Course Description (from the course website)
In SEC566, students will learn how an organization can defend its information by using Version 8 of the CIS Critical Controls updated in May 2021. Students will also learn how to merge security control requirements defined by NIST SP 800-171 and the Cybersecurity Maturity Model Certification (CMMC) into a cohesive strategy to defend their organization while complying with industry standards.
What You Will Learn
Building and Auditing Critical Security Controls
Cybersecurity attacks are increasing and evolving so rapidly that it is more difficult than ever to prevent and defend against them. Does your organization have an effective method in place to detect, thwart, and monitor external and internal threats to prevent security breaches?
In addition to defending their information systems, many organizations have to comply with a number of cybersecurity standards and requirements as a prerequisite for doing business. Dozens of cybersecurity standards exist throughout the world and most organizations must comply with more than one such standard. Is your organization prepared to comply and remain in compliance?
SEC566 will enable you to master the specific and proven techniques and tools needed to implement and audit Version 8 of the CIS Controls as documented by the Center for Internet Security (CIS), as well as those defined by NIST SP 800-171 and the Cybersecurity Maturity Model Certification (CMMC). Students will learn how to merge these various standards into a cohesive strategy to defend their organization and comply with industry standards.
THIS COURSE WILL PREPARE YOU TO:
- Apply a security framework based on actual threats that is measurable, scalable, and reliable in stopping known attacks and protecting organizations’ important information and systems
- Understand the importance of each control and how it is compromised if ignored, and explain the defensive goals that result in quick wins and increased visibility of network and systems
- Identify and use tools that implement controls through automation
- Create a scoring tool to measure the effectiveness of each controls the effectiveness of each control
- Employ specific metrics to establish a baseline and measure the effectiveness of security controls
- Understand how critical controls map to standards such as the NIST Cybersecurity Framework, NIST SP 800-171, the CMMC, and more
- Audit each of the CIS Critical Controls, with specific, proven templates, checklists, and scripts provided to facilitate the audit process
