NIST CyberSecurity Practitioner Course
-
Upload
secure-knowledge-management-inc -
Category
Business
-
view
150 -
download
3
Transcript of NIST CyberSecurity Practitioner Course
*** This document has been classified for pubic distribution ***
NIST CyberSecurity Practitioner Course
Introduction
*** This document has been classified for pubic distribution ***
OverviewCyberSecurity is the number one topic among Government Officials andCommercial organizations. The National Institute of Standards and Technologyfacilitated workshops during 2014 to draw on the knowledge of industryprofessionals.
The following course has been designed to connect the dots between the NISTCyberSecurity Framework and proven operational security practices. Thiscourse will help Executives and their designates operationalize effective,efficient security programs based on their industry and current processmaturity and Enterprise capability.
Overview/Introduction to Course
*** This document has been classified for pubic distribution ***
Unleashing the Knowledge of Best Practices
ISO/IEC 27001
FoundationKnowledge /Comprehension
PractitionerImplementation /Maintenance
ProfessionalDesign /Architecture
ITIL
ISO/IEC 9001 ISO/IEC 38500
ISO/IEC 31000 SIRT
ISO/IEC 14001 ISO 18001
BS 25999 COSO ERM
COBiT NIST
RMCP HTRAIndustry
Standards
ISO/IEC 27001/2 ITIL
ISO/IEC 9001 ISO/IEC 38500
ISO/IEC 31000 SIRT
ISO/IEC 14001 ISO 18001
BS 25999 COSO ERM
COBiT NIST
RMCP HTRA PMP/Prince2
CISSP CISM
GIAC CISA
CGEIT CRISC
SABSA
EA - FEMA TOGAF
CISCO
IBM SAP
ORACLE TCP/IP
OSI
DBA
System Admin
Java
Programmer
API
ARC
Blooms 1-2, Knowledge & Comprehension
Blooms 3-4, Application & Analysis Blooms 5-6, Synthesis & Evaluation
Exe
cuti
ve O
verv
iew
Notes: other considerations Accounting skills, communications, skills & competencies, procurement, strategic planning, etc…
NIS
T /U
K C
yber
Secu
rity
Buy In
Work-stream Leaders Managers /PM Subject Matter Experts
*** This document has been classified for pubic distribution ***
Unleashing the Knowledge of Best Practices
*** This document has been classified for pubic distribution ***
Unleashing the Knowledge of Best Practices
IDENTIFY
Asset Management
Business Environment
Governance
Risk Assessment
RM Strategy
ISO 27001 /ISO 55000
ITIL /COBIT /ISO 27001 /PMP
ISO 27001 /ISO 38500 /COBiT
ISO 27001 /RCMP TRA /ISO 31000
COSO ERM /ISA
*** This document has been classified for pubic distribution ***
Unleashing the Knowledge of Best Practices
PROTECT
Access Control
Awareness and Training
Data Security
Protection Procedures
Maintenance
Protective Technology
ISO 27001
ISO 27001
ISO 27001 /Blooms Taxonomy
ISO 27001 /ISO 18001 /ISO 14001 /MDS2
ISO 27001 /ITIL
ISO 27001 /CIPS /MDS2
*** This document has been classified for pubic distribution ***
Unleashing the Knowledge of Best Practices
DETECT
Anomalies and Events
Security Continuous Monitoring
Detection Process ISO 27001 /ITIL /SIRT
ISO 27001 /ITIL /SIRT
ISO 27001 /ITIL /SIRT
*** This document has been classified for pubic distribution ***
Unleashing the Knowledge of Best Practices
RESPOND
Response Planning
Communications
Analysis
Mitigation
Improvements
ISO 27001 /ITIL /CSIRT
ISO 27001 /ISO 9001
ISO 27001 /Blooms Taxonomy
ISO 27001 /ITIL /ISO 9001
ISO 27001 /ITIL /ISO 31000 /ISO 9001
*** This document has been classified for pubic distribution ***
Unleashing the Knowledge of Best Practices
RECOVER
Recovery planning
Improvements
Communications
ISO 27001 / BS 25999
ISO 27001 /ISO 9001
ISO 27001 /Blooms Taxonomy
*** This document has been classified for pubic distribution ***
Critical Infrastructure
• Chemical Sector
• Commercial Facilities Sector
• Communications Sector
• Critical Manufacturing Sector
• Dams Sector
• Defense Industrial Base Sector
• Emergency Services Sector
• Energy Sector
• Financial Services Sector
• Food and Agriculture Sector
• Government Facilities Sector
• Healthcare and Public Health Sector
• Information Technology Sector
• Nuclear Reactors, Materials, and Waste Sector
• Transportation Systems Sector
• Water and Wastewater Systems Sector
*** This document has been classified for pubic distribution ***
Risk Management Methodology
External information systems are mapped and catalogued.
Product /Service
Strategic Risk
Financial Risk
Compliance Risk
Operational Risk
People
Information
Software
Hardware
Telecommunications
Facilities
HazardRisk
*** This document has been classified for pubic distribution ***
CyberSecurity Defined
Enterprise
Internet
*** This document has been classified for pubic distribution ***
NIST CSF Maturity Process
NIS
T C
SF C
on
form
ity
International Best Practices
Current Practices
Lower Risk & Unplanned Expenses
Reduce Defects and Incidents
Tier 1 Tier 2 Tier 3 Tier 4 0%
100%
*** This document has been classified for pubic distribution ***
Reference Architecture
We have taken the NIST CyberSecurity Framework and created a Security Reference Architecture Model that we will use to design your custom security programs.
*** This document has been classified for pubic distribution ***
Reference Model
• Identify: Business Environment, Governance, Risk Management Strategy, Risk Assessment, Asset Management
• Protect : Access Control, Awareness Training, Data Security, Information Protection Processes and Procedures, Maintenance, Protective Technology
• Detect: Anomalies and events, Security Continuous Monitoring, Detection Processes.
• Respond: Response Planning, Communications, Analysis, Mitigation, Improvements.
• Recover: Recovery Planning, Improvements, Communications.
The NIST CyberSecurity Practitioner course comprises the following Processes.
*** This document has been classified for pubic distribution ***
Project Management Methodology
INITIATE
PLAN
EXECUTECONTROL
MAINTAIN
*** This document has been classified for pubic distribution ***
Instructional Objectives
Instructional objective module #1; at the conclusion of this module participants will be able to define the business environment, strategize governance and risk management, identify assets and plan a risk assessment.
Instructional objective module #2; participants attending this Module will leave the module knowing how to apply access control techniques, initiate communications designed to raise awareness, apply data security techniques, integrate information protection processes, initiate sustainable maintenance practices. We will wrap up the session by looking at some different protective technologies.
Instructional objective module #3; participants attending this Module will leave the module understanding why we must actively monitor for various types of CyberSecurity Anomalies and Events and take action.
Instructional objective module #4; participants attending this Module will learn how to design and execute a response plan including analysis, mitigation, communications and continuous improvement.
Instructional objective for module #5; participants attending this Module will learn how to design and execute a recovery plan including communications and continuous improvement.
*** This document has been classified for pubic distribution ***
NIST CSF Knowledge Transfer Process
The knowledge transfer process will establish a link between our instructional
objectives and your knowledge deliverables. During the knowledge transfer
process we will improve three predominant skills, they are as follows:
• Cognitive; intellectual outcomes;
• Psychomotor; new physical skills; and
• Affective; attitudes, values, beliefs.
Step 1 Step 2 Step 3 Step 4
Knowledge Comprehension Application Analysis
*** This document has been classified for pubic distribution ***
Course Structure
INSTRUCTORS ACTIVITIES:
• Subject content …………………………..…………………..………00:30 min
• Classroom Exercise …………. ……………..……….…………..… 00:10 min
• Individual Assignment …………..…………………….………….....00:10 min
• Round table .……………..…………………..……………………... 00:10 min
PARTICIPANTS ACTIVITIES:
• Test …...........................................................................................00:15 min
• Course feedback…………………………………..………………..…00:05 min
The complete course is comprised of 22 lessons and each lesson will be structured as follows
following best practices for adult learners: