Employees of federal, state and local governments; and businesses working with the government.
The Cybersecurity Framework (CSF) full program provides a CSF fundamentals overview and then expands on the central tenet of the Framework, which is effective risk management. In this course, participants will have the opportunity to apply the Cybersecurity Framework Core functions, categories, subcategories and information references, and to select controls among the information references. Training includes an overview of information security and risk management with Cybersecurity Framework policies and relevant publications. The program addresses the CSF life cycle which involves the following steps:
- Step 1: Prioritize and Scope
- Step 2: Orient
- Step 3: Create a current profile
- Step 4: Conduct a risk assessment
- Step 5: Create a target profile
- Step 6: Determine, analyze and prioritize gaps
- Step 7: Implement action plan
Additional attention will be given to key topics such as supply chain risk management (SCRM) and primary Cybersecurity Framework related guidance.