The digital age has ushered in a wave of innovation, but it has also opened the door to a growing landscape of cyber threats. Malicious actors are constantly evolving their tactics, targeting critical infrastructure, sensitive data, and operational systems of organizations of all sizes – from large enterprises to small businesses and startups. These cyberattacks can cause significant financial losses, disrupt operations, and damage an organization's reputation.
The National Institute of Standards and Technology (NIST) addresses this challenge with the Cybersecurity Framework (CSF). This voluntary, non-regulatory framework by NIST provides a structured approach for managing cyber risks.
This workshop dives into NIST CSF 2.0. Through lectures, exercises, and case studies, you'll gain a deep understanding of the framework and how to effectively implement and continuously improve the cybersecurity program, strengthening their organization's cybersecurity posture.
Gain a thorough understanding of the NIST Cybersecurity Framework (CSF) 2.0 structure and key components (i.e., Core, Tiers, and Profiles)
Learn how to leverage the CSF 2.0 framework within your organization.
Develop an adequate approach for cyber risk governance and management.
Understand how to tailor the CSF 2.0 to meet your organization's specific security needs.
Identify valuable resources and tools to support continuous improvement of your cybersecurity program.
This training workshop is designed for a broad audience, including:
IT professionals
Security managers
Risk management professionals
IT auditors and compliance officers
Business leaders
Anyone interested in strengthening their organization's cybersecurity posture.
While no prior cybersecurity experience is mandatory, a basic understanding of IT and security terminology is beneficial. Participants who have completed foundational IT security courses will gain the most from this workshop.
Overview of Cyber Risks and Cybersecurity Governance
Top Business Risks
The Evolving Threat Landscape
Importance of Effective Governance for Cybersecurity
NIST CSF Journey:
Brief History and Role of NIST in Technology Cybersecurity
Overview of the NIST Cybersecurity Framework (CSF)
Evolution of the CSF since 2013
CSF by the Numbers (key statistics about CSF and its adoption)
Understanding the NIST CSF Components:
Core
Deep dive into the framework's Core functions
Explore the categories and subcategories within each function, providing a granular understanding of cybersecurity outcomes.
Tiers
Demystify the CSF Tiers (Partial, Risk-Informed, Repeatable, Adaptive).
Learn how these tiers represent different levels of cybersecurity maturity.
Explore how to select the appropriate tier for your organization.
Profiles
Organizational Profiles
Understand the purpose of Current and Target Profiles in assessing your cybersecurity posture.
Learn how to develop these profiles to identify gaps and set improvement goals.
Community Profiles:
Explore the structure and lifecycle of Community Profiles
Discover how these profiles can provide valuable benchmarks and best practices.
Day 1 Q&A Session and Course Review
Continuous Improvement of Cybersecurity Program:
for Scoping an Organizational Profile
Gathering Information for Profile Development
Building the Current and Target Profiles
Identifying Gaps and Creating Action Plans
Implementing Action Plans and Measuring Progress
Risk Management Integration:
Enterprise Risk Management (ERM) and its Connection to Cybersecurity
Information and Communications Technology (ICT) Risk Management
Understanding Cybersecurity Risk Management (CSRM)
Integrating and Coordinating Risk Management Activities
Using the Cybersecurity Risk Register (CSRR) for Effective Risk Management
Cybersecurity Supply Chain Risk Management (C-SCRM):
Overview of Information and Communications Technology (ICT) Supply Chain Risks
Establishing a C-SCRM Capability
Setting C-SCRM Requirements and Processes
Day 2 Q&A Session and Course Review
NIST Online Resources:
Examining CSF Resources such as Quick Start Guides, Informative References, CSF Resource Tool, Cybersecurity & Privacy Reference Tool (CPRT), and CSF Implementation Examples
Methods for submitting new resources to NIST
Cybersecurity Maturity Assessment:
Benefits of conducting cybersecurity maturity assessments
Using NIST CSF for cybersecurity assessments
Leveraging CSF with Other Standards and Frameworks:
NIST CSF vs ISO 27001 vs CIS Controls vs NIST SP 800-53 (highlighting similarities and differences)
CSF Relationship with ISO Standards and other NIST publications
Leveraging the CSF for Effective Compliance Management
Exploring the Value of the CSF:
Use Cases and Success Stories (real-world examples of CSF implementation)
Applying the CSF to Address Specific Challenges
What's Coming Next for the NIST CSF?
Additional Informative References
Additional Quick Start Guides
Future Community Profiles
Resources Translations
Use Cases and Success Stories
Online Training Materials
Wrap-Up:
Importance of continuous improvement in cybersecurity
Key takeaways and actionable steps for implementing the CSF in your organization.
This workshop employs a variety of engaging and interactive learning methods to ensure a comprehensive understanding of the NIST CSF 2.0. Here's what you can expect:
Experienced instructors will guide you through the concepts and practical applications.
Interactive discussions to share experiences, ask questions, and gain insights from participants.
Analyzing real-world scenarios where organizations have successfully implemented the NIST CSF.
Applying your knowledge through practical exercises, such as conducting risk and maturity assessments, and building sample profiles.
Quizzes and poll questions will help you gauge your understanding throughout the workshop.
You'll receive a comprehensive course material with all the key concepts, resources, and references covered during the training.
You will receive a certifcate of participation valid for 24 CPEs.
Back Registration