NIST Cybersecurity Framework (NCSF) Foundation Training

The program is targeted at IT and Business professionals who need a basic understanding of the NIST Cybersecurity Framework and its role within an organization.

The NIST Cybersecurity Framework (NCSF) Foundation Training 1-day course is designed for anyone in an organization who needs to understand the basics of cybersecurity, the components of the NIST CSF, and how the NIST CSF aligns to risk management. Security, IT, risk management, policy makers, and other business professionals who have responsibility for aspects of business or technical security can benefit from this course.

This course is a great fit for anyone with an interest in or responsibility for the survival of the business. This includes IT, C level personnel, compliance, legal, auditing, human resources, etc.

• One-day, high-level overview of threats and common risks.
• Introduces the three main components of the NIST Cybersecurity Framework: the Core, Implementation Tiers and Profiles.
• Outlines the Seven Step NIST CSF process that is used to analyze, plan, implement, monitor, and improve protection of critical assets.

Module 1 - Course Introduction

• Provides the student with information relative to the course and the conduct of the course in the classroom, virtual classroom, and course materials.

Module 2 - The Basics of Cybersecurity

• What is cybersecurity?
• Types of attackers
• Vulnerabilities
• Exploits
• Threats
• Controls
• Frameworks
• Risk-Based Cybersecurity

Module 3 - A Holistic Study of the NIST Cybersecurity Framework

• History
  • EO 13636
  • Cybersecurity Enhancement Act of 2014
  • EO 13800
• Uses and Benefits of the Framework
• Attributes of the Framework
• Framework Component Introduction
  • Framework Core
  • Framework Profiles
  • Framework Implementation Tiers

Module 4 - Cybersecurity Activities: The Framework Core

• Purpose of the Core
• Core Functions, Categories, and Subcategories
• Informative References

Module 5 - Risk Management Considerations: Framework Implementation Tiers

• Purpose of the Tiers
• The Four Tiers
• Components of the Tiers
• Compare and contrast the NIST Cybersecurity Framework with the NIST Risk Management Framework

Module 6 - Current and Desired Outcomes: Framework Profiles

• Purpose of the Profiles
• The Two Profiles
• Interrelationships between the Framework Components

Module 7 - A Primer on the Seven Step Framework Implementation Process

• Prioritize and Scope
• Orient
• Create a Current Profile
• Conduct a Risk Assessment
• Create a Target Profile
• Determine, Analyze, and Prioritize Gaps
• Implement Action Plan

There are no prerequisites for this course. Basic computing skills and security knowledge will be helpful.

The one-day LRS NIST Cybersecurity Foundation course is designed for anyone in an organization who needs to understand the basics of cybersecurity, the components of the NIST CSF, and how the NIST CSF aligns to risk management. Security, IT, risk management, policy makers, and other business professionals who have responsibility for aspects of business or technical security can benefit from this course.