Implementing NIST Cybersecurity

Course details

Information is a key resource for all enterprises and technology plays a significant role. Today, Information Technology (IT) is increasingly advanced and pervasive. Attacks upon IT are also increasing. Destructive attacks against financial, retail, and energy providers indicate a need for renewed dedication to management of IT-related risk at an acceptable level for each organization. To that end, U.S. President Obama issued Executive Order 13636, "Improving Critical Infrastructure Cybersecurity," on February 12, 2013. The Executive Order called for development of a voluntary risk-based cybersecurity Framework that is "prioritized, flexible, repeatable, performance-based, and cost-effective"; it was developed by the National Institute of Standards and Technology (NIST) in partnership with an international community of small and large organizations, including owners and operators of the nation's critical infrastructure.

The training and examination will explain how these measures can be implemented, using COBIT 5.

Following completion of the INCS examination, you will understand:

• Understand levels of IT-related risk and make informed decisions to reduce information security incidents
  
• Awareness of business impacts
  
• Understanding relationship of business systems and their associated risk appetite
  
• Understanding of business requirements and mission objectives and their priorities
  
• Enhanced view of the operational environment to discern the likelihood of a cybersecurity event
  
• Understanding of cyber threats to the business units and their mission objectives
  
• Understanding of all compliance requirements for each business unit
  
• Understanding of security controls and their importance in managing operational security risks
  
• Detailed understanding of required actions to close gaps in cybersecurity requirements