12 month licence to access the 12-hour, online, self-paced NIST Cybersecurity Professional (NCSP) Practitioner Certificate video training course including online exam voucher.
NCSP Practitioner Certificate - Self-Paced Video Training + Exam Voucher
Accredited through APMG International and listed as qualified cyber training by DHS CISA in the U.S. and GCHQ NCSC in the UK, the NCSP accredited training program teaches organizations how to rapidly engineer, operationalize and automate the NIST-CSF informative reference controls and management systems required to deliver the business outcomes expected by executive management, government regulators and industry auditors.
Candidates who attend and complete the NCSP Practitioner Certificate course are eligible to sit the associated APMG certification exam along with applying for CPE, PDU and CEU continuing education credits from PMI, ISACA, CompTIA and other professional certification bodies.
This NIST Cybersecurity Professional (NCSP) Practitioner Certificate 12-hour online, self-study, training course introduces a “Controls Factory” as a conceptual model that represents a system of controls used to protect our critical assets, by transforming our assets from an unmanaged state to a managed state.
The Controls Factory Model (CFM) has three focus areas:
- The engineering center
- The technology center
- The business center
The course includes a deep dive of these three areas.
The Engineering Centre
Includes threats and vulnerabilities, assets and identities, and our controls framework. We use the Lockheed Martin Cyber Kill Chain© to model threats.
We examine technical and business vulnerabilities to understand potentially areas of exposure.
For assets, we will study endpoints, networks, applications, systems, databases, and information assets.
For identities, we look at business and technical identities, roles and permissions.
We use the NIST Cybersecurity Framework as our controls framework.
The Technology Center
Includes technical controls based on the 20 Critical Security Controls, technology implementation through security product solutions and services, Information Security Continuous Monitoring (ISCM) capability through people, process and technology, and technical controls testing and assurance based on the PCI-Data Security Standard (DSS) standard.
The goal is to understand how to design, build and maintain a technology focused security system.
The Business Center
Includes the key business/people oriented controls design based on ISO 27002:2013 Code of Practice, implementation (via program, policy and governance), workforce development, testing and assurance based on the AICPA Cyber-risk Management Framework. The goal is to understand how to build a security governance capability that focuses on employees/contractors, management and executives.
Finally, we discuss outcomes which include a cybersecurity (technology based) scorecard and roadmap and a cyber-risk (business based) scorecard and roadmap.
Candidates must have successfully taken and passed the NCSP Foundation Certificate training course and associated exam.
- Candidates looking to enhance their knowledge and practical application of the NIST Cybersecurity Framework
- IT and Network Engineers
- Operations, Business Risk, Consultants and Compliance Professionals
- IT and Cybersecurity Specialists including Developers, Pen Testers, Auditors etc...
- Information Security Managers, Cybersecurity Managers, CIOs, CISOs
Access to the course lasts for 12 months allowing delegates to complete the course and exam in their own time.