NCSP Foundation Training

Digital Transformation

• Explain what it means to “become digital”

• Discuss the difference between industrial and digital era

enterprises

• Explain how cybersecurity supports an organization’s digital

Transformation

Understanding Cyber Risks

• Explain the cyber risk equation

• Identify and explain each component of the cyber risk

equation

• Describe the basics of a risk assessment

NIST Cybersecurity Framework Fundamentals • Explain the genesis of the NIST-CSF

• List and describe the components of the NIST-CSF

• Describe each of the NIST-CSF’s objectives

Core Functions, Categories and Subcategories

• Understand and explain

– Core functions

– Framework categories

– Informative references

Implementation Tiers and Profiles

• Understand and explain Implementation Tier terms and

their use

• Understand and explain each Implementation Tier

• Understand and describe the three risk categories

• Understand and explain Profiles and their use

• Understand and describe the use of Profiles when

– Determining gaps

– Identifying and prioritizing focus areas

Cybersecurity Improvement

• Understand and explain how an organization can

approach the adoption and adaptation of the NIST-CSF

• Understand and describe how to implement cybersecurity

controls using an incremental improvement approach

• Understand and describe CIIS as a practice within an

organization