NIST Cybersecurity Framework (NCSF) Practitioner Training in Waltham
 
                    Enroll in or hire us to teach our NIST Cybersecurity Framework (NCSF) Practitioner class in Waltham,  Massachusetts by calling us @303.377.6176.  Like all HSG
                    classes, NIST Cybersecurity Framework (NCSF) Practitioner may be offered either onsite or via instructor led virtual training.  Consider looking at our public training schedule to see if it
                    is scheduled:  Public Training Classes
                    
                
                        Provided there are enough attendees, NIST Cybersecurity Framework (NCSF) Practitioner may be taught at one of our local training facilities.  
                    
                    | 
                	 We offer private customized training for groups of 3 or more attendees.
                 | ||
| Course Description | ||
| 
	The NIST Cybersecurity Framework (NCSF) Practitioner Training course is suited for individuals working with and overseeing the technology, including CIOs, CISOs, IT Directors and Managers, IT Security personnel, and IT staff. 
 
                        Course Length: 2 Days Course Tuition: $890 (US) | ||
| Prerequisites | |
| Individuals should have already taken the NIST Cybersecurity Framework (NCSF) Foundation Training course or have significant experience with the NIST Cybersecurity Framework. | |
| Course Outline | 
| 
	MODULE 1: COURSE INTRODUCTION 
	Provides the student with information relative to the course, conduct of the course in the virtual classroom, and course materials. 
	MODULE 2: APPLYING NIST CSF TIERS AND PROFILES 
	Review of the NIST CSF Major Components 
	Tiers and Tier selection 
	Current and Target Profiles and the Framework Core 
	MODULE 3: AN EXPLORATION OF INFORMATIVE REFERENCES 
	Defining the major Informative References 
	CIS Controls v8 
	ISO/IEC 27001:2013 
	NIST SP 800-53 Rev. 5 
	MODULE 4: RISK MANAGEMENT IN THE NIST CSF AND NIST RMF 
	Risk Management in the NIST Cybersecurity Framework 
	Analyzing the NIST Risk Management Framework 
	Introduction and History 
	Purpose, Design, and Characteristics 
	Seven Steps 
	Prepare 
	Categorize 
	Select 
	Implement 
	Assess 
	Authorize 
	Monitor 
	Integrating the Frameworks 
	MODULE 5: UNDERSTANDING AND DEFENDING AGAINST REAL WORLD ATTACKS 
	Major Cybersecurity Attacks and Breaches 
	MITRE ATT&CK Matrices 
	Defense in Depth and the NIST CSF 
	Security Operations Center (SOC) activities and Security Information and Event Management (SIEM) solutions in relation to the NIST CSF 
	MODULE 6: ASSESSING SECURITY IN THE SUBCATEGORIES 
	Creating an Assessment Plan 
	Assigning Roles and Responsibilities 
	Tiers, Threats, Risks, Likelihoods, and Impact 
	MODULE 7: CREATING A WRITTEN INFORMATION SECURITY PROGRAMS (WISP) 
	The Intersection of Business and Technical Controls 
	What is a Written Information Security Program (WISP)? 
	Creating a WISP Template 
	Aligning Current Profile with a WISP 
	MODULE 8: A PRACTITIONER’S DEEP DIVE INTO CREATING OR IMPROVING A CYBERSECURITY PROGRAM 
	Step 1: Prioritize and Scope 
	Identifying organizational priorities 
	Aiding and influencing strategic cybersecurity implementation decisions 
	Determining scope of the implementation 
	Planning for internal adaptation based on business line/process need 
	Understanding risk tolerance 
	Step 2: Orient 
	Identifying systems and applications which support organizational priorities 
	Working with compliance to determine regulatory and other obligations 
	Planning for risk responsibility 
	Step 3: Create a Current Profile 
	Cybersecurity Assessment options 
	How to measure real world in relation to the Framework 
	Qualitative and quantitative metrics 
	Current Profile and Implementation Tiers 
	Step 4: Conduct a Risk Assessment 
	Risk assessment options (3rd party vs internal) 
	Organizational vs. system level risk assessment 
	Risk assessment and external stakeholders 
	Step 5: Create a Target Profile 
	Target Profile and Steps 1-4 
	External stakeholder considerations 
	Adding Target Profiles outside the Subcategories 
	Step 6: Determine, Analyze, and Prioritize Gaps 
	Defining and determining Gaps 
	Gap analysis and required resources 
	Organizational factors in creating a prioritized action plan 
	Step 7: Implement the Action Plan 
	Implementation team design from Executives to Technical Practitioners 
	Assigning tasks when priorities conflict 
	Considering compliance and privacy obligations 
	Taking action 
	Reporting and reviewing 
	MODULE 9: CONTINUOUS CYBERSECURITY IMPROVEMENT 
	Creating a continuous improvement plan 
	Implementing ongoing assessments | 
Course Directory [training on all levels]
Technical Training Courses
                                Software engineer/architect, System Admin ... Welcome!
                            - .NET Classes
- Agile/Scrum Classes
- AI Classes
- Ajax Classes
- Android and iPhone Programming Classes
- Azure Classes
- Blaze Advisor Classes
- C Programming Classes
- C# Programming Classes
- C++ Programming Classes
- Cisco Classes
- Cloud Classes
- CompTIA Classes
- Crystal Reports Classes
- Data Classes
- Design Patterns Classes
- DevOps Classes
- Foundations of Web Design & Web Authoring Classes
- Git, Jira, Wicket, Gradle, Tableau Classes
- IBM Classes
- Java Programming Classes
- JBoss Administration Classes
- JUnit, TDD, CPTC, Web Penetration Classes
- Linux Unix Classes
- Machine Learning Classes
- Microsoft Classes
- Microsoft Development Classes
- Microsoft SQL Server Classes
- Microsoft Team Foundation Server Classes
- Microsoft Windows Server Classes
- Oracle, MySQL, Cassandra, Hadoop Database Classes
- Perl Programming Classes
- Python Programming Classes
- Ruby Programming Classes
- SAS Classes
- Security Classes
- SharePoint Classes
- SOA Classes
- Tcl, Awk, Bash, Shell Classes
- UML Classes
- VMWare Classes
- Web Development Classes
- Web Services Classes
- Weblogic Administration Classes
- XML Classes
Business Training Courses
                                Project Managers, Business Analysts, Paralegals ... Welcome!
                            Upcoming Classes
                    Gain insight and ideas from students with different perspectives and experiences.
                    - Python for Scientists 
 8 December, 2025 - 12 December, 2025
- RED HAT ENTERPRISE LINUX SYSTEMS ADMIN I 
 3 November, 2025 - 7 November, 2025
- RHCSA EXAM PREP 
 17 November, 2025 - 21 November, 2025
- Introduction to Spring 6, Spring Boot 3, and Spring REST 
 15 December, 2025 - 19 December, 2025
- Object-Oriented Programming in C# Rev. 6.1 
 17 November, 2025 - 21 November, 2025
- See our complete public course listing 






