top of page

Building
Alliances

Mitigating Risk

Profiling

Risk

Decision

Influence

Security Consulting

Driving Resilience

Six Tiers.
One Mission.
Security Excellence.

Next Generation Security Practitioner is not just a training programme - It's  a transformational learning Arc.

 

NGSP courses mirror the real challenges security teams face - moving from identifying risk to influencing decisions, building alliances, and executing under pressure. Training that transforms practitioners from technical contributors into strategic operators who can read the landscape, align to the business, and lead with credibility.

Driving Capability - Not just knowledge

 

  • Building a stronger bridge between security and the business.

  • Turning data into decisions.

  • Increasing resilience not slowing progress.

  • Creating a culture where security is instinctive.

Not Theory -  An immersive practical experience

You’ll learn by doing  - live simulations that recreate the real-life security situations. No lectures. Just the tools, mindsets, and behaviours that better outcomes. All our courses will earn you 10 CPE hours.

Customise Your Programme

Six Tiers.
One Mission.
Security Excellence.

Turn your Strategy
Into action.
Customise your programme.

Drive Outcomes

Next Generation Security Practitioner (NGSP), is the most customisable and practical learning programme in the industry.

 

Designed to align your team around one strategic mission - to deliver better security outcomes for your organisation. To deliver, security excellence.

If you're a CISO or leader looking for real ROI from training investment, NGSP is the only fully customisable learning programme of its kind in the industry. 

  • Tackle Your Critical Gaps at Team-Level - Choose from up to 36 powerful learning units - covering business-critical areas of Security GRC, including simulation-based learning powered by AI, a comprehensive video-lesson library and tailored team-workshop activities

  • 'Build Your Own' - Select any combination of modules and focus only on what your team needs

  • Align to your strategy - Every private programme we build, is tailored to deliver your strategic security goals. It's more than just a training programme.

If you're a CISO or leader looking for real ROI from training investment, NGSP is the only fully customisable learning programme in the industry. Designed to deliver required security outcomes. By the end of an NGSP private programme, your team will:

  • Align and integrate security into the DNA of frontline operations - By understanding business goals, pressures and priorities better.

  • Increase the strength and longevity of security controls - By applying the THOR Lens - Technical, Human, Operational and Regulatory.

  • Improve the way they identify, capture, escalate and mitigate security risk - By applying the TVI-Q and FACTR unification methods.

  • Increase buy-in and ownership on the ground - Learning how to collaborate and negotiate-in security practices

  • Increase the strength of security across all frontline functions - By building stronger stakeholder alliances - not just in IT

  • Become internal consultants - Skilled in security problem-solving and solution-building through our PULSE consulting methodology

  • Become more joined up - By cross-leveraging GRC skills and disciplines, irrespective of specialism

  • Improve the quality and speed of day to day security operations - By learning to consistently review, reframe, rework and re-design stronger security practices

  • Make compliance a business-enabler - Learning how to remove barriers and achieve stronger adoption of compliance practices

  • Design stronger, better security processes and policies - Ones that increase the strength of the organisation’s security posture

  • Ensure security drives value not cost - By cutting out wasteful activities and maximising resource 

  • Build a strong communication bridge with leadership - Learning to communicate security in a language that business leaders understand

  • Mature your governance framework - Learning to streamline the way governance weaknesses are identified and align your governance model with the business environment

  • Leverage threaten intelligence - Learn to analyse data better, build attack vector profiles and decision briefs.

Mitigation fails when leaders don’t see the urgency or understand what the plan is trying to achieve. Security may know the right path but struggle to present a case that drives action.


Plans can be technical, fragmented or unclear. Without strong ownership and credible justification, decisions slow and exposure persists. Weak narratives create hesitation, delay and watered-down outcomes.


This course helps practitioners design clear mitigation strategies, communicate with authority and secure the commitment needed to reduce risk effectively.

A one-day deep-dive that helps you design credible mitigation plans, communicate risk with authority and drive ownership needed to reduce exposure effectively.

NGSP Tier 5
Mitigating Risk

Introduction

Learning Goals

Watch our video 
Introduction

Learning  Goals

Bridge the gap between best-intended security controls and real-world risk reduction.

​By the end of this course, you will be able to:

  1. Remove weaknesses in planning that cause mitigations to fail

  2. Build SMART controls that treat the main source of the risk

  3. Ensure mitigations are preventive, detective and corrective

  4. Apply the 80/20 rule to ownership and ensure controls are sustained

  5. Apply the FACTR method to secure buy-in and ownership

Learn about why Mitigating Risk matters and the key skills and capabilities covered by the course.

Presented by Matt Kent

CEO - GRC-X

4. Driving Ownership Through Engagement

How to communicate risk mitigation plans with controls owners and secure their buy-in.

Build in the Assurance Truth Test

How to prove your plan works by defining measurable evidence, success indicators and real-world tests before the plan is agreed.

The 80/20 Rule of Ownership

How to assign only the 20% that security should own and shift the remaining 80% to first-line teams through clear, practical ownership rules.

Build a PDC Controls Map

How to convert ideas into real controls using Prevent–Detect–Correct and eliminate actions that aren’t genuine mitigations.

Build Multi-Domain THOR Mitigations

How to design stronger mitigations by combining Technical, Human, Operational and Regulatory controls to avoid single-domain failure.

Craft a High Value Risk Statement

How to plan mitigation not guess it.

3. Building Risk Mitigation Plans

How to identify supporters, adversaries, conspirators, disciples and fence-sitters - and tailor your influence approach accordingly.

2. Risk Treatment

How to Treat, Transfer, Tolerate or Terminate risk.

1. Why Mitigation Matters

Where risk mitigation fails and the consequences associated with getting it wrong.

Immersive skills sessions accompanied by powerful simulation- based activities

Structured
Workshop Lessons

Lesson Plan

5. Securing Required Resource

How to ask for the required resources and build confidence in the mitigation plan to secure decision-maker commitment.

battle-cards.png

Battlecards &
Take-Aways

Get equipped with ready-to-go methodologies and tools that you can apply in real-life

Next Generation Security Practitioner blends video learning, live simulation and ready-to-use toolkits to create a fast, immersive learning arc. You won’t just hear ideas - you’ll test them under pressure, practise with realistic scenarios, and leave with methods you can apply immediately inside your organisation.

On-Demand
Video Learning

Powerful video lessons accompany the course to help introduce the core concepts and models covered

team.png

Team-based
Simulations

Learn experientially during the workshop on simulated activities that imitate real-life security challenges

The NGSP Experience

bottom of page