NIST Cybersecurity Framework (NCSF) Boot Camp Training in Kettering

Enroll in or hire us to teach our NIST Cybersecurity Framework (NCSF) Boot Camp class in Kettering, Ohio by calling us @303.377.6176. Like all HSG classes, NIST Cybersecurity Framework (NCSF) Boot Camp may be offered either onsite or via instructor led virtual training. Consider looking at our public training schedule to see if it is scheduled: Public Training Classes
Provided there are enough attendees, NIST Cybersecurity Framework (NCSF) Boot Camp may be taught at one of our local training facilities.
We offer private customized training for groups of 3 or more attendees.

Course Description

 

The three-day NIST Cybersecurity Bootcamp course is a combination of the NIST Cybersecurity Framework (NCSF) Foundation and Practitioner Training courses. The bootcamp provides a deep dive into the components of the NIST CSF and NIST Risk Management Framework (RMF) and how they align to risk management. The course will follow the principles of the NIST Cybersecurity Framework to design and implement (or improve) a cybersecurity program to protect critical assets. The bootcamp details defense in depth, creation of a Written Information Security Program, and implementing ongoing assessments for a continuous improvement plan. This course is suited for individuals working with and overseeing the cybersecurity of an organization, including CIOs, CISOs, IT Security workforce, and IT Directors/Managers/Personnel.

Course Length: 3 Days
Course Tuition: $1290 (US)

Prerequisites

Basic computing skills and security knowledge will be helpful.

Course Outline

 
MODULE 1: COURSE INTRODUCTION
Provides the student with information relative to the course, conduct of the course in the virtual classroom, and course materials.
 
MODULE 2: THE BASICS OF CYBERSECURITY
What is cybersecurity?
Types of attackers
Vulnerabilities
Exploits
Threats
Controls
Frameworks
Risk-Based Cybersecurity
 
MODULE 3: A HOLISTIC STUDY OF THE NIST CYBERSECURITY FRAMEWORK
History
EO 13636
Cybersecurity Enhancement Act of 2014
EO 13800
Uses and Benefits of the Framework
Attributes of the Framework
Framework Component Introduction
Framework Core
Framework Profiles
Framework Implementation Tiers
 
MODULE 4: CYBERSECURITY ACTIVITIES: THE FRAMEWORK CORE
Purpose of the Core
Core Functions, Categories, and Subcategories
Informative References
 
MODULE 5: RISK MANAGEMENT CONSIDERATIONS: FRAMEWORK IMPLEMENTATION TIERS
Purpose of the Tiers
The Four Tiers
Components of the Tiers
Compare and contrast the NIST Cybersecurity Framework with the NIST Risk Management Framework
 
MODULE 6: CURRENT AND DESIRED OUTCOMES: FRAMEWORK PROFILES
Purpose of the Profiles
The Two Profiles
Interrelationships between the Framework Components
 
MODULE 7: A PRIMER ON THE SEVEN STEP FRAMEWORK IMPLEMENTATION PROCESS
Prioritize and Scope
Orient
Create a Current Profile
Conduct a Risk Assessment
Create a Target Profile
Determine, Analyze, and Prioritize Gaps
Implement the Action Plan
 
THE PRACTITIONER COURSE IS ORGANIZED AS FOLLOWS:
 
MODULE 1: COURSE INTRODUCTION
Provides the student with information relative to the course, conduct of the course in the virtual classroom, and course materials.
 
MODULE 2: APPLYING NIST CSF TIERS AND PROFILES
Review of the NIST CSF Major Components
Tiers and Tier selection
Current and Target Profiles and the Framework Core
 
MODULE 3: AN EXPLORATION OF INFORMATIVE REFERENCES
Defining the major Informative References
CIS Controls v8
ISO/IEC 27001:2013
NIST SP 800-53 Rev. 5
 
MODULE 4: RISK MANAGEMENT IN THE NIST CSF AND NIST RMF
Risk Management in the NIST Cybersecurity Framework
Analyzing the NIST Risk Management Framework
Introduction and History
Purpose, Design, and Characteristics
Seven Steps
Prepare
Categorize
Select
Implement
Assess
Authorize
Monitor
Integrating the Frameworks
 
MODULE 5: UNDERSTANDING AND DEFENDING AGAINST REAL WORLD ATTACKS
Major Cybersecurity Attacks and Breaches
MITRE ATT&CK Matrices
Defense in Depth and the NIST CSF
Security Operations Center (SOC) activities and Security Information and Event Management (SIEM) solutions in relation to the NIST CSF
 
MODULE 6: ASSESSING SECURITY IN THE SUBCATEGORIES
Creating an Assessment Plan
Assigning Roles and Responsibilities
Tiers, Threats, Risks, Likelihoods, and Impact
 
MODULE 7: CREATING A WRITTEN INFORMATION SECURITY PROGRAMS (WISP)
The Intersection of Business and Technical Controls
What is a Written Information Security Program (WISP)?
Creating a WISP Template
Aligning Current Profile with a WISP
 
MODULE 8: A PRACTITIONER’S DEEP DIVE INTO CREATING OR IMPROVING A CYBERSECURITY PROGRAM
Step 1: Prioritize and Scope
Identifying organizational priorities
Aiding and influencing strategic cybersecurity implementation decisions
Determining scope of the implementation
Planning for internal adaptation based on business line/process need
Understanding risk tolerance
Step 2: Orient
Identifying systems and applications which support organizational priorities
Working with compliance to determine regulatory and other obligations
Planning for risk responsibility
Step 3: Create a Current Profile
Cybersecurity Assessment options
How to measure real world in relation to the Framework
Qualitative and quantitative metrics
Current Profile and Implementation Tiers
Step 4: Conduct a Risk Assessment
Risk assessment options (3rd party vs internal)
Organizational vs. system level risk assessment
Risk assessment and external stakeholders
Step 5: Create a Target Profile
Target Profile and Steps 1-4
External stakeholder considerations
Adding Target Profiles outside the Subcategories
Step 6: Determine, Analyze, and Prioritize Gaps
Defining and determining Gaps
Gap analysis and required resources
Organizational factors in creating a prioritized action plan
Step 7: Implement the Action Plan
Implementation team design from Executives to Technical Practitioners
Assigning tasks when priorities conflict
Considering compliance and privacy obligations
Taking action
Reporting and reviewing
 
MODULE 9: CONTINUOUS CYBERSECURITY IMPROVEMENT
Creating a continuous improvement plan
Implementing ongoing assessments

Course Directory [training on all levels]

Upcoming Classes
Gain insight and ideas from students with different perspectives and experiences.

Interesting Reads Take a class with us and receive a book of your choosing for 50% off MSRP.