About this course

This course describes NIST Cybersecurity Framework and explains how organization can use the framework to manage cyber risks. The critical elements of the framework, Core, Tiers and Profile will be discussed along with relationship with other standards such as ISO 27001 and NIST SP800-53. The candidates will also learn how to to assess current cybersecurity posture, setting the target and plan to implement cybersecurity controls base on the framework concept.

Who should attend?

  • IT Management, CSO, CIO
  • IT and Cybersecurity Professional
  • Cybersecurity auditor
  • Those who interested in adopting the framework within their organization

Course Contents

  • Current State of Cybersecurity
  • Overview of NIST Cybersecurity Framework
    • Framework Core
    • Framework Implementation Tiers
    • Framework Profiles
  • Core Functions: Identify, Protect, Detect, Respond and Recover
  • Categories and Subcategories
  • Implementation Tiers
    • Tier 1 Partial
    • Tier 2 Risk Informed
    • Tier 3 Repeatable
    • Tier 4 Adaptive
  • Developing Framework Profiles: Current Profile vs. Target Profile
  • Assessment and Implementation of the Framework
    • Step 1: Prioritize and Scope
    • Step 2: Orient
    • Step 3: Create a Current Profile
    • Step 4: Conduct a Risk Assessment
    • Step 5: Create a Target Profile
    • Step 6: Determine, Analyze, and Prioritize Gaps
    • Step 7: Implement Action Plan
  • Q & A

Training Info

Language: Conducted in Thai Language
Duration: 3 Days
Venue: ACinfotec Training Center
16th Fl., Asia Centre Bldg., South Sathorn Rd.
Training Fees: 32,000 BAHT (Ex.Vat 7%)
Tel : 02 670 8980-3 ext. 304, 308
E-mail: training@acinfotec.com