As specialists in cyber security recruitment - we are often asked about reputable and recognised professional development courses, standards and certifications that can be undertaken to progress in your cyber sec career. Although there are many, one such organisation that has come up time and time again is the SABSA Institute. We’ve had many candidates and clients partake in their training and have put together below an overview of their courses and benefits.
SABSA (Sherwood Applied Business Security Architecture) is an open-use methodology for building security architectures for organisations. Developed by John Sherwood in 1995, the framework has been seen many iterations since and is used all over the world in sectors such as banking, energy, communications, technology, manufacturing and government.
In their own words:
SABSA is a proven methodology for developing business-driven, risk and opportunity focused Security Architectures at both enterprise and solutions level that traceably support business objectives.
The main point of difference with SABSA is the focus on identifying and analysing business requirements ahead of building concept, design, and implementing a security strategy. The framework is also highly customisable and system agnostic, which allows it to be adapted to an organisation’s individual needs.
The SABSA Institute (based in the UK) is responsible for the continued development of the methodology, and manages accreditation for the professional architects who study and use it.
The SABSA certifications have been developed into three stages, Foundation, Advanced and Master Classes. These cover the following core career streams:
Advanced Risk, Assurance & Governance
Advanced Architectural Design
Advanced Architecture Programme Management
Advanced Incident, Monitoring & Investigations Architecture
Advanced Business Continuity & Crisis Management
The institute provides training for established cyber security professionals in many fields, including the below:
CIO / CISO / CRO / CIRO
IT Strategists and Planners
IT Development Managers and Project Leaders
Software Managers and Architects
Computer / Information Security Managers, Advisors, Consultants & Practitioners
IT Line Managers
IT Service Delivery Managers
Internal and External Auditors
Many past and current alumni of SABSA tout the benefits of their courses. Amongst them; having confidence and the skills to develop a comprehensive security architecture strategy unique to an organisation, and one that integrates with existing business infrastructure and IT management practices.
Bruce Large, Chair of the AISA SecARCH SIG, SCF SABSA Chartered Foundation, commented:
“I find SABSA is a business driven and practical application of system engineering tools to cyber security. It provides tools and concepts to provide robust, justified and traceable security solutions.
SABSA gives me a language to describe security solutions to fellow architects. It helps me think through and communicate abstract concepts in a clear and efficient manner.
"One of the strengths of SABSA education is how it ties to Bloom's taxonomy and rather than being a memory game it requires students certifying at the Practitioner level to demonstrate their knowledge by applying SABSA tools and concepts to real world security scenarios."
Cyber security as an industry is always evolving and as such so should your industry learning and skills (see our blog on the importance of up and cross-skilling here) . The SABSA certifications and courses like these are highly regarded for professional development when moving up through the ranks in your career. So whether you’re midway through your career or a CISO - they are definitely worth looking into.
For more information on the SABSA Institute and its certifications head to https://sabsa.org/.
If you’d like any more information about recruiting or retaining top cyber security talent, or if you’re looking for your next cyber security role, reach out to the Decipher Bureau team. With offices across Brisbane, Sydney, Melbourne and Canberra - and an experienced team around the world, we’d love to help you out.