This APMG accredited one day training program is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSP) across an enterprise and its supply chain. The NCSP Foundation training course outlines current cybersecurity challenges and explains how organizations who implement a NCSP program can mitigate these challenges.
Students who complete this class can:
- Register for the NCSP Foundation certification exam
- Earn 8 PDU's and 8 CEU's
The course is organized as follows:
Course Introduction – provides the student with information relative to the course and the conduct of the course in the classroom. The introduction also covers the nature and scope of the examination.
Doing Business in the Danger Zone – discusses the current state of cybersecurity in the context of today’s threat landscape and what organizations must do in order to ask and answer the question, “Are we secure?”Risk-based Approach – Risk management is the ongoing process of identifying, assessing, and responding to risk. To manage risk, organizations should understand the likelihood that an event will occur and the resulting impact. With this information, organizations can determine the acceptable level of risk for delivery of services and can express this as their risk tolerance.
The NIST Cybersecurity Framework Fundamentals – The Framework is a risk-based approach to managing cybersecurity risk, and is composed of three parts: the Framework Core, the Framework Implementation Tiers, and the Framework Profiles. Each Framework component reinforces the connection between business drivers and cybersecurity activities.
Core Functions, Categories & Subcategories – The Framework Core is a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors.
Implementation Tiers – Framework Implementation Tiers (“Tiers”) provide context on how an organization views cybersecurity risk and the processes in place to manage that risk. Tiers describe the degree to which an organization’s cybersecurity risk management practices exhibit the characteristics defined in the Framework (e.g., risk and threat aware, repeatable, and adaptive).Developing Framework Profiles – A Framework Profile (“Profile”) represents the outcomes based on business needs that an organization has selected from the Framework Categories and Subcategories.
Cybersecurity Controls Factory Model – This model, developed by provides an approach for organizations to operationalize the 20 Critical Security Controls within the NIST CSF
NIST CSF Cybersecurity Improvement – The NIST CSF also provides a 7-step approach for the implementation and improvement of their cybersecurity posture utilizing the NIST CSF.
The target audiences for the NCSP Foundation course are:
- IT, Cybersecurity and Digital Transformation Design & Implementation Engineers
- IT, Cybersecurity and Digital Transformation Technical Operations & Business Analysts
- IT, Cybersecurity and Digital Transformation Specialists including Pen Testers, Ethical Hackers, Software & – Application Developers, Auditors, and Investigators
The NCSP Foundation training course outlines current cybersecurity challenges and explains how organizations who implement a NCSP program can mitigate these challenges.
This course introduces the NIST Cybersecurity Framework (NIST CSF). The Framework is a risk-based approach to managing cybersecurity risk and is composed of three parts: Framework Core, Framework Implementation Tiers, and Framework Profiles. Each Framework component reinforces the connection between business drivers and cybersecurity activities.
This course discusses how an organization can use the Framework as a key part of its systematic process for identifying, assessing, and managing cybersecurity risk. The Framework is not designed to replace existing processes; an organization can use its current process and overlay it onto the Framework to determine gaps in its current cybersecurity risk approach and develop a roadmap to improvement. Utilizing the Framework as a cybersecurity risk management tool, an organization can determine activities that are most important to critical service delivery and prioritize expenditures to maximize the impact of the investment.
The class will include lectures, informative supplemental reference materials, quizzes, and tests. Outcomes and benefits from this class is a fundamental understanding of cybersecurity and the NIST CSF.