Expanded

Security Framework: NIST CSF

This course will teach you about the NIST CSF. The controls at the core provide a set of best practices, and the tiers allow you to set the level you intend to implement the controls. This all adds up to a profile detailing how secure you can be.
Course info
Level
Intermediate
Updated
Oct 13, 2021
Duration
54m
Table of contents
Description
Course info
Level
Intermediate
Updated
Oct 13, 2021
Duration
54m
Your 10-day individual free trial includes:

Expanded library

This course and over 7,000+ additional courses from our full course library.

Hands-on library

Practice and apply knowledge faster in real-world scenarios with projects and interactive courses.
*Available on Premium only
Description

All organizations, big and small, need to secure themselves, but it is a task that is easier said than done. In this course, Security Framework: NIST CSF, you’ll learn the basics of the framework and how to apply it to your business. First, you’ll explore the core controls. Next, we’ll talk through the different levels, or tiers, you can implement the controls. Finally, you’ll learn how the controls you selected to implement, to what tier you implemented them, makes up the profile of your organization. When you’re finished with this course, you’ll have the skills and knowledge of the NIST CSF needed to implement a security program at your organization.

About the author
About the author

Mike is an information security manager who has worked in the IT field for 17+ years. The focus of Mike's career now centers on pentesting and risk assessments. An active member in the infosec community and attends or speaks at various conferences.

More from the author
Information Governance: CDPA
Intermediate
41m
Oct 12, 2021
More courses by Mike Woolard
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Mike Woolard, and welcome to my course on the NIST cybersecurity framework, or the CSF. I am a risk and compliance manager, and as part of that role, I marry the information security world with standards and frameworks. Customers have expectations of your company, and the more data you process, the more risk you are introducing to the business. Compliance with frameworks, such as the NIST CSF and the certifications to frameworks like ISO 27001, allow you to demonstrate your security posture. In this course, we're going to look at how the CSF breaks down and can be implemented at your company, a high‑level review of the subcategories or controls, how to measure your implementation, and how your company stacks up. By the end of this course, you'll have a firm understanding of how the NIST CSF works and what steps you will need to take to better understand your company and what it will take to get where you want to go. Before beginning this course, you should be familiar with the general concept of risk assessments, backing from executive leadership, and buy‑in from the teams who will need to assess and implement the controls. I hope you'll join me on this journey to learn about the fundamentals of the NIST cybersecurity framework here, on Pluralsight.