NIST Cybersecurity Framework Training

NIST Cybersecurity Framework Training: In February 2013, the President of the United States issued Executive Order (EO) 13636, “Improving Critical Infrastructure Cybersecurity.” In response to this mandate, the National Institute of Standards and Technology (NIST) was tasked with development of the Framework for Improving Critical Infrastructure Cybersecurity, more commonly known as the Cybersecurity Framework. Although it was designed specifically for companies that are part of the U.S. critical infrastructure, many other organizations in the private and public sectors, including federal agencies, are using the framework as a helpful tool in managing cybersecurity risks.

This NIST Cybersecurity Framework Training Workshop covers each of the three NIST Cybersecurity Framework components: the framework core, the framework implementation tiers and the framework profiles.

About the NIST Cybersecurity Framework

Executive Order (EO) 13636, “Improving Critical Infrastructure Cybersecurity,” was issued to “enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties.”

The order provided a mandate to establish a voluntary common framework for cybersecurity defense, now known as the NIST Cybersecurity Framework.

What's Included:

  • Three days of training with an expert instructor
  • Instructor-led walkthroughs and demonstrations
  • 100% Satisfaction Guarantee

NIST Cybersecurity Framework TrainingDuration: 3 days

  • We can adapt this NIST Cybersecurity Framework course to your group’s background and work requirements at little to no added cost.
  • If you are familiar with some aspects of this NIST Cybersecurity Framework course, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the NIST Cybersecurity Framework Course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the NIST Cybersecurity Framework course in manner understandable to lay audiences.

The target audience for this NIST Cybersecurity Framework course:

  • Targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSF) across an enterprise and its supply chain.

The knowledge and skills that a learner must have before attending this NIST Cybersecurity Framework course are:

  • N/A
NIST Cybersecurity Framework Training - OBJECTIVES

Upon completing this NIST Cybersecurity Framework course, learners will be able to meet these objectives:

  • Implement the NIST Cybersecurity Framework to identify, assess and manage cybersecurity risk
  • Identify connections between business drivers and cybersecurity activities
  • Determine activities that are most important to critical service delivery
  • Prioritize expenditures to maximize the impact of the investment
NIST Cybersecurity Framework Training - COURSE SYLLABUS

Day 1: Risk frameworks

  • Course introduction
  • Legal/governmental guidelines
    • Legislative
    • Regulatory

Day 2: CSF Components and Processes

  • NIST frameworks
    • RMF
    • CSF
  • CSF components
    • Profile
      • Current profile
      • Target profile
    • Core
      • Functions
      • Categories
      • Subcategories
      • Informative references
    • Implementation tiers
      • Tier 1: Partial
      • Tier 2: Risk informed
      • Tier 3: Repeatable
      • Tier 4: Adaptive
    • CSF processes (5 steps)
      • Identify

Day 3: CSF Processes and Implementation

  • CSF processes (cont.)
    • Protect
    • Defend
    • Respond
    • Recover
  • 7-step approach to establishing or improving a cybersecurity program
    • Step 1: Prioritize and scope
    • Step 2: Orient
    • Step 3: Create a current profile
    • Step 4: Conduct a risk assessment
    • Step 5: Create a target profile
    • Step 6: Determine, analyze and prioritize gaps
    • Step 7: Implement action plan
  • Links from CSF to security controls, COBIT 5 and ISO 27001
NIST Cybersecurity Framework Training Course Wrap-Up

Whether you are looking for general information or have a specific question, we want to help.
Request More Information

    Time frame: