Practitioner Training

Practitioner Training

The UMass Lowell NIST Cybersecurity Framework – Controls Factory Model™ (NCSF-CFM) training program was created by Larry Wilson the CISO in the UMass president’s office. The program was used to train the engineering, operations and business teams responsible for operationalizing the NIST Cybersecurity Framework Program controls (CIS 20 Critical Controls, ISO27001, NIST 800-53, NIST 800-171, PCI, AICPA etc.) across the university five campuses and its supply chain. The NCSF-CFM program has since been used to train other universities, governments and private corporations to do the same.
NCSF-CFM Controls Factory Overview

The program teaches the knowledge, skills and abilities to:

    • Develop a strategy to educate executives and board members about the NIST Cybersecurity Framework (NCSF) and why they should allocate funding to launch and maintain a program
    • Create a Cybersecurity Program that will become policy for an organization or industry association
    • Engineer a solution to operationalize the cybersecurity program across an enterprise and its supply chain using the UMass Lowell NCSF Controls Factory™ Model (NCSF-CFM)
    • Build and Operate a Security Operations Center (SOC) to continuously monitor and respond to changes in the cybersecurity profile documented in the cybersecurity program
    • Conduct continuous Business Risk assessments to compare the current profile against the target profile (documented in the program) to identify any gaps that need to be addressed
    • Prepare for the IT, Information Security and Business Skill certification exams outlined in the NICE Cybersecurity Workforce Framework (NCWF)

The NCSF-CFM program and its author have won the following industry awards:

  • Security Magazine’s Most Influential People in Security, 2016
  • SANS People Who Made a Difference in Cybersecurity Award, 2013
  • Information Security Executive (ISE) nominee for Executive of the Year for North America, 2013
  • ISE North America Project Award Winner I for the Academic and Public-Sector Category, 2013

NIST Cybersecurity Framework Classroom and Video Certification Training Programs

NCSF-CFM Foundation Certification Training – This one day classroom or four-hour self-paced video training program teaches the fundamentals of the NIST Cybersecurity Framework (NCSF) and the UMass Lowell Controls Factory™ Model, a methodology to operationalize the NIST Cybersecurity Framework across an enterprise and its supply chain.

NCSF Foundation Syllabus & Outline
NCSF Foundation Exam and Credit FAQ’s
NCSF Foundation Video Sample

NCSF-CFM Practitioner Certification Training – This 4 day or ten-hour self-paced video training program teaches the advanced skills necessary to engineer, implement, test and maintain the technology and business controls associated with a NIST Cybersecurity Framework program based and the UMass Controls Factory™ Model.

NCSF Practitioner Syllabus & Outline
NCSF Practitioner Exam and Credit FAQ’s
NCSF Practitioner Video Sample

NCSF-CFM Practitioner Boot Camp Certification Training – This five day or 14 hour video training boot camp combines the NCSF-CFM Foundation + Practitioner classes into a one week program. The program can be delivered in a classroom, virtual classroom or as a self-paced video program.

NCSF-CFM Boot Camp Course Datasheet & Outline
NCSF Boot Camp Exam and Credit FAQ’s

Course Credits

Most programs come with a certificate of completion and continuing education credits, such as PDU and CEUs. Students who successfully complete the certification program and its exam and meet university requirements may transfer credits and enroll in one of UMass Lowell’s master’s degree programs in information technology, such as network security or cybersecurity. Those interested in taking the courses may find that programs such as workforce development, the G.I. Bill, apprenticeships, internships, employers and others will fund their participation.


Copyright © 2017 itSM Solutions LLC


Share with your Friends