Call Us (03) 2035 9258
Call Us (03) 2035 9258
 
This course is presented as Live Virtual Training. Click for more details.

NIST Cybersecurity
Understand and apply the NIST Framework

In today’s increasingly digital world, organisations face growing challenges in securing their information systems and ensuring compliance with regulatory standards. NIST publications such as NIST SP 800-12, NIST SP 800-53, NIST RMF, NIST SP 800-171, and the NIST Cybersecurity Framework offer comprehensive guidelines and best practices for establishing robust cybersecurity measures.

Implementing these frameworks helps organisations enhance their cybersecurity posture, manage risks effectively, and maintain compliance with federal requirements.

Through in-depth guidance on NIST publications, participants learn to tackle complex security challenges, applying frameworks to build robust cybersecurity programs that align with organisational goals. The course also provides practical expertise to prevent, detect, and respond to cyber threats efficiently, integrating best practices and standards to create a cohesive security approach.

Upon completing the course, participants will be eligible to take the exam. Those who pass the exam will be awarded the globally recognized "PECB Certified NIST Cybersecurity Consultant" credential.

Learning outcomes

Upon completion of this training course, participants will be able to:

  • Discuss fundamental cybersecurity principles and concepts, including confidentiality, integrity, and availability, and
    how these principles are applied to protect information systems
  • Explain key NIST publications, including NIST SP 800-12, NIST SP 800-53, the Risk Management Framework, NIST SP
    800-171, and the NIST Cybersecurity Framework, and apply their guidance and requirements
  • Implement a process to effectively monitor, assess, and manage security controls based on NIST publications
  • Apply structured risk management techniques to identify, assess, and prioritize cybersecurity risks
  • Develop risk mitigation strategies and implement risk treatment plans that align with NIST’s risk management recommendations, ensuring a balanced approach to risk reduction and resource allocation
  • Design a cybersecurity program that aligns with the organisation’s strategic goals and addresses specific
    security requirements

Who should attend

This training course is intended for:

  • Executives or directors responsible for overseeing cybersecurity initiatives within their organisations
  • System administrators and network engineers seeking a deeper understanding of security controls and risk management processes to adhere to NIST security standards
  • Professionals involved in the development and implementation of cybersecurity programs
  • Consultants and advisors who provide cybersecurity and compliance services, ensuring they stay up to date with the latest NIST frameworks and best practices
  • Digital forensics and cybercrime investigators who need to understand the technical and regulatory aspects of cybersecurity frameworks to investigate and respond to security incidents comprehensively
  • Individuals working in cybersecurity or information security who aim to enhance their understanding of NIST guidelines and develop practical skills in managing cybersecurity risks

Course contents

Session 1 Introduction to NIST cybersecurity standards and principles
  • Training course objectives and structure
  • Cybersecurity frameworks and standards
  • Introduction to NIST and its role in cybersecurity
  • Introduction to cybersecurity
  • The organisation and its context
  • Cybersecurity program roles and responsibilities
  • Cybersecurity policy
 
Session 2 Risk management strategy and supply chain risk management
  • Risk management strategy
  • Supply chain risk management
  • Asset management
  • Improvement
 
Session 3 Selecting security controls, awareness and training, and continuous monitoring
Security control selection

Awareness and training

 Security measures

Security continuous monitoring
 
Session 4 Cybersecurity incident management, monitoring, and continual improvement
 
  • ICT readiness in business continuity
  • Cybersecurity incident management
  • Testing in cybersecurity
  • Measuring and reporting cybersecurity performance and metrics
  • Continual improvement
 

Course fees

Fees per person

NIST Cybersecurity Framework Practitioner® (5 days)

  • MYR 8400 + sst
Course fees include:
  • High Quality Course presentation
  • ALC comprehensive course workbook
  • Certificate exam at end of Day 5

Examination

  • Duration - 3 Hours
  • Multiple Choice
  • 80 Questions
  • Open Book

This is an open-book exam. The candidate is allowed to use the following reference materials:

  • A hard copy of the NIST Cybersecurity Framework
  • Training course materials (accessed through the PECB Exams app and/or printed)
  • Any personal notes taken during the training course (accessed through the PECB Exams app and/or printed)

The “Certified NIST Cybersecurity Consultant” exam meets the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:

Domain 1  |   Fundamental principles and concepts of cybersecurity
Domain 2  |   Planning an organisational strategy in cybersecurity
Domain 3  |   Implementing a cybersecurity program and security controls
Domain 4  |   Cybersecurity incident management
Domain 5  |   Cybersecurity incident response

For specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.

Exam Retake Policy 

There is no limit to the number of times a candidate can retake an exam. However, there are certain limitations in terms of the time span between exam retakes.

  • If a candidate does not pass the exam on the 1st attempt, s/he must wait 15 days after the initial date of the exam for the next attempt (1st retake).

To arrange exam retakes, based on exam format, candidates that have completed a training course, must follow the steps below:

  1. Online Exam: when scheduling the exam retake, use initial coupon code to waive the fee
  2. Paper-Based Exam: candidates need to contact the PECB Partner who has initially organized the session for exam retake arrangement (date, time, place, costs).

Certification

After successfully passing the exam, participants can apply for one of the credentials shown in the table below.
Participants will receive the certificate once they comply with all the requirements related to the selected credential.

Credential Exam Professional
experience		 Cybersecurity program experience Other requirements
PECB Certified Provisional NIST Cybersecurity Consultant PECB Certified NIST Cybersecurity Consultant exam None None Signing the PECB Code of Ethics
PECB Certified NIST Cybersecurity Consultant 5 years
(2 in cybersecurity)		 300 hours