1 – Course Introduction
2 – Today’s Digital Economy
- What Cybersecurity is and why it’s Important
- Cybersecurity’s Impact on the Economy
- Basic Principle of Cybersecurity
- Critical Infrastructure, Vulnerabilities & Consequences
- What is PPD-21: Presidential Policy Directive and why it’s Important?
- The Cyber Kill Chain(CKC) & Basic Cybersecurity Principles
- What are Threats, Vulnerabilities & Assets?
- What is the Difference Between a Threat and a Vulnerability?
3 – Understanding Cyber Risks
- Understand and Explain the Terms: Risk, Asset, Vulnerability, Threat
- Determine Actions to Address Risk & Opportunities
- Establish Context
- Establish Criteria for Risk Assessment & Acceptance
- Risk
- Identify Action
- Analysis & Evaluation
- Treatment (Includes Avoidance, Modification, Sharing & Retention)
- Understand how to Capture, Document & Manage
- Risks
- Treatment Plans
4 – The NIST Cybersecurity Framework Fundamentals
- Understand the NIST Cybersecurity Framework (NIST CSF)
- Understand & Explain the NIST CSF Objectives
5 – Core Functions, Categories & Subcategories
- Understand & Explain the Core Functions
- Understand & Explain the Framework Categories
- Understand & Explain the Framework Subcategories
- Understand & Explain the Informative References
6 – Implementation Tiers
- Understand in General Terms NIST CSF Implementation Tiers & Their Use
- Understand the four NIST CSF Implementation Tiers
- Understand the Three Risk Categories
7 – Developing Framework Profiles
- Understand in General Terms NIST CSF Profiles & Their Use
- Understand How to Determine Biggest Gaps
- Understand & Demonstrate how to Determine Profiles through a Risk Assessment
8 – Cybersecurity Improvement
- Understand Key Considerations for Beginning a Security Program
- Learn How to Integrate Cybersecurity into an Information Security Management System (ISMS)
- Understand How to Adopt the NIST Risk Management Framework
- Learn How to Develop Organizational Capability to Continually Improve Cybersecurity Capabilities
- Understand the Expected Framework Adoption
- Understand Differences Between a Rules-Based Approach and a risk Based Approach
- Know the Differences Between Risk Assessment & Compliance Assessment\
- Understand the 7-Step Process Organizations use to Create a New Cybersecurity Program or Improve an Existing Program
9 – NCSF Controls Factory Model
- Understand the NCSF Controls Factory Model (CFM)
- Learn How the CFM Converts Assets from Unmanaged to Managed
- Understand the Purpose, Goals, Objectives & Key Capabilities
- Describe How the NCSF CFM Operationalized
