The NIST Cybersecurity Framework
In May of 2017, The White House issued an Executive Order for “STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE,” which hold heads of executive departments and agencies (agency heads) accountable for managing cybersecurity risk to their enterprises.
Two key provisions of the executive order included:
- Effective immediately, each agency head shall use The Framework for Improving Critical Infrastructure Cybersecurity (the Framework) developed by the National Institute of Standards and Technology, or any successor document, to manage the agency's cybersecurity risk.
- Further, the United States seeks to support the growth and sustainment of a workforce that is skilled in cybersecurity and related fields as the foundation for achieving our objectives in cyberspace.
NIST Cybersecurity Framework Workforce Development & Certification
In partnership with itSM Solutions LLC and UMass Lowell a NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R), New Horizons is proud to offer a new cybersecurity workforce development program based on the NIST Cybersecurity Framework (NCSF). This innovative, cybersecurity workforce development program is built around an NCSF Controls Factory™ model created by Larry Wilson, the CISO in the university President’s office. The itSM/UMass program teaches individuals and organizations the knowledge, skills and abilities to engineer, instrument, test, maintain and continually improve an NCSF program.
The program and its author have won the following industry awards:
- Security Magazine’s Most Influential People in Security, 2016
- SANS People Who Made a Difference in Cybersecurity Award, 2013
- Information Security Executive (ISE) nominee for Executive of the Year for North America, 2013
- ISE North America Project Award Winner I for the Academic and Public Sector Category, 2013
IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSF) across an enterprise and its supply chain. The NCSF Practitioner program teaches the knowledge to prepare for the NSCF Practitioner exam plus the skills and abilities to design, build, test, manage and improve a cybersecurity program based on the NCSF.
Benefits of NIST Cybersecurity Framework (NCSF) Certification
All programs come with a certificate of completion and continuing education credits, such as PDU and CEUs. itSM students who successfully complete the certification and meet university requirements may transfer credits and enroll in one of UMass Lowell’s master’s degree programs in information technology, such as network security or cybersecurity.
For information on NIST Cybersecurity Framework, click here.
Get started today by reviewing the NCSF Certification levels and requirements below:
The NCSF Foundation Certification Course (Coming Soon)
This course covers current cybersecurity challenges and explains how organizations that implement an NCSF program can mitigate these risks. This program is focused on candidates who need a basic understanding of the NCSF to perform their daily jobs as executives, business professionals, or information technology professionals. Complete course outline is coming soon.
The NCSF Practitioner Certification Course
This course details the current cybersecurity challenges plus teaches in depth the UMass Lowell NCSF Control Factory Methodology on how to build, test, maintain and continually improve a cybersecurity program based on the NIST Cybersecurity Framework. This program is focused on candidates who need a detailed understanding of the NCSF to perform their daily roles as cybersecurity engineers, testers or operations professionals.
This course looks at cybersecurity risks and instructs students on the best approach to design and build a comprehensive technology focused cybersecurity program and business focused cyber-risk management program that will minimize risks, and at the same time, protect critical assets. Executives are keenly aware of the risks, but have limited knowledge on the best way to mitigate these risks. We will want to enable executives to answer the key question – Are we secure?
The class include lectures, informative supplemental reference materials, quizzes, exercises and tests. Outcomes and benefits from this class is a practical approach that students can use to build and maintain comprehensive cybersecurity and cyber-risk management programs.