NIST Cybersecurity Framework (NCSF) Boot Camp Training

THE FOUNDATION COURSE IS ORGANIZED AS FOLLOWS:

Module 1: COURSE INTRODUCTION

Provides the student with information relative to the course and the conduct of the course in the classroom, virtual classroom, and course materials.

MODULE 2: THE BASICS OF CYBERSECURITY

What is cybersecurity?

Types of attackers

Vulnerabilities

Exploits

Threats

Controls

Frameworks

Risk-Based Cybersecurity

MODULE 3: A HOLISTIC STUDY OF THE NIST CYBERSECURITY FRAMEWORK

History

• EO 13636
• Cybersecurity Enhancement Act of 2014
• EO 13800

Uses and Benefits of the Framework

Attributes of the Framework

Framework Component Introduction

• Framework Core
• Framework Profiles
• Framework Implementation Tiers

MODULE 4: CYBERSECURITY ACTIVITIES: THE FRAMEWORK CORE

Purpose of the Core

Core Functions, Categories, and Subcategories

Informative References

MODULE 5: RISK MANAGEMENT CONSIDERATIONS: FRAMEWORK IMPLEMENTATION TIERS

Purpose of the Tiers

The Four Tiers

Components of the Tiers

Compare and contrast the NIST Cybersecurity Framework with the NIST Risk Management Framework

MODULE 6: CURRENT AND DESIRED OUTCOMES: FRAMEWORK PROFILES

Purpose of the Profiles

The Two Profiles

Interrelationships between the Framework Components

MODULE 7: A PRIMER ON THE SEVEN STEP FRAMEWORK IMPLEMENTATION PROCESS

Prioritize and Scope

Orient

Create a Current Profile

Conduct a Risk Assessment

Create a Target Profile

Determine, Analyze, and Prioritize Gaps

Implement Action Plan

THE PRACTITIONER COURSE IS ORGANIZED AS FOLLOWS:

MODULE 1: COURSE INTRODUCTION

Provides the student with information relative to the course and the conduct of the course in the classroom, virtual classroom, and course materials.

MODULE 2: APPLYING NIST CSF TIERS AND PROFILES

Review of the NIST CSF major components

Tiers and Tier Selection

Current and Target Profiles and the Framework Core

MODULE 3: AN EXPLORATION OF INFORMATIVE REFERENCES

Defining the major Informative References

CIS Controls v8

ISO/IEC 27001:2013

NIST SP 800-53 Rev. 5

MODULE 4: RISK MANAGEMENT IN THE NIST CSF AND NIST RMF

Risk Management in the NIST Cybersecurity Framework

Analyzing the NIST Risk Management Framework

• Introduction and History
• Purpose, Design, and Characteristics
• Seven Steps

Prepare

Categorize System

Select Controls

Implement Controls

Assess Controls

Authorize System

Monitor System and Controls

Integrating the Frameworks

MODULE 5: UNDERSTANDING AND DEFENDING AGAINST REAL WORLD ATTACKS

Major Cybersecurity Attacks and Breaches

MITRE ATT&CK Matrices

Defense in Depth and the NIST CSF

Security Operations Center (SOC) activities and Security Information and Event Management (SIEM) solutions in relation to the NIST CSF

MODULE 6: ASSESSING CYBERSECURITY IN THE SUBCATEGORIES

Creating an Assessment Plan

Assigning Roles and Responsibilities

Tiers, Threats, Risks, Likelihoods, and Impact

MODULE 7: CREATING A WRITTEN INFORMATION SECURITY PROGRAMS (WISP)

The Intersection of Business and Technical Controls

What is a Written Information Security Program (WISP)?

Creating a WISP Template

Aligning Current Profile with a WISP

MODULE 8: A PRACTITIONER’S DEEP DIVE INTO CREATING OR IMPROVING A CYBERSECURITY PROGRAM

Step 1: Prioritize and Scope

• Identifying organizational priorities
• Aiding and influencing strategic cybersecurity implementation decisions
• Determining scope of the implementation
• Planning for internal adaptation based on business line/process need
• Understanding risk tolerance

Step 2: Orient

• Identifying systems and applications which support organizational priorities
• Working with compliance to determine regulatory and other obligations
• Planning for risk responsibility

Step 3: Create a Current Profile

• Cybersecurity Assessment options
• How to measure real world in relation to the Framework
• Qualitative and quantitative metrics
• Current Profile and Implementation Tiers

Step 4: Conduct a Risk Assessment

• Risk assessment options (3rd party vs internal)
• Organizational vs. system level risk assessment
• Risk assessment and external stakeholders

Step 5: Create a Target Profile

• Target Profile and Steps 1-4
• External stakeholder considerations
• Adding Target Profiles outside the Subcategories

Step 6: Determine, Analyze, and Prioritize Gaps

• Defining and determining Gaps
• Gap analysis and required resources
• Organizational factors in creating a prioritized action plan

Step 7: Implement Action Plan

• Implementation team design from Executives to Technical Practitioners
• Assigning tasks when priorities conflict
• Considering compliance and privacy obligations
• Taking action
• Reporting and reviewing

MODULE 9: CONTINUOUS CYBERSECURITY IMPROVEMENT

Creating a continuous improvement plan

Implementing ongoing assessments

THE FOUNDATION COURSE IS ORGANIZED AS FOLLOWS:

Module 1: COURSE INTRODUCTION

Provides the student with information relative to the course and the conduct of the course in the classroom, virtual classroom, and course materials.

MODULE 2: THE BASICS OF CYBERSECURITY

What is cybersecurity?

Types of attackers

Vulnerabilities

Exploits

Threats

Controls

Frameworks

Risk-Based Cybersecurity

MODULE 3: A HOLISTIC STUDY OF THE NIST CYBERSECURITY FRAMEWORK

History

• EO 13636
• Cybersecurity Enhancement Act of 2014
• EO 13800

Uses and Benefits of the Framework

Attributes of the Framework

Framework Component Introduction

• Framework Core
• Framework Profiles
• Framework Implementation Tiers

MODULE 4: CYBERSECURITY ACTIVITIES: THE FRAMEWORK CORE

Purpose of the Core

Core Functions, Categories, and Subcategories

Informative References

MODULE 5: RISK MANAGEMENT CONSIDERATIONS: FRAMEWORK IMPLEMENTATION TIERS

Purpose of the Tiers

The Four Tiers

Components of the Tiers

Compare and contrast the NIST Cybersecurity Framework with the NIST Risk Management Framework

MODULE 6: CURRENT AND DESIRED OUTCOMES: FRAMEWORK PROFILES

Purpose of the Profiles

The Two Profiles

Interrelationships between the Framework Components

MODULE 7: A PRIMER ON THE SEVEN STEP FRAMEWORK IMPLEMENTATION PROCESS

Prioritize and Scope

Orient

Create a Current Profile

Conduct a Risk Assessment

Create a Target Profile

Determine, Analyze, and Prioritize Gaps

Implement Action Plan

THE PRACTITIONER COURSE IS ORGANIZED AS FOLLOWS:

MODULE 1: COURSE INTRODUCTION

Provides the student with information relative to the course and the conduct of the course in the classroom, virtual classroom, and course materials.

MODULE 2: APPLYING NIST CSF TIERS AND PROFILES

Review of the NIST CSF major components

Tiers and Tier Selection

Current and Target Profiles and the Framework Core

MODULE 3: AN EXPLORATION OF INFORMATIVE REFERENCES

Defining the major Informative References

CIS Controls v8

ISO/IEC 27001:2013

NIST SP 800-53 Rev. 5

MODULE 4: RISK MANAGEMENT IN THE NIST CSF AND NIST RMF

Risk Management in the NIST Cybersecurity Framework

Analyzing the NIST Risk Management Framework

• Introduction and History
• Purpose, Design, and Characteristics
• Seven Steps

Prepare

Categorize System

Select Controls

Implement Controls

Assess Controls

Authorize System

Monitor System and Controls

Integrating the Frameworks

MODULE 5: UNDERSTANDING AND DEFENDING AGAINST REAL WORLD ATTACKS

Major Cybersecurity Attacks and Breaches

MITRE ATT&CK Matrices

Defense in Depth and the NIST CSF

Security Operations Center (SOC) activities and Security Information and Event Management (SIEM) solutions in relation to the NIST CSF

MODULE 6: ASSESSING CYBERSECURITY IN THE SUBCATEGORIES

Creating an Assessment Plan

Assigning Roles and Responsibilities

Tiers, Threats, Risks, Likelihoods, and Impact

MODULE 7: CREATING A WRITTEN INFORMATION SECURITY PROGRAMS (WISP)

The Intersection of Business and Technical Controls

What is a Written Information Security Program (WISP)?

Creating a WISP Template

Aligning Current Profile with a WISP

MODULE 8: A PRACTITIONER’S DEEP DIVE INTO CREATING OR IMPROVING A CYBERSECURITY PROGRAM

Step 1: Prioritize and Scope

• Identifying organizational priorities
• Aiding and influencing strategic cybersecurity implementation decisions
• Determining scope of the implementation
• Planning for internal adaptation based on business line/process need
• Understanding risk tolerance

Step 2: Orient

• Identifying systems and applications which support organizational priorities
• Working with compliance to determine regulatory and other obligations
• Planning for risk responsibility

Step 3: Create a Current Profile

• Cybersecurity Assessment options
• How to measure real world in relation to the Framework
• Qualitative and quantitative metrics
• Current Profile and Implementation Tiers

Step 4: Conduct a Risk Assessment

• Risk assessment options (3rd party vs internal)
• Organizational vs. system level risk assessment
• Risk assessment and external stakeholders

Step 5: Create a Target Profile

• Target Profile and Steps 1-4
• External stakeholder considerations
• Adding Target Profiles outside the Subcategories

Step 6: Determine, Analyze, and Prioritize Gaps

• Defining and determining Gaps
• Gap analysis and required resources
• Organizational factors in creating a prioritized action plan

Step 7: Implement Action Plan

• Implementation team design from Executives to Technical Practitioners
• Assigning tasks when priorities conflict
• Considering compliance and privacy obligations
• Taking action
• Reporting and reviewing

MODULE 9: CONTINUOUS CYBERSECURITY IMPROVEMENT

Creating a continuous improvement plan

Implementing ongoing assessments