Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
NIST Cybersecurity Framework (NCSF) Practitioner Training
Alert MeDescription
NIST Cybersecurity Framework (NCSF) Practitioner Introduction
Welcome to the NIST Cybersecurity Framework (NCSF) Practitioner Training, a comprehensive course designed for professionals seeking to excel in the design and implementation of cybersecurity programs. This course is structured around the principles of the NIST Cybersecurity Framework, an industry-recognized guideline for managing and mitigating cybersecurity risk.
Our training will guide you through the intricacies of the framework, focusing on its practical application in a variety of organizational contexts.
Throughout this course, you will gain in-depth insights into the components of the NIST Cybersecurity Framework, including identifying, protecting, detecting, responding, and recovering from cyber threats. We emphasize a balanced approach that integrates technical aspects with essential elements of risk management and business controls.
You’ll learn how to analyze real-world cyber attack scenarios, develop robust defense strategies, and plan effective cybersecurity assessments. Moreover, the course will equip you with the skills to create and maintain Written Information Security Programs (WISPs), enabling you to spearhead cybersecurity program creation and continuous improvement initiatives in your organization.
Course Objectives
- Gain in-depth knowledge of the major components of the NIST CSF, including Tiers, Profiles, and the Framework Core.
- Explore informative references such as the Center for Internet Security Controls v8, ISO/IEC 27001:2013, ISO/IEC 27002:2013, and NIST SP 800-53 Rev. 5.
- Dive into risk management within the NIST CSF and analyze the NIST Risk Management Framework.
- Study real-world cyberattacks, the Cyber Kill Chain, and MITRE ATT&CK Matrices.
- Understand the concept of defense in depth and how it aligns with the NIST CSF.
- Learn about Zero Trust security principles.
- Align vendor controls with subcategories.
- Explore Security Operations Center (SOC) activities and their relation to the Framework.
Prerequisites
- To enroll in this course, individuals should have already completed the NIST Cybersecurity Framework (NCSF) Foundation Training course or possess substantial experience with the NIST Cybersecurity Framework.
Audience
This comprehensive two-day program is tailored for IT and business professionals who will actively participate in crafting, managing, and enhancing an NCSF program. This course is ideal for:
- IT Directors and Managers
- IT Security Personnel
- CIOs
- Anyone responsible for overseeing technology and security measures
NIST Cybersecurity Framework (NCSF) Practitioner Outline
Course Introduction
- Provides the student with information relative to the course and the conduct of the course in the classroom, virtual classroom, and course materials.
The Components of the NIST Cybersecurity Framework
- Review of the NIST CSF Major Components
- Tiers and Tier selection
- Current and Target Profiles and the Framework Core
- Informative References
- Center for Internet Security Controls v8
- ISO/IEC 27001:2013
- ISO/IEC 27002:2013
- NIST SP 800-53 Rev. 5
- Supply Chain Risk Management in the Enterprise
Risk Management in the NIST CSF and NIST RMF
- Risk Management in the NIST Cybersecurity Framework
- Analyzing the NIST Risk Management Framework
- Introduction and History
- Purpose and Use Cases
- Six Steps (Categorize System, Select Controls, Implement Controls, Assess Controls, Authorize System, Monitor Controls)
- Integrating the Frameworks
Real World Attacks
- Major Cybersecurity Attacks and Breaches
- Cyber Kill Chain
- MITRE ATT&CK Matrices
Defense in Depth and the NIST Cybersecurity Framework
- Defense in Depth and the NIST CSF
- Zero Trust
- Aligning vendor Controls with Subcategories
- Security Operations Center (SOC) activities and Security Information and Event Management solutions in relation to the Framework
Assessing Security in the Subcategories
- Creating an Assessment Plan
- Assigning Roles and Responsibilities
- Tiers, Threats, Risks, Likelihoods, and Impact
Creating a Written Information Security Programs (WISP)
- The Intersection of Business and Technical Controls
- What is a Written Information Security Program (WISP)?
- Creating a WISP Template
- Aligning Current Profile with a WISP
A Practitioner’s Deep Dive into Creating or Improving a Cybersecurity Program
- Steps 1 to 7 for creating or improving a cybersecurity program, detailing each step’s objectives and methods
Continuous Cybersecurity Improvement
- Creating a continuous improvement plan
- Implementing ongoing assessments
$2295.00
|
2 Days Course |