NIST Cybersecurity Framework Workshop
NIST Cybersecurity Framework Workshop is a 2-day training that covers the key concepts of NIST Cybersecurity Framework is voluntary guidance, based on existing standards, guidelines, and practices for organizations to better manage and reduce cybersecurity risk.
NIST Cybersecurity Framework Workshop helps organizations to manage and reduce risks and fosters risk and cybersecurity management communications amongst both internal and external organizational stakeholders.
NIST Cybersecurity Framework consists of three main components: the Core, Implementation Tiers, and Profiles.
Participants will learn about the Framework Implementation Tiers and how they assist organizations by providing context on how an organization views cybersecurity risk management: The Tiers guide organizations to consider the appropriate level of rigor for their cybersecurity program and are often used as a communication tool to discuss risk appetite, mission priority, and budget.
Framework Profiles are an organization’s unique alignment of their organizational requirements and objectives, risk appetite, and resources against the desired outcomes of the Framework Core.
Topics Include:
Fundamentals of NIST Cybersecurity Framework
- The Framework Core
- Desired cybersecurity activities and outcomes
- Common language
- Reducing their cybersecurity risks
- Cybersecurity and risk management processes
- Three Primary Components
- Core
- Profiles
- Implementation Tiers
- Key Framework Attributes
- Principles of Current and Future Versions of the Framework
Common and Accessible Language
- Adaptable to many technologies, lifecycle phases, sectors and uses
- Implementation Tiers
- The Cybersecurity Framework Version 1.1
- Examples of Framework Profiles
- Alignment of the Functions, Categories, and Subcategories with the business requirements, risk tolerance, and resources of the organization
Framework Profiles
- Comparison of Profiles (e.g., the Current Profile and Target Profile)
- NISTIR 8183 – Cybersecurity Framework Manufacturing Profile
- NISTIR 8374 – Ransomware Risk Management: A Cybersecurity Framework Profile
- NISTIR 8183r1 – Cybersecurity Framework Version 1.1 Manufacturing Profile Rev. 1
- NISTIR 8310 (Draft) – Cybersecurity Framework Election Infrastructure Profile
- NISTIR 8323 – Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services
- NISTIR 8323 Revision 1 (Draft) | Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services Rev. 1
- NIST TN 2051 – Cybersecurity Framework Smart Grid Profile
- Cybersecurity Framework Botnet Threat Mitigation Profile
- Cybersecurity Framework DDoS Threat Mitigation Profile
- CSF 1.0 Profiles
- Maritime Cybersecurity Framework Profiles – U.S. Coast Guard
- Maritime Bulk Liquids Transfer Cybersecurity Framework Profile – US Coast Guard
- Offshore Operations Profile
- Passenger Vessel Profile
- Cybersecurity Framework Profile for Communications Sector (Broadcast, cable, satellite, wireless, and wireline segment)
- Federal Communications Commission’s The Communications Security, Reliability, and Interoperability Council (CSRIC)