NIST Cybersecurity and Risk Management Frameworks

Overview

In the US, NIST is the de-facto standard for security, compliance and privacy. If you are doing business with the US federal government, manage critical infrastructure, or maintain personally identifiable information (PII), you must be compliant with NIST standards. NIST provides the Cybersecurity Framework (CSF) and Risk Management Framework (RMF) to guide organizations on securing their infrastructure, systems, and data. In this course, you will apply the NIST Cybersecurity and Risk Management Frameworks to better protect their infrastructure, detect possible cyber incidents and appropriately respond and recover should they occur. You'll become well-versed in the NIST CSF and RMF, how to implement them, and ways to effectively manage CSF & RMF processes for optimal security, privacy and compliance.
NIST Cybersecurity and Risk Management Frameworks Overview
NIST provides the Cybersecurity Framework (CSF) and Risk Management Framework (RMF) to guide organizations on securing their infrastructure, systems, and data. In this course, you will apply the NIST Cybersecurity and Risk Management Frameworks to better protect their infrastructure, detect possible cyber incidents and appropriately respond and recover should they occur. You'll become well-versed in the NIST CSF and RMF, how to implement them, and ways to effectively manage CSF & RMF processes for optimal security, privacy and compliance.
Clock icon0h 3m
You're watching ITProTV. [MUSIC] Hey, thank you for choosing ITProTV. I'm your host Zach Memos for NIST cyber security and risk management frameworks, a great course. And joining me is our subject matter expert, Adam Gordon. Hello, everybody. Zach, how you doing? I'm doing well. So nice to see you here. Looking sniffy in that sweater, I like that Well, I know and you know, things a little bit different, aren't they? They are, you don't always see me in a jacket. Well, we're part of the ACI Learning company right now and so we have a little bit of ACI action going on, lovely sweater here. And before we get going talking about the course, tell us a little bit about yourself. Well, for those of you that are familiar with Zach and I, both are each of us individually from the ITProTV world. You'll know that I've been in the industry, working as an IT professional, an audit professional for decades. At this point in my career, I'm a consultant, I work with customers, helping them to implement IT security and infrastructure and audit that security and infrastructure posture for them globally. I have for a very long time, I work with governments, with militaries, private and public sectors all over the world. I also spend my time roughly splitting my time equally in that respect with doing what we call here at ACI Learning, entertainment. Spend my time, as many of us do here in the ACI studios, spending time with you. Helping create engaging and innovative, and creative content, in this case, around the NIST CSF, cybersecurity and RMF, first management frameworks. And our conversation around those frameworks is what we're gonna be spending time going through, and hopefully you'll join us for that journey. Well, I want to and I'm going to. [LAUGH] I hope so because I can't do it without you. Let me ask you this, what's in it for me, what can we hope to learn? So, when we think about what's in it for all of us, right? Whether you're an IT professional, whether you're an audit professional, perhaps both as I am and many of you, maybe. There's gonna be a lot of discussion about both the cybersecurity framework as well as the risk management framework. Whether it's individual or collective in terms of how you approach one or both of those. We're gonna take a look at what NIST's guidance on those frameworks is? Why those frameworks are important to IT and audit professionals? How that guidance can be used to drive the understanding of risk? But also then the addressing of risk remediation and control based activities. And from an audit, and compliance perspective, we bring that oversight and that verification validation to bear for the betterment of the organization. And that's really what we wanna focus on, and understand is the most valuable aspect of what we can help you to go through this part of the course. And lastly, why are you excited about this course? Well, I'm excited because I get to wear a jacket which I never get to do. It's very rare these days I get to dress up. So you're gonna see me in a sport coat and a collar shirt. Several of them actually throughout the course cuz I do have several wardrobe changes which is also exciting. But I'm excited, number one, to get to spend time with Zach. And both of us I think, it's fair to say are excited about being able to spend time with you talking about the frameworks. Helping you to walk through them in new and interesting ways. Certainly many of the traditional aspects of what we do here at ITProTV as we go through the course will be familiar to you. Some of which you may not have seen before aside from the wardrobe, obviously. But we will be looking at things from a slightly different perspective. We'll take some opportunities to invite you to have self-directed exercises, as well as case study driven interactions. And we'll certainly take a lot of time and effort to break down the material, explain how it all is connected. And to remind you constantly of the importance of looking at this from the real world perspectives of both an IT as well as an audit professional. And see how that guidance can be applied to your everyday practice, to the betterment of your organization. But also the betterment of your customers and your clients as you seek to put this into practice with them. Thank you, my jacketed and friend, and thank you. And by the way, NIST cyber security and risk management framework sounds like something you'd be interested in. You can check it out in our course library. This is Zach for ITProTV. I'm Adam Gordon. See you soon. Take care everybody. Thank you for watching ITProTV. [MUSIC] [BLANK_AUDIO]

Learning Style

On Demand

Length of course

21h 20m
57 Episodes

Here are the topics we'll cover

  • Topic 1:NIST Cybersecurity Overview
  • Topic 2: NIST CSF Identify
  • Topic 3: NIST CSF Protect Function
  • Topic 4: NIST CSF Detect Function
  • Topic 5: NIST CSF Respond Function
  • Topic 6: NIST CSF Recover Function
  • Topic 7: NIST RMF Preparation
  • Topic 8: NIST RMF Categorization
  • Topic 9: NIST RMF Control Selection
  • Topic 10: NIST RMF Control Implementation
  • Topic 11: NIST RMF Control Assessment
  • Topic 12: NIST RMF Authorization
  • Topic 13: NIST RMF Risk Monitoring
Learning Options

Options for this course

Train your team
Stay ahead of the curve and future-proof your business with training programs designed for you.
Channel partners
Transform your experience and integrate with our unique evolving library of Audit, Cybersecurity, and Information Technology courses.
Individual learners
Learn at your own pace and get your certification training.