• Classroom
  • Online, Instructor-Led
Course Description

NIST Cybersecurity Framework Workshop is a 2-day training that covers the key concepts of NIST Cybersecurity Framework is voluntary guidance, based on existing standards, guidelines, and practices for organizations to better manage and reduce cybersecurity risk.NIST Cybersecurity Framework Workshop helps organizations to manage and reduce risks and fosters risk and cybersecurity management communications amongst both internal and external organizational stakeholders.

Participants will learn about the Framework Implementation Tiers and how they assist organizations by providing context on how an organization views cybersecurity risk management: The Tiers guide organizations to consider the appropriate level of rigor for their cybersecurity program and are often used as a communication tool to discuss risk appetite, mission priority, and budget.Framework Profiles are an organization’s unique alignment of their organizational requirements and objectives, risk appetite, and resources against the desired outcomes of the Framework Core.

Learning Objectives

  • Understand the core principles and components of the NIST Cybersecurity Framework (CSF).
  • Identify and assess cybersecurity risks within an organization using the CSF.
  • Learn how to develop and implement a cybersecurity program based on the CSF.
  • Explore the five functions of the CSF: Identify, Protect, Detect, Respond, and Recover.
  • Gain insights into best practices for aligning cybersecurity efforts with business goals.
  • Examine case studies and real-world examples of successful CSF implementations.
  • Discuss the role of the CSF in enhancing overall cybersecurity posture and resilience.
  • Hands-on exercises to apply CSF concepts and methodologies in practical scenarios.
  • Receive guidance on leveraging the CSF for continuous improvement and adaptation to evolving threats.
  • Collaborate with peers to share experiences and insights related to CSF implementation.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • All-Source Analysis
  • Cyber Defense Analysis
  • Risk Management
  • Cyber Defense Infrastructure Support
  • Program/Project Management and Acquisition


If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.