- Home
- NCSP® Bootcamp
NCSP® Bootcamp
All prices include the NIST certification exam.
- There are no upcoming events.
Upcoming Events
Please contact Deep Creek Center for information on scheduling a course.
Course Length |
4 days |
Credits Earned |
28 PDU credits |
Powered By APMG Accredited NIST Cybersecurity Professional (NCSP) Curriculum.
In response to the accelerating set of security risks and threats to critical infrastructure sectors, the US Government’s National Institute for Standards and Technology (NIST) was directed to create a cybersecurity framework (CSF) for public and private organizations to use to assess their security practices and controls and to support continual improvement. The NIST cybersecurity framework (CSF) was published in 2014 and critical infrastructure sectors are expected to adopt these practices no later than 2022.
This APMG accredited training program is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSF) across an enterprise and its supply chain. The NCSF Practitioner program teaches the knowledge to prepare for the NCSF Practitioner exam plus the skills and abilities to design, build, test, manage and improve a cybersecurity program based on the NCSF.
In response to the accelerating set of security risks and threats to critical infrastructure sectors, the US Government’s National Institute for Standards and Technology (NIST) was directed to create a cybersecurity framework (CSF) for public and private organizations to use to assess their security practices and controls and to support continual improvement. The NIST cybersecurity framework (CSF) was published in 2014 and critical infrastructure sectors are expected to adopt these practices no later than 2022.
This APMG accredited training program is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSF) across an enterprise and its supply chain. The NCSF Practitioner program teaches the knowledge to prepare for the NCSF Practitioner exam plus the skills and abilities to design, build, test, manage and improve a cybersecurity program based on the NCSF.
What You Will Accomplish
You will:
- Learn how the NCSF helps you identify, assess, and manage cybersecurity risk
- Learn to develop a roadmap and scorecard for assessing and improving your cybersecurity risk management approach
- Develop engineering, technology, and business centers to implement the FasTrack Model
- Prioritize investments to maximize positive impact
- Build cybersecurity and cyber risk scorecards and roadmaps
- Be able to answer the question – are we secure?
Who Should Attend
Risk Managers, Security Managers, CISOs, all IT staff with security management responsibilities, business relationship managers, business leadership with responsibility for security practices and assurance.
Course Introduction
This course looks at cybersecurity risks and instructs students on the best approach to design and build a comprehensive technology focused cybersecurity program and business focused cyber-risk management program that will minimize risks, and at the same time, protect our critical assets. Executives are keenly aware of the risks, but have limited knowledge on the best way to mitigate these risks. We will want to enable our executives to answer the key question – Are we secure?
The class will include lectures, informative supplemental reference materials, quizzes, exercises and tests. Outcomes and benefits from this class is a practical approach that students can use to build and maintain comprehensive cybersecurity and cyber-risk management programs.
This course looks at cybersecurity risks and instructs students on the best approach to design and build a comprehensive technology focused cybersecurity program and business focused cyber-risk management program that will minimize risks, and at the same time, protect our critical assets. Executives are keenly aware of the risks, but have limited knowledge on the best way to mitigate these risks. We will want to enable our executives to answer the key question – Are we secure?
The class will include lectures, informative supplemental reference materials, quizzes, exercises and tests. Outcomes and benefits from this class is a practical approach that students can use to build and maintain comprehensive cybersecurity and cyber-risk management programs.
Body of Knowledge
This APMG and NCSC/GCHQ accredited five day in-depth course teaches students how to apply a best practice approach to designing an enterprise risk management cybersecurity program based on the NIST Cybersecurity Framework Informative references and management systems.
The course is based on the Framework for Improving Critical Infrastructure Cybersecurity, version 1.1 and qualifies for PMI, CompTIA and ISACA Professional Development Credits
Following the course introduction, the course provides an introduction to the intersection between digital transformation and cybersecurity, which is followed by an overview of the threat landscape.
With this in place, the course uses the Center for Internet Security Controls as an example of a cybersecurity “informative reference” (mentioned in the NIST Cybersecurity Framework. Each organization that sends candidates to the course should select one or more informative references that match the need of the organization (e.g., HIPAA, PCI-DSS, or NIST 800-171).
Following an approach to the implementation of cybersecurity controls, the course delves into an organizational approach to cybersecurity that starts governance, management, and a supportive culture, including an understanding of how things occur within the organization concerning three specific areas: work, communication, and improvement.
Finally, the course provides additional guidance for the cybersecurity practitioner to determine the current state, the desired state, and a plan to close the gap – and to do this over and over again to inculcate it into organizational DNA.
This APMG and NCSC/GCHQ accredited five day in-depth course teaches students how to apply a best practice approach to designing an enterprise risk management cybersecurity program based on the NIST Cybersecurity Framework Informative references and management systems.
The course is based on the Framework for Improving Critical Infrastructure Cybersecurity, version 1.1 and qualifies for PMI, CompTIA and ISACA Professional Development Credits
Following the course introduction, the course provides an introduction to the intersection between digital transformation and cybersecurity, which is followed by an overview of the threat landscape.
With this in place, the course uses the Center for Internet Security Controls as an example of a cybersecurity “informative reference” (mentioned in the NIST Cybersecurity Framework. Each organization that sends candidates to the course should select one or more informative references that match the need of the organization (e.g., HIPAA, PCI-DSS, or NIST 800-171).
Following an approach to the implementation of cybersecurity controls, the course delves into an organizational approach to cybersecurity that starts governance, management, and a supportive culture, including an understanding of how things occur within the organization concerning three specific areas: work, communication, and improvement.
Finally, the course provides additional guidance for the cybersecurity practitioner to determine the current state, the desired state, and a plan to close the gap – and to do this over and over again to inculcate it into organizational DNA.
Course Outline
NIST Foundations
1: Course Introduction
- Course Organization
- Course Resources
- NIST-CSF “Setting the Stage”
- Basics of Digital Transformation
- Becoming Digital
- Cybersecurity & Digital Transformation
- DX & the Framework
- Cyber Risk Equation
- Cyber Risk Components
- Basics of Cyber Risk Assessment
4: NIST-CSF Fundamentals
- The NIST Framework Overview
- The Framework Core, Tiers & Profiles
- Identify
- Protect
- Detect
- Respond
- Recover
- Informative References
6: Implementation Tiers & Profiles
- Understanding Tiers
- Tiers 1 – 4
- Understanding Profiles
- Creating Profiles
- Improving & Sustaining Cybersecurity Posture
- Adopt & Adapt
- Implement & Improve
- CIIS as a Practice
NIST Practitioner
1. Day 2 Introduction
- Course Organization
- Setting the Stage
- DX as a Practitioner
- DX in the Context of Cybersecurity
- Cybersecurity as a DX Catalyst
- Threat Actors: Agile & Creative
- Attacks
- Challenges
- Organizational Response to Threat Landscape
- Absolute Prevention Not Possible
4. The Controls
- Initiation & Basic
- Foundation
- Organizational & Recovery
- The Context of Adopt & Adapt
- Cybersecurity & Culture
- Where We Are?
- Introduction to Adaptive Way to Work
- How to Get Started
- Rapid Adoption
- Rapid Adaptation
8. CIIS as a Practice
- Ongoing Practice of Cybersecurity
- NIST 7-step Improvement
- Cybersecurity Maturity Model Certification (CMMC)
- Integrate Cybersecurity
Prerequisites
NIST Foundations certification preferred.Exam
NIST Bootcamp Exam: Optional Certification Exam is through APMG. The exam will be comprised of 90 multiple choice questions. Approximately 60% will be Blooms Level 1 & 2 and the remaining 40% will be Blooms Level 3 & 4.Onsite Programs
Onsite program offerings can include an added day NCSF simulation program to help your organization assess your readiness and identify continual improvement areas of focus. Please contact us for more information.
Please contact Deep Creek Center for information.
It is only a solution if it produces the desired results.
It is only a solution if it produces the desired results.