The NIST Cybersecurity Framework was released in 2014 and is gaining widespread use by organisations across the globe. The continuous improvement lifecycle assists organisations to use a tiered, risk-based approach when safeguarding their most critical assets, before, during and after a potentially disruptive cybersecurity incident.
ALC’s 5-day NIST Cybersecurity Framework Practitioner (NFP) course is designed for information security professionals who wish to gain an understanding of the NIST Cybersecurity Framework and its application. The course immerses participants in all aspects of the theory behind the framework, but applies a regional flavour on how the framework can be applied to an Australian or New Zealand context through the use of a case study. Each section has been designed to introduce the NIST view, then expand on this with more detailed and practical information, before making use of a case study to practically apply the knowledge learnt.
There are no pre-requisites to attend, however, to gain the most from the course, it is advisable that delegates have had at least one year in an information security or cyber security role.
Learning outcomes
The key objective is for each participant to complete the course and immediately be able to apply the NIST Cybersecurity Framework in their own work context:
- NIST Cybersecurity Framework Overview
- Identify Function
- Protect Function
- Detect Function
- Respond Function
- Recover Function
- Informative References
- Practical Workshop
- Mock Exam
- Final Exam
The course approach has been designed to blend the introduction of a topic via theory and practical exercises, designed to maximise understanding and retention. Strong use is made of a case study throughout the week’s training. Exercises include:
- Develop an asset register
- Identify threats, determine risks, and make recommendations
- Evaluate service provider models, contrasting risks and opportunities
- Discuss risks associated with storing data in the cloud
- Select security architecture design principles
- Create a data classification scheme and use this for managing risks with cloud solutions
- Define security zones and a security architecture model
- Identify and discuss the advantages and disadvantages of different encryption technologies
- List and prioritise business-critical operations for business continuity
- Evaluate the benefits of an in-house incident response capability versus using a managed service model
Who should attend
The course is designed for individuals with at least one year’s experience in any of the following:
- Information Technology
- Information Security
- Cyber Security
- Other professionals familiar with information security fundamentals
Course contents
DAY ONE
1. NIST Cybersecurity Framework Overview
- Framework Overview
- Informative References Overview
- Core Functions & Categories
- Implementation Tiers
- Framework Profile
- Establishing or improving a cybersecurity program
Introduction to the Case Study
2. Identify Function
- Asset Management
- Business Environment
- Governance
- Risk Assessment
- Risk Management Strategy
- Supply Chain Risk Management
Case Study Exercise 1 – Apply the concepts learnt in the Identify Function
DAY TWO
3. Protect Function
- Identity Management, Authentication and Access Control
- Awareness and Training
- Data Security
- Information Protection Processes and Procedures
- Maintenance
- Protective Technology
Case Study Exercise 2 – Apply the concepts learnt in the Protect Function
4. Detect Function
- Anomalies and Events
- Security Continuous Monitoring
- Detection Processes
Case Study Exercise 3 – Apply the concepts learnt in the Detect Function
DAY THREE
5. Respond Function
- Response Planning
- Communications
- Analysis
- Mitigation
- Improvements
Case Study Exercise 4 – Apply the concepts learnt in the Respond Function
6. Recover Function
- Recovery Planning
- Improvements
- Communications
Case Study Exercise 5 – Apply the concepts learnt in the Recover Function
DAY FOUR
7. Case Study
- Practical Workshop
- As a group, select an appropriate workshop
- Systematically work through the steps in the framework
- Select informative references from ISO27002, PCI DSS, ISM or other resources
- Last hour of the day
- Each group to present their respective report
- Issue mock exam for delegates to practice overnight
Day Five
8. Review and Exam
- Mock exam – instructor will go through the mock exam with delegates and explain each question and answer
- This will be followed by a review and summary session
- Final Exam (2 hours)
Course fees
Fees per person
NIST Cybersecurity Framework Practitioner (5 days)
- $3450 + gst
**10% Discount for AISA members.
You must quote your membership number in the comments section and select the Pay By Invoice option during the online registration process.
Course fees include:
- High Quality Course presentation
- ALC comprehensive course workbook
- Certificate exam at end of Day 5
Live Virtual Training – Participants will sit the exam online during the course. The exams are invigilated live by the ALC trainer and supporting staff. The online exam is run via the exam portal Test Invite and accessed via a web browser.
Face-to-Face Training – Participants will be provided with a paper-based exam which is completed whilst at the course in the same venue of the course itself.
Exam Format
The exam is two hours in duration using multiple choice questions and answers. In order to achieve a pass, delegates must attain a score of at least 65%.
Course Recognition
Upon successful completion of the final exam and attendance of the course, delegates will be issued with an ALC branded certificate, a statement of Professional Development hours and an invitation to accept an online digital badge for your LinkedIn profile. View more about the digital badge here.