[ISACA Chicago Chapter SheLeadsTech] NIST CSF 2.0 - Spring Workshop

Abstract

This two-half-day workshop offers participants a deep dive into the complexities and nuances of the NIST Cybersecurity Framework requirements.

Course Goal

Deliver a comprehensive workshop that delves into each requirement within the NIST CSF v2.0.

Designed to be comprehensive and practical, this workshop is tailored to equip attendees with the knowledge and skills to proficiently implement and adhere to each requirement within the NIST CSF. Each of the NIST CSF Functions will walk through the function, category, and subcategory; providing the students with a thorough understanding of the people, processes, and technology in addition to the use cases and case studies within each of the six CSF Functions.

Upon conclusion of this workshop, participants will possess actionable insights to enhance their organization's cybersecurity posture.

Prerequisites

Participants will need to have a fundamental grasp of cybersecurity concepts and terminology. Familiarity with fundamental IT concepts, technologies, services, capabilities, and practices is highly recommended and desired. 

Syllabus

[Day 1]: Understanding NIST CSF and Core Functions

• Session 1: NIST Primer & Refresher
• Session 2: CSF Governance Function
• Session 3: CSF Identify Function
• Session 4: CSF Protect Function
• Session 5: CSF Detect Function

[Day 2]: Implementing and Adhering to NIST CSF

• Session 6: CSF Respond Function
• Session 7: CSF Recover Function
• Session 8: Continuous Improvement & Compliance
• Session 9: Future-proofing
• Session 10: Wrap-up and Beyond

Time: 8:00 AM CST- 12:00 PM CST

CPE: Earn up to 8 CPE Credits in the area of Information Technology.

Format Delivery: Virtual, via Zoom. Links will be provided 2 days before the start date.

Fees:

*Early Bird Discount: Those who register by April 18th, 2024, save $50 off the price of the workshop.

• ISACA Chicago Chapter Members: $250
• ISACA Members (open globally): $300
• Non-Members: $400
• Students and In-Transition: $100

Instructor's Bio:

Edward McCabe is a business-focused information security professional. An active practitioner, mentor, and instructor with over three decades of experience with Fortune 100 companies, and various domestic state, federal, and foreign government agencies. Industries supported include Financial Services, Defense Industrial Base, Retail, Electric Power Transmission & Distribution, Hospitality, Legal Services, Payment Processing, Health Care, Construction, Insurance, Technology, Aviation, and Media.

Edward is an active professional and practitioner, specializing in Enterprise Governance, Risk Management, Compliance, Incident Response, Threat Intelligence Program Management, Enterprise Security Architecture, and Advanced Adversarial Attack & Penetration Testing.

Edward is often invited to present and speak on a variety of topics including Social Engineering, Incident Response & Digital Forensics, Threat Intelligence Analysis & Management, Practical Security Data Visualization, Advanced Attack & Penetration Testing, IT Audit Development, Enterprise Governance & Risk Management, and Adopting Information Security as part of Corporate Culture.

Venues have included: the ISACA Computer Audit, Control and Security (CACS) Summit, ISACA Cyber Security Nexus (CSX), ISACA Atlanta Geek Week, Central Ohio Information Security Summit, various Security BSides, (ISC) 2 eSymposium on Threat Intelligence, the Health Information Management Summit, Data Management (DAMA) International, The Conference That Counts, Take Down Con, MIS | Training Institute Threat Intelligence Summit, CircleCityCon, HackRedCon and DerbyCon. Edward receives invitations to speak with specific industries and organizations around the globe.

A veteran of the United States Navy, Edward holds various ISACA certifications, including the Governance of Enterprise Information Technology (CGEIT), Risk and Information Systems Controls (CRISC), Information Security Manager (CISM), Data Privacy Solutions Engineer (CDPSE) and COBIT, in addition to being an ISO/IEC 27001 Lead Implementer, SABSA/Chartered Architect, and a recovering Qualified Security Assessor (QSA) for the Payment Card Industry.

Edward is also an accredited instructor for ISACA International’s CISM, CRISC, CGEIT, CDPSE, and COBIT and co-author for the CGEIT, CRISC, CISM, and CCOA (coming soon!) certification bodies of knowledge and the lead for ISACA’s Ransomware Readiness Audit Program and Blueprint for Ransomware Defense. Additionally, Edward develops and delivers a wide range of custom training ranging from Analysis of Competing Hypotheses to Zero Trust. In his off time, Edward enjoys spending time with his family. You will often find him relaxing by the fire pit, sitting on the balcony, smoking various meats, or working on restoring their historic Queen Anne home which he feels is the personification of the industry at large.