NIST Cybersecurity Framework Training

Commitment 3 Days, 7-8 hours a day.
Language English
User Ratings Average User Rating 4.8 See what learners said
Delivery Options Instructor-Led Onsite, Online, and Classroom Live


NIST Cybersecurity Framework Training: In February 2013, the President of the United States issued Executive Order (EO) 13636, “Improving Critical Infrastructure Cybersecurity.” In response to this mandate, the National Institute of Standards and Technology (NIST) was tasked with the development of the Framework for Improving Critical Infrastructure Cybersecurity, more commonly known as the Cybersecurity Framework. Although it was designed specifically for companies that are part of the U.S. critical infrastructure, many other organizations in the private and public sectors, including federal agencies, are using the framework as a helpful tool in managing cybersecurity risks.

This NIST Cybersecurity Framework Training Workshop covers each of the three NIST Cybersecurity Framework components: the framework core, the framework implementation tiers, and the framework profiles.

About the NIST Cybersecurity Framework

Executive Order (EO) 13636, “Improving Critical Infrastructure Cybersecurity,” was issued to “enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties.”

The order provided a mandate to establish a voluntary common framework for cybersecurity defense, now known as the NIST Cybersecurity Framework.

  • 3 days of NIST Cybersecurity Framework Training with an expert instructor
  • Walkthroughs and demonstrations
  • NIST Cybersecurity Framework Course Guide
  • 100% Satisfaction Guarantee



Upon completing this NIST Cybersecurity Framework Training course, learners will be able to meet these objectives:

  • Implement the NIST Cybersecurity Framework to identify, assess, and manage cybersecurity risk
  • Identify connections between business drivers and cybersecurity activities
  • Determine activities that are most important to critical service delivery
  • Prioritize expenditures to maximize the impact of the investment
  • We can adapt this NIST Cybersecurity Framework Training course to your group’s background and work requirements at little to no added cost.
  • If you are familiar with some aspects of this NIST Cybersecurity Framework course, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the NIST Cybersecurity Framework Course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the NIST Cybersecurity Framework course in a manner understandable to lay audiences.

The target audience for this NIST Cybersecurity Framework Training course:

  • Targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSF) across an enterprise and its supply chain.

The knowledge and skills that a learner must have before attending this NIST Cybersecurity Framework course are:

  • N/A


Day 1: NIST Cybersecurity Framework Training – Risk frameworks
  • Course Introduction
  • Legal/governmental guidelines
    • Legislative
    • Regulatory
Day 2: CSF Components and Processes
  • NIST frameworks
    • RMF
    • CSF
  • CSF components
    • Profile
      • Current profile
      • Target profile
    • Core
      • Functions
      • Categories
      • Subcategories
      • Informative references
    • Implementation tiers
      • Tier 1: Partial
      • Tier 2: Risk Informed
      • Tier 3: Repeatable
      • Tier 4: Adaptive
    • CSF processes (5 steps)
      • Identify
Day 3: CSF Processes and Implementation
  • CSF processes (cont.)
    • Protect
    • Defend
    • Respond
    • Recover
  • 7-step approach to establishing or improving a cybersecurity program
    • Step 1: Prioritize and scope
    • Step 2: Orient
    • Step 3: Create a current profile
    • Step 4: Conduct a risk assessment
    • Step 5: Create a target profile
    • Step 6: Determine, analyze, and prioritize gaps
    • Step 7: Implement an action plan
  • Links from CSF to security controls, COBIT 5, and ISO 27001
NIST Cybersecurity Framework TrainingNIST Cybersecurity Framework Training Course Recap, Q/A, and Evaluations


    Are you Human?