THE NIST CYBERSECURITY FRAMEWORK

CyberSecurity-free-resources-animation

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) created the NIST Cybersecurity Framework in response to Presidential Executive Order (EO) 13636, Improving Critical Infrastructure Cybersecurity. The Framework, developed in collaboration with industry, provides guidance to organisations to better manage and reduce cybersecurity risk. The NIST Cybersecurity Framework Core presents key cybersecurity outcomes identified by industry as helpful in managing cybersecurity risk. The Core comprises four elements: Functions, Categories, Subcategories, and Informative References.

New Horizons offers a specialised workforce training option for IT and Cybersecurity professionals looking to become certified on how to operationalise the NIST Cybersecurity Framework (NCSF) across an enterprise and its supply chain. New Horizons also offers industry cybersecurity certification training options to build your workforce’s knowledge, skills, and abilities, and that correspond to the NIST Cybersecurity Framework Core areas which are listed in the NIST Cybersecurity Framework Core function areas below.

NIST-CyberSecurity-framework

1: Indentify

The activities in the Identify Function are foundational for effective use of the Framework. Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enables an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs.

Outcome Categories include:

  • Asset Management
  • Business Environment
  • Governance
  • Risk Assessment
  • Risk Management Strategy

EC-Council Certified Ethical Hacker (CEH)

Who Should Attend
The Certified Ethical Hacking course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

What Is This Course About?
In 18 comprehensive modules, the course covers 270 attack technologies, commonly used by hackers. Throughout the CEH course, you will be immersed in a hacker's mindset, evaluating not just logical, but physical security.

View course outline and dates

CompTIA Cybersecurity Analyst (CySA+)

Who Should Attend
IT professionals with (or seeking) job roles such as IT Security Analyst, Security Operations Center (SOC) Analyst, Vulnerability Analyst, Cybersecurity Specialist, Threat Intelligence Analyst, and Security Engineer.

What Is This Course About?
CompTIA’s Cybersecurity Analyst (CySA+) training from New Horizons teaches students to apply behavioral analytics to improve the overall state of IT security, providing critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.

View course outline and dates

Certified Information Systems Auditor (CISA)

Who Should Attend
The intended audience for this course is information systems security professionals, internal review auditors, and other individuals who have an interest in aspects of information systems audit, controls, and security.

What Is This Course About?

In this course, students will evaluate organizational policies, procedures, and processes to ensure that an organizations information systems align with its overall business goals and objectives.

View course outline and dates

Certified Information Security Manager (CISM)

Who Should Attend
The intended audience for this course is information systems security professionals, and other individuals who have an interest in aspects of information security management and oversight.

What Is This Course About?
In this course, students will establish processes to ensure that information security measures align with established business needs.

View course outline and dates

Certified Information System Security Professional (CISSP)

Who Should Attend
This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all 10 CISSP CBK domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. The CISSP exam is intentionally difficult and should not be taken lightly. Even students with years of security experience should assume that they will have additional study time after class. Because the domains are so varied, it is unlikely that any one student will have experience in all 10 domains.

What Is This Course About?
In this course, students will analyze a wide range of information systems security subjects that are organized into 10 domains for CISSP exam certification.

View course outline and dates

COBIT 5 Foundation

Who Should Attend
This course is for business managers, chief executives, IT/IS auditors, internal auditors, information security and IT practitioners; consultants, IT/IS managers requiring an insight into the enterprise governance of IT and eventual certification as a COBIT implementer or assessor.

What Is This Course About?
This is course uses a combination of lecture, group discussions, quizzes and sample exams to provide the student with a foundational understanding of the essential aspects of COBIT 5.

View course outline and dates

4: Respond

The Respond Function supports the ability to contain the impact of a potential cybersecurity event.

Outcome Categories include:

  • Recovery Planning
  • Improvements
  • Communications

EC-Council Computer Hacking Forensics Investigator (CHFI)

Who Should Attend
The CHFI course will benefit police and other laws enforcement personnel, defense and military personnel, e-Business security professionals, systems administrators, legal professionals, banking, insurance and other professionals, and those who work for or with government agencies.

What Is This Course About?
This course will provide participants the necessary skills to identify an intruders footprints and to properly gather the necessary evidence to prosecute in the court of law.

View outline and course dates

CyberSec First Responder: Threat Detection and Response

Who Should Attend
This course is designed for IT professionals who perform job functions related to the development, operation, management, and enforcement of security capabilities for systems and networks.

Course About?

In this course, students develop, operate, manage, and enforce security capabilities for systems and networks, including assessing information security risk in computing and network environments, designing and operating secure computing and network environments, and collecting cybersecurity intelligence information.

View outline and course dates

Securing Cisco Networks with Threat Detection and Analysis (SCYBER)

Who Should Attend
This course is designed for technical and security professionals who need to know how to monitor, analyze, and respond to network security threats and attacks.

What Is This Course About?
This course is designed to teach students how a network security operations center (SOC) works and how to begin to monitor, analyze, and respond to security threats within the network.

View outline and course dates

CSX Practitioner: Respond and Recover

Who Should Attend
The Respond and Recover course is ideal for individuals in the field of cybersecurity who are interested in gaining hands-on technical skills.

What Is This Course About?
The final course in the CSX Practitioner series provides hands-on instruction in the Respond and Recover domains. With course lecture backed up by lab sequences, students will learn how to apply professional methodology to respond and recover from network incidents or disasters. Students will discover how to contain an event and protect assets and infrastructure, and learn the components and procedures required for a comprehensive incident response plan.
The Respond domain shows students the basic concepts, methods and tools required to draft and execute comprehensive incident response plans, provide proper isolation response documentation, and how to document and maintain information related to Incident Response.
In the Recover domain, students will master the basic concepts, methods and tools required to recuperate a system or network, as well as learn how to implement continuity and contingency plans.

View outline and course dates

5: Recover

The Recover Function supports timely recovery to normal operations to reduce the impact from a cybersecurity event.

Outcome Categories include:

  • Recovery Planning
  • Improvements
  • Communications

Certified Information Security Manager (CISM)

Who Should Attend
The intended audience for this course is information systems security professionals, and other individuals who have an interest in aspects of information security management and oversight.

What Is This Course About?
In this course, students will establish processes to ensure that information security measures align with established business needs.

View outline and course dates

Certified Information System Security Professional (CISSP)

Who Should Attend
This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all 10 CISSP CBK domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. The CISSP exam is intentionally difficult and should not be taken lightly. Even students with years of security experience should assume that they will have additional study time after class. Because the domains are so varied, it is unlikely that any one student will have experience in all 10 domains.

Course About?

In this course, students will analyze a wide range of information systems security subjects that are organized into 10 domains for CISSP exam certification.

View outline and course dates

CompTIA Advanced Security Practitioner (CASP)

Who Should Attend
This course is designed for IT professionals who want to acquire the technical knowledge and skills needed to conceptualize, engineer, integrate, and implement secure solutions across complex enterprise environments. The target student should aspire to apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement sustainable security solutions that map to organizational strategies; translate business needs into security requirements; analyze risk impact; and respond to security incidents. This course is also designed for students who are seeking the CompTIA Advanced Security Practitioner (CASP) certification and who want to prepare for Exam CAS-002. Students seeking CASP certification should have at least 10 years of experience in IT management, with at least 5 years of hands-on technical security experience.

What Is This Course About?
In this course, you will expand on your knowledge of information security to apply more advanced principles that will keep your organization safe from the many ways it can be threatened. This course prepares students for the CAS-002 exam.

View outline and course dates

CSX Practitioner: Respond and Recover

Who Should Attend
The Respond and Recover course is ideal for individuals in the field of cybersecurity who are interested in gaining hands-on technical skills.

What Is This Course About?
The final course in the CSX Practitioner series provides hands-on instruction in the Respond and Recover domains. With course lecture backed up by lab sequences, students will learn how to apply professional methodology to respond and recover from network incidents or disasters. Students will discover how to contain an event and protect assets and infrastructure, and learn the components and procedures required for a comprehensive incident response plan.
The Respond domain shows students the basic concepts, methods and tools required to draft and execute comprehensive incident response plans, provide proper isolation response documentation, and how to document and maintain information related to Incident Response.
In the Recover domain, students will master the basic concepts, methods and tools required to recuperate a system or network, as well as learn how to implement continuity and contingency plans.

View outline and course dates