Since 2014 a large number of industries and special interest groups have created cybersecurity standards. All of these standard frameworks have been designed with a series of risk mitigating controls that are to be integrated into back off technology processes and front office business practices. Unfortunately to date all standard frameworks have failed to include a management system that would allow organizations to provide oversight including governance, risk management, internal audit, compliance management, continual improvement, communications, vulnerability management, incident management, awareness training, asset management, and continual management monitoring. Participants attending this course are going to leave with the skills necessary to initiate, plan, execute and control the adoption and integration of their own cybersecurity management system.
This course is available on-site at your location, or offered through open enrollment 12/14/20 - 12/16/20.
- Understanding the Principles and Practices of Cybersecurity Governance.
- Protect (PR).
- Defining the Cybersecurity Risk Management Process and Components.
- Assessing Opportunities for Continual Improvement of your Cybersecurity program.
- Defining and Exploring the Fundamental Components of a Cybersecurity Internal Audit Program.
- Developing a Cyber Program Communications Plan.
- Defining and Developing a Cybersecurity Training and Awareness Program.
- Exploring Cyber Program Document and Records Management.
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.