Cybersecurity training has a dirty secret: finishing the course and being able to do the job are two very different things. SANS Institute’s newest regional programme is a bet that the gap can be closed with time rather than content.
The training and certification body today launched the Falcon 180 Mission, an initiative aimed at security professionals in the UAE, Qatar, Oman, Türkiye and across Africa. It folds three things SANS already sells into one structured pathway: 180 days of access to the OnDemand course library, a GIAC certification attempt, and flexible participation in SANS live training events held across those regions.
The pitch is speed to competence. Rather than sitting a course, walking away, and hoping the material sticks until an incident tests it, practitioners get half a year to work through material at their own pace, sit the certification when ready, and drop into in-person events along the way. SANS frames it as “a faster route from training to applied, job-ready skill.”
Why the region, and why now
The geography is not accidental. The Gulf states have spent the past several years standing up national cyber authorities, mandatory reporting regimes and critical-infrastructure rules faster than they have been able to staff them. Certifications like GIAC are frequently written into procurement requirements and job specs, which means the bottleneck is often not budget but bodies who hold the paper.
Bundling Africa and Türkiye into the same programme is the more interesting move. Both are markets where SANS has a thinner physical footprint than it does in Dubai or Riyadh, and where a six-month on-demand window plus optional travel to a regional event is a far easier sell than flying staff to a week-long course.
Ned Baltagi, SANS Institute’s managing director for the Middle East, Türkiye and Africa, is fronting the launch.
The catch
Strip away the framing and Falcon 180 is a repackaging exercise. OnDemand access, GIAC vouchers and event seats are all existing SANS products; what is new is the wrapper and the 180-day clock. SANS has not disclosed pricing, nor how the programme compares on cost to buying the components separately — which is the number any security manager will want before signing off.
There is also the perennial question of whether a certification actually predicts performance under pressure. It is a question the industry has argued about for two decades, and a six-month bundle does not settle it. What the format does address, credibly, is the drop-off between learning something and using it — and in a region hiring faster than it can train, that alone may be enough.
