Duration:
2 days
Audience:
CISO, security teams, GRC experts, risk managers

The NIST Cyber Security Framework (CSF) is a governance framework that helps organisation integrate security into their corporate strategy. The NIST CSF employs a risk-based approach to define adequate security controls to mitigate these risks. The NIST framework is a great tool that allows security to adapt to a business.

In this 2 days training course, participants will learn to use the NIST CSF to assess their current security posture and enhance the security posture to mitigate identified risks.

We will explain the different elements of the NIST Cyber Security Framework, how it applies and how to use it to support security governance and define a security strategy.

This training course is ideal for Chief Information Security Officers, GRC experts, Risk Managers and software developers, IoT manufacturers (product teams, engineering teams, developers), and non-security technical subject matter experts.

This training course is also built for security experts who want to extend their knowledge on the NIST Cyber Security Framework.

In this training, we will present the NIST CSF and its usage by a CISO:

  • To assess the current security posture, evaluate their gaps against corporate objectives
  • To define a security baseline across the organisation, with a focus on the roles and responsibilities
  • To adapt the framework to specific parts of the organisation (for example business units or geographical locations)
  • To map security policies and controls with best practices and standards such as ISO 27001 and COBIT.
  • To employ the NIST framework as a support to security governance: steering the strategy, establishing a security roadmap, measuring security with KPIs, etc.

Objectives:

  • Understand how to use the NIST CSF
  • Employ a risk-based security approach
  • Be able to measure the current security posture with the NIST Tiers
  • Adapt security controls with the NIST CSF profiles
  • Be able to express security objectives
  • Be able to identify existing gaps and define an improvement roadmap
  • Measure the current security posture
  • Choose appropriate security controls

Programme:

  • Introduction to the NIST Cyber Security Framework
  • Assessing the risks
  • Choosing adequate security controls
  • Security as a support to the business
  • How to improve the current security posture?
  • How the NIST CSF can support your security governance?

 

To receive a quote or to register, please contact us.