| NIST CSF 2.0 Introduction | - Identify the increasing data security threats to IT systems and data
- Define the reasons why an effective cybersecurity stance is important
- Explain the purpose and the key changes of the NIST CSF 2.0 framework
- Describe the NIST CSF 2.0 components
- Identify the six NIST CSF 2.0 Core Functions
| 8% |
| NIST Framework: GOVERN Function | - Describe GOVERN Function and its relationship with the Enterprise Risk Management (ERM)
- Explain GOVERN Function categories and subcategories
- Define the organizational context and risk management strategy
- Establish clear policies and procedures to guide cybersecurity activities
- Define clear roles and responsibilities for cybersecurity personnel
- Identify and manage cybersecurity risks associated with suppliers and third-party vendors
| 18% |
| NIST Framework: IDENTITY Function | - Explain IDENTITY Function with its categories and subcategories
- Identify and inventory all assets and categorize them based on their criticality and sensitivity
- Assign ownership and responsibility for each asset
- List the tools and techniques used in asset management
- Describe risk assessment
- Describe the controls and techniques in the Incident Response Life Cycle, Contingency Plan, and Business Continuity Plan
| 18% |
| NIST Framework: PROTECT Function | - Explain the PROTECT Function, its categories, and subcategories
- Learn about the processes and controls involved in identity management, authentication, and access control
- Understand the need for awareness and training
- Learn about the processes and controls involved in data and platform security
- Understand the processes and controls involved in technology infrastructure resilience
| 12% |
| NIST Framework: DETECT Function | - Explain the categories and subcategories of the DETECT Function
- Describe the significance of continuous monitoring and associated security controls in the DETECT Function
- Describe the significance of adverse event analysis and associated security controls in DETECT Function
- Elaborate the tools and techniques that can be employed for achieving continuous monitoring and adverse event analysis
| 7% |
| NIST Framework: RESPOND Function | - Understand the basic concepts and categories of the RESPOND Function
- Learn about the processes involved in managing incidents
- Gain knowledge on analyzing incidents with a focus on controls
- Comprehend the reporting and communication aspects of incident response
- Understand the strategies and techniques to minimize the impact of an incident
| 8% |
| NIST Framework: RECOVER Function | - Explain the categories and subcategories of the RECOVER Function
- Analyze the significance of incident recovery plan execution and associated security controls in the RECOVER Function
- Explain the significance of incident recovery communication and associated security controls in the RECOVER Function
- Elaborate the tools and techniques that can be employed for incident recovery plan execution
| 7% |
| Analyze NIST CSF Profiles | - Understand the concept of NIST CSF Organizational Profiles
- Explore different Organizational Profiles
- Discover how to develop and apply Organizational Profiles
- Understand the application of NIST CSF Profiles in practical scenarios
| 7% |
| Applying NIST CSF Tiers | - Grasp core concepts and structure of Cybersecurity Framework (CSF) tiers
- Choose appropriate tiers for risk governance and management
- Apply the NIST CSF tiers in practical scenarios
| 5% |
| Assess Cybersecurity Risk Communication and Integration | - Explain cybersecurity risks and their impact on organizations.
- Utilize effective communication strategies to convey cybersecurity risks
- Integrate cybersecurity risk management into broader enterprise risk management programs
- Explain the importance of Supply Chain Risk Management (SCRM) in cybersecurity
- Identify and manage the risks associated with emerging technologies, such as AI
- Describe AI risk management frameworks, tools, and techniques
| 10% |
