Benefits
This course is a great fit for anyone with an interest in or responsibility for the survival of the business. This includes IT, C level personnel, compliance, legal, auditing, human resources, etc.
Outline
MODULE 1: COURSE INTRODUCTION
Provides the student with information relative to the course, conduct of the course in the virtual classroom, and course materials.
MODULE 2: THE BASICS OF CYBERSECURITY
- What is cybersecurity?
- Types of attackers
- Vulnerabilities
- Exploits
- Threats
- Controls
- Frameworks
- Risk-Based Cybersecurity
MODULE 3: A HOLISTIC STUDY OF THE NIST CYBERSECURITY FRAMEWORK
- History
- EO 13636
- Cybersecurity Enhancement Act of 2014
- EO 13800
- Uses and Benefits of the Framework
- Attributes of the Framework
- Framework Component Introduction
- Framework Core
- Framework Profiles
- Framework Implementation Tiers
MODULE 4: CYBERSECURITY ACTIVITIES: THE FRAMEWORK CORE
- Purpose of the Core
- Core Functions, Categories, and Subcategories
- Informative References
MODULE 5: RISK MANAGEMENT CONSIDERATIONS: FRAMEWORK IMPLEMENTATION TIERS
- Purpose of the Tiers
- The Four Tiers
- Components of the Tiers
- Compare and contrast the NIST Cybersecurity Framework with the NIST Risk Management Framework
MODULE 6: CURRENT AND DESIRED OUTCOMES: FRAMEWORK PROFILES
- Purpose of the Profiles
- The Two Profiles
- Interrelationships between the Framework Components
MODULE 7: A PRIMER ON THE SEVEN STEP FRAMEWORK IMPLEMENTATION PROCESS
- Prioritize and Scope
- Orient
- Create a Current Profile
- Conduct a Risk Assessment
- Create a Target Profile
- Determine, Analyze, and Prioritize Gaps
- Implement Action Plan
Required Prerequisites
Basic computing skills and security knowledge will be helpful.
