Designing a Cybersecurity Program Based on the NIST Cybersecurity Framework

When:  Jan 28, 2020 from 8:00 AM to 5:00 PM (ET)
Presented by: Larry Wilson, CISA, CISSP

This NIST Cybersecurity Framework – Factory Class provides a detailed approach for organizations to use for designing, implementing and continuously improving a comprehensive cybersecurity program / practice based on the NIST Cybersecurity Framework (NIST CSF). The course introduces a “Controls Factory” as a conceptual model that represents a system of controls used to protect our critical assets, by transforming our assets from an unmanaged state to a managed state. The Controls Factory Model (CFM) has three focus areas, the Engineering Center (EC), the Technology Center (TC), and the Business Center (BC). The course includes a deep dive of these three areas.

Course layout:
• Lesson 1: Digital Transformation & Cybersecurity Risk
• Lesson 2: Cybersecurity Engineering & Resilient Systems
• Lesson 3: Engineering Center: Cybersecurity Risks & Controls
• Lesson 4: Engineering Center: Business Applications & Critical Assets
• Lesson 5: Engineering Center: Cybersecurity Threats & Vulnerable Assets
• Lesson 6: Technology Center: Technical Security Controls
• Lesson 7: Technology Center: Technical Controls Assurance
• Lesson 8: Technology Center: Security Operations Center
• Lesson 9: Business Center: Business Security Controls
• Lesson 10: Business Center: Business Controls Assurance
• Lesson 11: Business Center: Risk Management Program
• Lesson 12: Summary: Cybersecurity Skills & Career Pathways

Seminar logistics: This is a one-day seminar/workshop (8 CPE hours).



Ernst & Young Boston Office
200 Clarendon Street
Boston, MA 02116