The Cyber Readiness Center brings global executive expertise to this leading training for Cybersecurity & Compliance implementation success. CRC has refined this knowledge into an easy, two month education program, with complete video presentations, information, and resources based on best practices to bring your company or organization to full cybersecurity readiness.
About
This affordable package is an 8-week, on-line training program that you can attain from the comfort of your office, home or wherever you’re wi-fi connected.
GUIDED Package – Course Outline:
Week 1 – Setting the Stage.
Week 1 is an introductory to the course, an explanation of our approach, a preview of what attendees will be learning and doing, setting the ground-rules and baseline as well as exploring some foundational material including a look at what it takes to become cyber secure, a look at control environments and frameworks that can assist in becoming compliant, as well as understanding how IT auditors and security professionals approach an environment.
Week 2 – NIST CSF – Identify Stage.
During week 2, attendees start the deep-dive process within the NIST CyberSecurity Framework and focus attention on the first domain—Identify. Enrollees will identify controls that focus on areas such as asset management, overall corporate and IT governance, the business environment for which the organization takes part in as well as the overall risk assessment process.
Week 3 & 4 – NIST CSF – Protect Stage.
Familiar and probably aligned with most individual’s preconceived notions about CyberSecurity, weeks 3 and 4 go in-depth into the 2nd domain within the NIST CSF exploring the control objectives surrounding how the organization protects its digital assets. We explore access controls, data security, user awareness and general information protection. Participants will be heavily engaged in evaluating and designing appropriate controls to meet the control objectives and will have several exercises and access to a library of support tools and templates specific to completing these exercises. Upon completion of these two weeks, the organization will have a very good understanding of what controls it has in-place or need to have put in-place to adequately protect it’s environment.
Week 5 – NIST CSF – Detect Stage.
Following closely on the heels of the Protect domain, this week explores the controls an organization should have in-place to timely and efficiently detect anomalies within the environment. The goal is to significantly reduce the average time to detection from months (world-wide, industry agnostic, that average is 7 ½ months) down to hours. We explore why the philosophy needs to change from “If” to “When” an event occurs, what organizations need to do for effectively detecting the incident—including what things should be monitored, effective vulnerability management tools and establishing responsibility around detection.
Week 6 – NIST CSF – Respond Stage.
So you’ve identified a security incident. Great! Now what? That’s exactly what week 6 is all about. We explore a wide range of topics including: communication between management and the technical staff involved, proactive steps that can be taken before there’s ever an incident to investigate as well as how to conduct an effective incident response. You have a written Incident Response Plan, right? Well, you will after week 6!
Week 7 – NIST CSF – Recovery Stage.
Statistically, over half of the organizations that suffer a significant security incident are out of business within 6 months. Nearly all of these organizations had not plan for how to proceed to recover from the incident. Coincidence? We think not. You’ve heard the old adage…failing to plan is planning to fail. Week 7 is all about improving your odds and putting into place the resources that you need that will help you succeed and to do this before they’re ever needed. You will learn what resources are available, how they should be engaged, and how to negotiate for better rates and faster access to these resources right when they’re needed the most. All in all, this week is about succeeding in the face of adversity and because you’re putting these things in-place well before you’ll ever need them, it increases your chances of pulling through with minimal damage.
Week 8 – Putting it All Together.
This is where we take everything we’ve learned and put it to use. During week 8 we will be looking at some of the business decisions that should be made along with how to make what we’ve learned repeatable and just part of the organization’s modus operandi. We will explore how we’ll use the information to put together a prioritized plan that will be followed, how to convert this to an on-going process and even look at things like establishing a budget and justifying the investment to ownership and Executive Management.
“I really think that if we change our own approach and thinking about what we have available to us, that is what will unlock our ability to truly excel in security. “
— Greg York, VP, Information Security, Tribune Media,
at SecureWorld Chicago
How Do I Get Started?
It’s easy as 1-2-3!
1. Register to gain access to the CRC Training Center.
2. Watch the weekly videos online at your own pace and time during the week.
3. Complete the Exercises after each module.
Upon completion, you’ll have all the knowledge in your wheel-house to implement a comprehensive Compliance and Cybersecurity program for your company or organization.