Enter your keyword

Class

Dates GTR Venue Class Time (Eastern) Price Qty Action
Aug. 20-22, 2019 GTR LIVE Online
8:30 am to 4:30 pm
$3,295.00 (USD)   
Sep. 10-12, 2019 GTR LIVE Online
8:30 am to 4:30 pm
$3,295.00 (USD)   
Oct. 22-24, 2019 GTR LIVE Online
8:30 am to 4:30 pm
$3,295.00 (USD)   
GTR Class is Guaranteed to Run

  • August 20, 2019 - August 22, 2019
    8:30 am - 4:30 pm
  • September 10, 2019 - September 12, 2019
    8:30 am - 4:30 pm
  • October 22, 2019 - October 24, 2019
    8:30 am - 4:30 pm

About this Course

The program is designed for IT and Business professionals who will play an active role in the design and management of an NCSF program.

This APMG accredited training program is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSF) across an enterprise and its supply chain. The NCSF Practitioner program teaches the knowledge to prepare for the NSCF Practitioner exam plus the skills and abilities to design, build, test, manage and improve a cybersecurity program based on the NCSF.

 

The optional certification exam is through APMG. Student must pass a 180 minute, 100 question closed book multiple choice, examination with a passing score of 70% in order to receive this certification.
Credits Earned
• 24 PDU Credits

Audience Profile

The program is designed for IT and Business professionals who will play an active role in the design and management of an NCSF program.

At Course Completion

Outcomes and benefits from this class is a practical approach that students can use to build and maintain comprehensive cybersecurity and cyber-risk management programs.

Outline

Chapter 1: Course Overview

Reviews at a high level each chapter of the course

Chapter 2: Framing the Problem

Establishes the context and rationale for the adoption and daptation of the NIST-CSF using the Controls Factory Model.

Chapter 3: The Controls Factory Model

Introduces the concept of a Controls factory model and the three areas of focus, the Engineering Center, the Technology Center, and the Business Center.

Chapter 4: The Threats and Vulnerabilities

Provides an overview of cyber –attacks (using the Cyber Attack Chain Model), discusses the top 15 attacks of 2015 and 2016, and the most common technical and business vulnerabilities.

Chapter 5: Digital Assets, Identities and Business Impact

Provides a detailed discussion of asset families, key architecture diagrams, an analysis of business and technical roles, and a discussion of governance and risk assessment.

Chapter 6: The NIST Cybersecurity Framework

Provides a practitioner level analysis of the controls framework based on the NIST Cybersecurity Framework.

Chapter 7: Technology Program Design and Build

Provides a detailed analysis of the technical controls based on the Center for Internet Security 20 Critical Security Controls©. Includes the controls objective, controls design, controls details, and a diagram for each control.

Chapter 8: The Security Operations Center (SOC)

Provides a detailed analysis of Information Security Continuous Monitoring (ISCM) purpose and capabilities. Includes an analysis of people, process, technology, and services provided by a Security Operations Center.

Chapter 9: Technology Program Testing and Assurance

Provides a high-level analysis of technology testing capabilities based on the PCI Data Security Standard (DSS). The testing capabilities include all 12 Requirements of the standard.

Chapter 10: Business Program Design and Build

Provides a high-level analysis of the business controls based on the ISO 27002:2013 Code of Practice. Includes the controls clauses, objective, and implementation overview. The business controls are in support of ISO 27001 Information Security Management System (ISMS).

Chapter 11: Cyber Workforce Skills Development

Provides a review of cybersecurity workforce demands and workforce standards based on the NICE Cybersecurity Workforce Framework (NCWF).

Chapter 12: Cyber-Risk Management Program

Provides a review of the AICPA Proposed Description Criteria for Cybersecurity Risk Management. Covers the 9 Description Criteria Categories and the 31 Description Criteria.

Chapter 13: Cybersecurity Program Assessment

Provides a detailed review of the key steps organizations can use for conducting a Cybersecurity Program Assessment. Assessment results include a technical scorecard (based on the 20 critical controls), an executive report, a gap analysis and an implementation roadmap.

Chapter 14: Cyber Risk Program Assessment

Provides a review of the Cyber Risk Management Program based on the five Core Functions of the NIST Cybersecurity Framework.

Disclaimer:

THE itSMS COURSE IS PROVIDED “AS IS” WITH NO GUARANTEE OF COMPLETENESS, ACCURACY, TIMELINESS, OR NONINFRINGEMENT. itSMS AND THE UNIVERSITY OF MASSACHUSETTS DO NOT WARRANT THAT ACCESS TO OR USE OF THE CONTENT, THE COURSE, OR THE INFORMATION PROVIDED THEREIN OR SERVICES PROVIDED THEREWITH WILL BE UNINTERRUPTED OR ERROR FREE. itSMS AND THE UNIVERSITY OF MASSACHUSETTS EXPRESSLY DISCLAIM ALL WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTIES OF AVAILABILITY, PERFORMANCE, MERCHANTABILITY, NONINFRINGEMENT, OR FITNESS FOR A PARTICULAR PURPOSE.

Prerequisites

Individuals should hold a valid NIST Cybersecurity Foundation Certification or have equivalent knowledge.

Venue:  

Address:
Online Event

Description:

Live Online Training

Get the same training you expect in the classroom without leaving your office or home. These are NOT recorded classes. They are LIVE sessions with an expert instructor. We use the latest in video conferencing technologies and audio so you can confidently participate in any class just like being right there in person. We guarantee the effectiveness of our online training delivery approach that we will give you your money back if you are not totally satisfied.  Ask us for a demo.

Online class requirements:

  • Moderate to fast Internet
  • Phone, or Speakers or headset (required in order to hear the instructor/moderator). You can use Voice Over IP (VoIP) or you can dial-in from a regular phone.  Whether you decide to use VoIP or a phone, for convenience, we recommend a hands free headset.
  • Training software must be installed on your computer (30 trial versions are acceptable)
  • RECOMMENDED: Dual Monitors or computers. For optimal online learning experience, we recommend participants have dual monitors or dual computers. Your online classroom credentials allow you to login multiple times from multiple computers. Participants should use one monitor or computer to view instructor/moderator shared screen and another monitor/computer to work in the software.

What happens when you enroll in an online class

When you register for an online class, you will receive a welcome email followed by login access to the Citrix GoToTraining virtual classroom. A workbook (printed copy or eBook) will be sent to you prior to the start of class.

Online Training Advantages

Convenience: You don’t have to travel and can attend from your home, office or anywhere with an internet connection. Our online classes are conducted using GoToTraining, a more robust version of the popular GoToMeeting screen sharing and conferencing platform. To accommodate multiple time zones, courses are typically scheduled from 10am – 5pm Eastern with a one-hour lunch break at 12:30 – 1:30 pm Eastern and a 10-minute break in the morning and afternoon. When conducting custom online course for your group, class times can be modified to accommodate your timezone.

Interactive Learning: Our online training is fully interactive. You can speak and chat with the instructor and classmates at any time. Various interactive techniques are used in every class. Our  small class sizes (typically 4 – 8 students), allow our instructors to focus on individual performance and issues and to work closely with you to meet your unique needs. Classes are designed to be a hands-on learning experience, providing opportunities for you to try your new skills while the instructor is available for review, questions, and feedback. You have the option to give the instructor permission to view your computer to provide one-on-one assistance when needed.