10 Excel Functions for Data Analysis
April 11, 2024
Article
This course is part of Cybersecurity Risk Management Framework Specialization
Instructor: Ross Casanova
7,531 already enrolled
Included with
(126 reviews)
(126 reviews)
Add to your LinkedIn profile
1 assignment
Add this credential to your LinkedIn profile, resume, or CV
Share it on social media and in your performance review
This course will help you to build a basic understanding of NIST cybersecurity fundamentals. You will learn about the RMF process and managing risk by identifying, assessing and responding to risk. Additionally, you will learn how to use the framework to assess an organization's cybersecurity risk and the steps to implement or improve a cybersecurity program. The Cybersecurity Framework skill path introduces the framework for improving infrastructure cybersecurity.
This video introduces the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) 2.0 for improving critical infrastructure cybersecurity.
The NIST CSF contains terminology and concepts that may be expressed in specific ways to include perspectives and usages that may be unique to the framework implementation and different from what you are used to dealing with in your normal operations. You must have a basic understanding of security fundamentals used throughout the industry. For instance, the familiar CIA triad will be mentioned extensively throughout our courses. Additionally, there are some aspects of the framework that are contained throughout all discussion of the topics in this course. We’re introducing them here, they include: Cybersecurity & Information Security, Drivers of Business & Environments, and Cybersecurity Fundamentals. These concepts will be included in various discussions throughout all modules of this course, and you should become familiar with them.
4 videos
The NIST CSF, because it is a risk-based approach for managing cybersecurity risk, is composed of three parts: the Framework Core with its four areas and five processes, the four Framework Implementation Tiers and its programs and processes, and the Framework Profiles, goals, types and levels. Each Framework component reinforces the connection between business and mission drivers and cybersecurity activities.
1 video
The NIST CSF provides a common language to communicate requirements among interdependent stakeholders responsible for the delivery of essential critical infrastructure products and services. For example, an organization may use a target profile to express cybersecurity risk management requirements to an external service provider (e.g., a cloud provider to which it is exporting data). In addition, an organization may express its cybersecurity state through a current profile to report results or to compare with acquisition requirements, we will cover more examples in the course.
1 video
Risk management is the ongoing process of identifying, assessing, and responding to risk. To manage risk, organizations should understand the likelihood that an event will occur and the potential resulting impacts. With this information, organizations can determine the acceptable level of risk for achieving their organizational objectives and can express this as their risk tolerance. Risks affecting organizations can have consequences from economic performance impacts to professional reputation. In this course we discuss the RMF process which provides a disciplined, structured, and flexible process for managing security and privacy risk which includes information security categorization; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring. We also discuss how managing risk by identifying, assessing, and responding to risk helps organizations perform better in an environment full of uncertainty.
Cyber SCRM is the set of activities necessary to manage cybersecurity risk associated with external parties. More specifically, cyber SCRM addresses both the cybersecurity effect an organization has on external parties and the cybersecurity effect external parties have on an organization.
1 video
The core functions are a listing of categories, subcategories and informative references that describe specific cybersecurity activities common across all critical infrastructure sectors. They are not intended to form a serial path or lead to a static desired end state. Rather, the functions should be performed concurrently and continuously to form an operational culture that addresses the dynamic cybersecurity risk. This course describes the six framework core functions (Govern, Identify, Protect, Detect, Respond and Recover) and includes descriptions of categories, subcategories and informative references.
1 video
The CSF is designed to complement existing business and cybersecurity operations. It can serve as the foundation for a new cybersecurity program or a mechanism for improving an existing program. It provides a means of expressing cybersecurity requirements to business partners and customers. Additionally, it can help identify gaps in an organization’s cybersecurity practices. The course outlines the steps an organization can use to compare their current cybersecurity activities with those outlined in the CSF core through the creation of profiles to determine if it has opportunities to or needs to improve.
1 video
The CSF is designed to reduce risk by improving the management of cybersecurity risk to organizational objectives. Ideally, organizations using the Framework will be able to measure and assign values to their risk along with the cost and benefits of steps taken to reduce risk to acceptable levels. This course describes the importance of having a clear understanding of the organizational objectives, the relationship between those objectives and supportive cybersecurity outcomes, and how those discrete cybersecurity outcomes are implemented and managed to assist the organization in predicting whether a cybersecurity risk may occur, and the impact it might have.
1 video1 assignment
We asked all learners to give feedback on our instructors based on the quality of their teaching style.
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. Learn more at infosecinstitute.com.
Specialization
Infosec
Course
Course
Specialization
126 reviews
61.11%
24.60%
3.17%
2.38%
8.73%
Showing 3 of 126
Reviewed on Mar 22, 2024
Comprehensive overview of NIST Cyber Security Framework. Highly recommended!
Reviewed on May 4, 2022
Very straight forward. Would appreciate a quiz every week to review if we understood the lectures.
Reviewed on Mar 29, 2023
NIST CSFInfosec Thank you who contributed to building this course. I benefited from it a lot of valuable information
Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription
Earn a degree from world-class universities - 100% online
Upskill your employees to excel in the digital economy
Access to lectures and assignments depends on your type of enrollment. If you take a course in audit mode, you will be able to see most course materials for free. To access graded assignments and to earn a Certificate, you will need to purchase the Certificate experience, during or after your audit. If you don't see the audit option:
The course may not offer an audit option. You can try a Free Trial instead, or apply for Financial Aid.
The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.
When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile. If you only want to read and view the course content, you can audit the course for free.
If you subscribed, you get a 7-day free trial during which you can cancel at no penalty. After that, we don’t give refunds, but you can cancel your subscription at any time. See our full refund policy.
Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.