NIST CyberSecurity Practitioner Course

*** This document has been classified for pubic distribution ***

NIST CyberSecurity Practitioner Course

Introduction


OverviewCyberSecurity is the number one topic among Government Officials andCommercial organizations. The National Institute of Standards and Technologyfacilitated workshops during 2014 to draw on the knowledge of industryprofessionals.

The following course has been designed to connect the dots between the NISTCyberSecurity Framework and proven operational security practices. Thiscourse will help Executives and their designates operationalize effective,efficient security programs based on their industry and current processmaturity and Enterprise capability.

Overview/Introduction to Course


Unleashing the Knowledge of Best Practices

ISO/IEC 27001

FoundationKnowledge /Comprehension

PractitionerImplementation /Maintenance

ProfessionalDesign /Architecture

ITIL

ISO/IEC 9001 ISO/IEC 38500

ISO/IEC 31000 SIRT

ISO/IEC 14001 ISO 18001

BS 25999 COSO ERM

COBiT NIST

RMCP HTRAIndustry

Standards

ISO/IEC 27001/2 ITIL

ISO/IEC 9001 ISO/IEC 38500

ISO/IEC 31000 SIRT

ISO/IEC 14001 ISO 18001

BS 25999 COSO ERM

COBiT NIST

RMCP HTRA PMP/Prince2

CISSP CISM

GIAC CISA

CGEIT CRISC

SABSA

EA - FEMA TOGAF

CISCO

IBM SAP

ORACLE TCP/IP

OSI

DBA

System Admin

Java

Programmer

API

ARC

Blooms 1-2, Knowledge & Comprehension

Blooms 3-4, Application & Analysis Blooms 5-6, Synthesis & Evaluation

Exe

cuti

ve O

verv

iew

Notes: other considerations Accounting skills, communications, skills & competencies, procurement, strategic planning, etc…

NIS

T /U

K C

yber

Secu

rity

Buy In

Work-stream Leaders Managers /PM Subject Matter Experts



IDENTIFY

Asset Management

Business Environment

Governance

Risk Assessment

RM Strategy

ISO 27001, ISO 55000, COBIT, NIST

ITIL, COBIT, SO 27001, PMBOK, NIST

ISO 27001, ISO 38500, COBIT, COSO ERM

ISO 27001, RCMP TRA, NIST, ISO 31000, COBIT, COSO ERM

COSO ERM, ISA, NIST, ISO 31000, COBIT



PROTECT

Access Control

Awareness and Training

Data Security

Protection Procedures

Maintenance

Protective Technology

ISO 27001, NIST, COBIT

ISO 27001, NIST, COBIT

ISO 27001, Blooms Taxonomy, NIST, COBIT

ISO 27001, ISO 18001, ISO 14001, MDS2, NIST, COBIT

ISO 27001, ITIL, NIST, COBIT

ISO 27001, CIPS, MDS2, NIST, COBIT



DETECT

Anomalies and Events

Security Continuous Monitoring

Detection ProcessISO 27001, ITIL, SIRT, ,

NIST, COBIT

ISO 27001, ITIL, SIRT, , NIST, COBIT

ISO 27001, ITIL, SIRT, NIST, COBIT



RESPOND

Response Planning

Communications

Analysis

Mitigation

Improvements

ISO 27001, ITIL, CSIRT, , NIST, COBIT

ISO 27001, ISO 9001, , NIST, COBIT

ISO 27001, Blooms Taxonomy, NIST, COBIT

ISO 27001, ITIL, ISO 9001, , NIST, COBIT

ISO 27001, ITIL, , NIST, COBIT, ISO 31000, ISO 9001



RECOVER

Recovery planning

Improvements

Communications

ISO 27001, BS 25999, ISO 22301, NIST, COBIT

ISO 27001, ISO 9001, , NIST, COBIT

ISO 27001, Blooms Taxonomy, , NIST, COBIT


Critical Infrastructure

• Chemical Sector

• Commercial Facilities Sector

• Communications Sector

• Critical Manufacturing Sector

• Dams Sector

• Defense Industrial Base Sector

• Emergency Services Sector

• Energy Sector

• Financial Services Sector

• Food and Agriculture Sector

• Government Facilities Sector

• Healthcare and Public Health Sector

• Information Technology Sector

• Nuclear Reactors, Materials, and Waste Sector

• Transportation Systems Sector

• Water and Wastewater Systems Sector


Risk Management Methodology

External information systems are mapped and catalogued.

Product /Service

Strategic Risk

Financial Risk

Compliance Risk

Operational Risk

People

Information

Software

Hardware

Telecommunications

Facilities

HazardRisk


CyberSecurity Defined

Enterprise

Internet


What is DIKW?


NIST CSF Maturity Process

NIS

T C

SF C

on

form

ity

International Best Practices

Current Practices

Lower Risk & Unplanned Expenses

Reduce Defects and Incidents

Tier 1 Tier 2 Tier 3 Tier 4 0%

100%


Reference Architecture

We have taken the NIST CyberSecurity Framework and created a Security Reference Architecture Model that we will use to design your custom security programs.


Reference Model

• Identify: Business Environment, Governance, Risk Management Strategy, Risk Assessment, Asset Management

• Protect : Access Control, Awareness Training, Data Security, Information Protection Processes and Procedures, Maintenance, Protective Technology

• Detect: Anomalies and events, Security Continuous Monitoring, Detection Processes.

• Respond: Response Planning, Communications, Analysis, Mitigation, Improvements.

• Recover: Recovery Planning, Improvements, Communications.

The NIST CyberSecurity Practitioner course comprises the following Processes.


Project Management Methodology

INITIATE

PLAN

EXECUTECONTROL

MAINTAIN


Instructional Objectives

Instructional objective module #1; at the conclusion of this module participants will be able to define the business environment, strategize governance and risk management, identify assets and plan a risk assessment.

Instructional objective module #2; participants attending this Module will leave the module knowing how to apply access control techniques, initiate communications designed to raise awareness, apply data security techniques, integrate information protection processes, initiate sustainable maintenance practices. We will wrap up the session by looking at some different protective technologies.

Instructional objective module #3; participants attending this Module will leave the module understanding why we must actively monitor for various types of CyberSecurity Anomalies and Events and take action.

Instructional objective module #4; participants attending this Module will learn how to design and execute a response plan including analysis, mitigation, communications and continuous improvement.

Instructional objective for module #5; participants attending this Module will learn how to design and execute a recovery plan including communications and continuous improvement.


NIST CSF Knowledge Transfer Process

The knowledge transfer process will establish a link between our instructional

objectives and your knowledge deliverables. During the knowledge transfer

process we will improve three predominant skills, they are as follows:

• Cognitive; intellectual outcomes;

• Psychomotor; new physical skills; and

• Affective; attitudes, values, beliefs.

Step 1 Step 2 Step 3 Step 4

Knowledge Comprehension Application Analysis


Course Structure

INSTRUCTORS ACTIVITIES:

• Subject content …………………………..…………………..………00:30 min

• Classroom Exercise …………. ……………..……….…………..… 00:10 min

• Individual Assignment …………..…………………….………….....00:10 min

• Round table .……………..…………………..……………………... 00:10 min

PARTICIPANTS ACTIVITIES:

• Test …...........................................................................................00:15 min

• Course feedback…………………………………..………………..…00:05 min

The complete course is comprised of 22 lessons and each lesson will be structured as follows

following best practices for adult learners:


Course Structure


Overview/Introduction to Course

NIST CyberSecurity Practitioner Course Lets Get Started!

NIST CyberSecurity Practitioner Course

Business

Transcript of NIST CyberSecurity Practitioner Course