Course Content:
Lesson 1 – Background & Introduction
Lesson 2 – Framing the Problem
Topic A: Cybersecurity Risks & Controls
Topic B: Cyber-Risks to Critical Infrastructure
Topic C: Mitigating Cyber-Risks: Steps 2 – 5
Lesson 3 – The Controls Factory Model
Topic A: Cybersecurity Controls Model
Topic B: The Engineering Center
Topic C: The Technical Center
Topic D: The Business Center
Lesson 4 – Cyber Threats & Vulnerabilities
Topic A: Cyber Kill Chain® Model
Topic B: The Cyber Threat Landscape
Topic C: Vulnerabilities & Control Deficiencies
Lesson 5 – Digital Assets, Identities & Business Impact
Topic A: Securing our Digital Assets
Topic B: Asset Management
Topic C: Business Applications
Topic D: Security Practices
Topic E: Business Environment
Topic F: Governance & Risk Assessment
Topic G: Risk Management & Supply Chain
Lesson 6 – NIST Cybersecurity Framework – Design & Build
Topic A: NIST CSF: Core Function Mapping
Lesson 7 – Technology Program – Design & Build
Topic A: The Technology Program
Topic B: Critical Security Control 01 - 20
Lesson 8 – Security Operations Center (SOC)
Topic A: Security Operations Overview
Topic B: SOC Technology
Topic C: SOC People
Topic D: SOC Process/Procedures
Topic E: SOC Services
Topic F: SOC Options
Lesson 9 – Technology Program Test & Assurance
Topic A: PCI=DSS Overview & Mapping
Topic B: Build & Maintain a Secure Network & Systems
Topic C: Protect Cardholder Data
Topic D: Maintain a Vulnerability Management Program
Topic E: Implement Strong Access Control Measures
Topic F: Regularly Monitor & Test Networks
Topic G: Maintain an Information Security Policy
Lesson 10 – Technology Program Test & Assurance
Topic A: Controls Factory Model – Business Center
Topic B: ISO 27002 Control Clause A.5 to A.18
Lesson 11 – Cyber Workforce Skills Development
Topic A: The Controls Factory Model – Cyber Workforce Development
Topic B: Lesson the NICE Workforce Framework (NCWF)
Topic C: Securely Provision
Topic D: Operate & Maintain
Topic E: Oversee & Govern
Topic F: Protect & Defend
Topic G: Analyze
Topic H: Collect & Operate
Topic I: Investigate
Lesson 12 – Cyber Risk Program Design & Build
Topic A: Controls Factory Model – Cyber Risk Program
Topic B: AICPA Description Criteria Categories: 1 to 19
Lesson 13 – Cybersecurity Program Assessment
Topic A: Sample Assessment
Topic B: Cybersecurity Program Summary Design
Lesson 14 – The Risk Management Framework
Topic A: AICPA Cyber Risk Categories
Topic B: FTC Compliance with the Framework