• Home
  • NCSP® Bootcamp

NCSP® Bootcamp

All prices include the NIST certification exam.

    Upcoming Events

Please contact Deep Creek Center for information on scheduling a course.
Course Length
4 days
Credits Earned
28 PDU credits
Powered By APMG Accredited NIST Cybersecurity Professional (NCSP) Curriculum.

In response to the accelerating set of security risks and threats to critical infrastructure sectors, the US Government’s National Institute for Standards and Technology (NIST) was directed to create a cybersecurity framework (CSF) for public and private organizations to use to assess their security practices and controls and to support continual improvement. The NIST cybersecurity framework (CSF) was published in 2014 and critical infrastructure sectors are expected to adopt these practices no later than 2022.

This APMG accredited training program is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSF) across an enterprise and its supply chain. The NCSF Practitioner program teaches the knowledge to prepare for the NCSF Practitioner exam plus the skills and abilities to design, build, test, manage and improve a cybersecurity program based on the NCSF.  

What You Will Accomplish

You will:
  • Learn how the NCSF helps you identify, assess, and manage cybersecurity risk
  • Learn to develop a roadmap and scorecard for assessing and improving your cybersecurity risk management approach
  • Develop engineering, technology, and business centers to implement the FasTrack Model
  • Prioritize investments to maximize positive impact
  • Build cybersecurity and cyber risk scorecards and roadmaps
  • Be able to answer the question – are we secure?

Who Should Attend

Risk Managers, Security Managers, CISOs, all IT staff with security management responsibilities, business relationship managers, business leadership with responsibility for security practices and assurance.
Course Introduction

This course looks at cybersecurity risks and instructs students on the best approach to design and build a comprehensive technology focused cybersecurity program and business focused cyber-risk management program that will minimize risks, and at the same time, protect our critical assets. Executives are keenly aware of the risks, but have limited knowledge on the best way to mitigate these risks. We will want to enable our executives to answer the key question – Are we secure?

The class will include lectures, informative supplemental reference materials, quizzes, exercises and tests. Outcomes and benefits from this class is a practical approach that students can use to build and maintain comprehensive cybersecurity and cyber-risk management programs.  
 
Body of Knowledge

This APMG and NCSC/GCHQ accredited five day in-depth course teaches students how to apply a best practice approach to designing an enterprise risk management cybersecurity program based on the NIST Cybersecurity Framework Informative references and management systems.

The course is based on the Framework for Improving Critical Infrastructure Cybersecurity, version 1.1 and qualifies for PMI, CompTIA and ISACA Professional Development Credits

Following the course introduction, the course provides an introduction to the intersection between digital transformation and cybersecurity, which is followed by an overview of the threat landscape.

With this in place, the course uses the Center for Internet Security Controls as an example of a cybersecurity “informative reference” (mentioned in the NIST Cybersecurity Framework. Each organization that sends candidates to the course should select one or more informative references that match the need of the organization (e.g., HIPAA, PCI-DSS, or NIST 800-171).

Following an approach to the implementation of cybersecurity controls, the course delves into an organizational approach to cybersecurity that starts governance, management, and a supportive culture, including an understanding of how things occur within the organization concerning three specific areas: work, communication, and improvement.

Finally, the course provides additional guidance for the cybersecurity practitioner to determine the current state, the desired state, and a plan to close the gap – and to do this over and over again to inculcate it into organizational DNA.
  

Course Outline

NIST Foundations
1: Course Introduction
  • Course Organization
  • Course Resources
  • NIST-CSF “Setting the Stage”
2: Digital Transformation
  • Basics of Digital Transformation
  • Becoming Digital
  • Cybersecurity & Digital Transformation
  • DX & the Framework
3: Understanding Cyber Risks
  • Cyber Risk Equation
  • Cyber Risk Components
  • Basics of Cyber Risk Assessment
4: NIST-CSF Fundamentals
  • The NIST Framework Overview
  • The Framework Core, Tiers & Profiles
5. Core Functions, Categories & Subcategories
  • Identify
  • Protect
  • Detect
  • Respond
  • Recover
  • Informative References
6: Implementation Tiers & Profiles
  • Understanding Tiers
  • Tiers 1 – 4
  • Understanding Profiles
  • Creating Profiles
  • Improving & Sustaining Cybersecurity Posture
7: Cybersecurity Improvement
  • Adopt & Adapt
  • Implement & Improve
  • CIIS as a Practice
NIST Practitioner
1. Day 2 Introduction
  • Course Organization
  • Setting the Stage
2. Digital Transformation
  • DX as a Practitioner
  • DX in the Context of Cybersecurity
  • Cybersecurity as a DX Catalyst
3. Threat Landscape
  • Threat Actors: Agile & Creative
  • Attacks
  • Challenges
  • Organizational Response to Threat Landscape
  • Absolute Prevention Not Possible
4. The Controls
  • Initiation & Basic
  • Foundation
  • Organizational & Recovery
5. Adopt & Adapt
  • The Context of Adopt & Adapt
  • Cybersecurity & Culture
  • Where We Are?
6. Adaptive Way of Working
  • Introduction to Adaptive Way to Work
  • How to Get Started
7. FastTrack
  • Rapid Adoption
  • Rapid Adaptation
8. CIIS as a Practice
  • Ongoing Practice of Cybersecurity
  • NIST 7-step Improvement
  • Cybersecurity Maturity Model Certification (CMMC)
  • Integrate Cybersecurity
9. Course Summary


Please contact Deep Creek Center for information.
It is only a solution if it produces the desired results.

Deep Creek is pleased to deliver these programs through Cybersecurity Professionals, Ltd., the official Accredited Training Organization for the NIST Cyber Security Professional program.