Course Description:
In this course, you will understand the context and nature of cybersecurity risks and how to manage these risks using the NIST Cybersecurity Framework together with COBIT 5. ISO/IEC 27000 is also covered in this course. So if you are already using that standard or interested in applying it as an overall IT Security Management System, this course will be relevant as well.
Course Topics:
Course Introduction
● Introductions
● Course Objectives
● Agenda
● Learning Approach
Cybersecurity Challenges
● What is cybersecurity?
● What are the risks?
● What are the challenges?
● What are the benefits:
● NIST Framework
● COBIT 5
● ISO27000
● Introducing the Frameworks
● NIST Core, Tier and Profiles Facts and Concepts
● How to apply these concepts to a scenario
Step 1 : Prioritize and Scope
● The CSF Goals and implementation steps
● How the CSF relates to the NIST Framework
● What are the drivers?
● Implementation Considerations
● Relevant COBIT 5 Practices
Steps 2 and 3 : Orient and Create a Current Profile
● Where are we now?
● Implementation Considerations
● Relevant COBIT 5 Practices
Step 4 and Step 5 : Conduct a Risk Assessment and Create a Target Profile
● Where do we want to be?
● Implementation Considerations
● Relevant COBIT 5 Practices
Step 6 : Determine, Analyze, and Prioritize Gaps
● What needs to be done?
● Implementation Considerations
● Relevant COBIT 5 Practice
Step 7 : Implement Action Plan
● How do we get there?
● Implementation Considerations
● Relevant COBIT 5 Practice
CSF Action Plan Review and CSF Life Cycle Management
● Did we Get There
● Implementation Considerations
● Relevant COBIT 5 Practices
● How do we Keep the Momentum Going
● Implementation Considerations
● Relevant COBIT 5 Practices
Learning Goals:
Incident and Change Managers
Course Agenda:
Day 1
● Course Introduction
● Cybersecurity Challenges
● Introducing the Frameworks
● Step 1: Prioritize and Scope
● Steps 2 and 3: Orient and Create a Current Profile
Day 2
● Step 4 and Step 5: Conduct a Risk Assessment and Create a Target Profile
● Step 6: Determine, Analyze, and Prioritize Gaps
● Step 7: Implement Action Plan
● CSF Action Plan Review and CSF Life Cycle Management