License Content to Launch You Own NCSF Program

License Content to Launch You Own NCSF Program

The NIST Cybersecurity Curriculum Consortium inaugural program NCSF-CFM, was built in partnership with UMass Lowell (UML) a NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R).

This innovative program created by Larry Wilson CISO in the UMass President’s office, is designed to teach the Knowledge, Skills and Abilities to Design and Build a Cybersecurity Program Based on the NIST Cybersecurity Framework using the UMass Controls Factory™ Model.

The UMass Controls Factory™ Model in a highly optimized approach to operationalizing the NIST Cybersecurity Framework and its controls (CIS 20 Critical Controls, ISO27002 etc.) across an enterprise and its supply chain.

The program teaches the knowledge, skills and abilities to:

    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF) and other cybersecurity programs (GDPR etc.)
    • Create a Cybersecurity Program that will become policy for an organization or industry association
    • Engineer a solution to operationalize the cybersecurity program across an enterprise and its supply chain using the UMass Lowell NCSF Controls Factory™ Model (NCSF-CFM)
    • Build and Operate a Security Operations Center (SOC) to continuously monitor and respond to changes in the cybersecurity profile documented in the cybersecurity program
    • Conduct continuous Business Risk assessments to compare the current profile against the target profile (documented in the program) to identify any gaps that need to be addressed
    • Prepare for the IT, Information Security and Business Skill certification exams outlined in the NICE Cybersecurity Workforce Framework (NCWF)

NCSF-CFM Curriculum Catalog

Curriculum options for the UMass Lowell NCSF-CFM program are listed below. Curriculum can be delivered as part of a university degree or continuing education program.

All programs come with a certificate of completion and continuing education credits, such as PDU and CEUs. Students who successfully complete the certification program and its exam and meet university requirements may transfer credits and enroll in one of UMass Lowell’s master’s degree programs in information technology, such as network security or cybersecurity.

Those interested in taking the courses may find that programs such as workforce development, the G.I. Bill, apprenticeships, internships, employers and others will fund their participation.

NCSF-CFM Foundation Certification Training with Exam – This one day program teaches the fundamentals of the NIST Cybersecurity Framework and the UMass Lowell Controls Factory™ Model. The program is targeted at IT and Business professionals who need a basic understanding of the NIST Cybersecurity Framework and its role within an organization. The program can be delivered in an instructor led classroom or virtual classroom or as a self-paced mentored video training or blended learning program. The NCSF-CFM Foundation Course Datasheet & Outline can be found here

NCSF-CFM Practitioner Certification Training with Exam – This four day program teaches the advanced skills necessary to engineer, operate and manage the business risk of a NIST Cybersecurity Framework program. The program is designed for IT and Business professionals who will play an active role in the design and management of an NCSF program. The program can be delivered in an instructor led classroom or virtual classroom or as a self-paced mentored video training or blended learning program. The NCSF-CFM Practitioner Course Datasheet & Outline can be found here

NCSF-CFM IT & Information Security Certification Video Training Library – This video training library provides access to 190+ video training programs to prepare for ISC2 (CISSP, SSCP etc.), ISACA (CISA, CISM), CompTIA (Security+ A+, Network+ Linux+ etc.), Mile2 (Certified Ethical Hacker, Pen Tester etc.), Cisco (CCNA etc.), Microsoft (MCSE etc.) VMware, PMI (PMP, RMP etc.), SCRUMstudy (SCRUM Master etc.), Axelos (ITIL, Prince2, RESILIA) and General Business Skills (Accounting, HR, Communication Skills etc.). The NCSF-CFM IT & Information Security Corse Datasheet and Outline can be found here

NCSF-CFM Boot Camp Certification Training with Exam – This five day boot camp combines the NCSF-CFM Foundation + Practitioner classes into a one week program. The program can be delivered in an instructor led classroom or virtual classroom or as a self-paced mentored video training or blended learning program with just one exam at the end. The NCSF-CFM Boot Camp Course Datasheet & Outline can be found here.

NCSF-CFM Boot Camp Certification Training with NCWF Certification Training Library –This five day boot camp combines the NCSF-CFM Foundation + Practitioner classes into a one week program. The program can be delivered in an instructor led classroom or virtual classroom or as a self-paced mentored video training or blended learning program with just one exam at the end. This program also provides 3 Months online access to the NCSF-CFM IT & Information Security Video Training Library The NCSF-CFM Boot Camp Course Datasheets & Outlines can be found above.

NIST Cybersecurity Framework Oceans 99 Simulation/Gamification Program Training – ½ Day Program Oceans 99 Course Datasheet & Outline can be found here

The UML NCSF-CFM program and its author have won the following industry awards:

  • Security Magazine’s Most Influential People in Security, 2016
  • SANS People Who Made a Difference in Cybersecurity Award, 2013
  • Information Security Executive (ISE) nominee for Executive of the Year for North America, 2013
  • ISE North America Project Award Winner I for the Academic and Public-Sector Category, 2013

More information on how to become an accredited UML NCSF-CFM delivery partner can be found here or by reaching out to rick.lemieux@itsmsolutions.com

About the Author

Larry Wilson | NCSF-CFM Author & Chief Information Security Officer UMass President’s Office

Larry Wilson is the Chief Information Security Officer (CISO) in the UMASS President’s office and is responsible for developing, implementing and managing the University of Massachusetts Information Security Policy and Written Information Security Program (WISP). The University program is based on a “Controls Factory” approach Larry created to help organizations operationalize the NIST Cyber Security Framework and its industry best practices (ISO 27001, SANS 20 Critical Controls etc.) across an enterprise and its supply chain. Larry’s approach has been implemented consistently across all five UMASS campuses plus six other universities in the Commonwealth of Massachusetts.

Prior to joining UMASS, Larry was the Vice President, Network Security Manager at State Street Bank. Larry’s industry experience includes IT audit manager for Deloitte Enterprise Risk Services (ERS) consulting practice. In this role he managed a staff responsible for developing and completing a Sarbanes Oxley compliance audit for MasterCard International.

Larry holds a Master of Science degree in Civil / Structural Engineering from the University of New Hampshire. His industry certifications include CISSP, CISA and ISA (PCI Internal Security Assessor). He serves on the Advisory Board for Middlesex Community College and CISO Advisory Board for Oracle. He co-chairs the Massachusetts State University and Community College Information Security Council, and serves as Certification Director for ISACA New England. Larry has been teaching CISA certification training for ISACA for 5 years
His major accomplishments include Finalist for Information Security Executive® (ISE®) of the Year for both the Northeast Region and North America; the SANS People who made a difference in Cybersecurity award in 2013 and one of the top two most influential people in cyber security as selected by Security Magazine in 2016.

Copyright © 2017 itSM Solutions LLC