEC540
Many organisations monitor regularly but under-resource response. How do SANS’ s incident response courses help teams translate basic monitoring data into rapid, effective containment and eradication?
Addressing the Security Operation Centre( SOC) is crucial. It is arguably the most challenging capability within any security programme, spanning the entire career ladder, from the junior analysts with eyes on glass right up to the executive leadership team. The difficulty lies not just in the technical aspects of detection and monitoring, but fundamentally in the human and communication elements.
To support this broad scope, we offer a spectrum of training:
• For the hands-on SOC analyst training, SEC450, covers skills for cyberdefence operations.
• More advanced technical skills, such as incident response, threat hunting and digital forensics, are addressed in SEC508.
However, effective monitoring requires more than technical capacity; it demands strategic leadership. Security officers and CSOs must understand how to build and operate a world-class SOC, a focus of the LDR551 course. Ultimately, successful incident management is a people problem. The LDR553 Cyber Incident Management class trains individuals to become effective incident commanders, who can decisively drive complex issues to a successful, co-ordinated resolution.
AI / ML and Cloud / Serverless create new security challenges. Looking ahead, which critical, non-traditional security domains should GCC organisations be investing in today?
Cloud is unequivocally the future trajectory for organisational infrastructure. However, this is inextricably linked to the rise of Artificial Intelligence( AI), encompassing both Generative and Agentic AI. Critically, the adversary is leveraging AI to significantly accelerate their malicious operations.
I highlight the cloud because it is the most common delivery platform for these AI services. The confluence of cloud and AI, especially the proliferation of autonomous agents, makes identity management an even more profound challenge. We are increasingly dealing with agents operating on our behalf, sometimes without our direct knowledge which drastically complicates the trust boundary from an identity perspective.
Another significant element raised in the report is the evolution of computing power, particularly the use of powerful GPUs for AI. More consequentially, Quantum Computing is now on the visible horizon. Its emergence will necessitate that security teams globally focus immediately on large-scale mitigations, such as implementing Post-Quantum Cryptography( PQC), to counter the imminent threat posed by a viable quantum computer.
40 WWW. INTELLIGENTCISO. COM