NIST cybersecurity framework csf 

Get trained and certified in implementing and managing the NIST Cybersecurity Framework

The NIST Cybersecurity Framework provides a policy framework of computer security guidance for how public and private sector organizations in the United States and around the world can assess and improve their ability to prevent, detect, and respond to cyber attacks. The framework has been translated to many languages, and is used by the governments of Japan and Israel, among others. It is now the go-to playbook for countless organizations for building a robust data protection strategy. It’s structured along five core functions — Identify, Protect, Detect, Respond and Recover — each of which captures and curates the essential goals and actions that should be prioritized across the cybersecurity lifecycle. 

What does NIST CSF deliver for an organization?

The CSF helps make sense of what to do before, during, and after an incident: from shedding light on your data ecosystem and where the vulnerabilities lie; to locking down sensitive data and remediating known risks; to detecting malicious activity and meeting the threat with consistent and repeatable processes; to finally recovering through the quarantine of corrupted data, monitoring of ongoing threat activity, protocol adjustment and related steps. 

The beauty is that all this guidance and wisdom comes in the form of a few strategic guidelines that are intuitive and accessible to a wide range of practitioners. Of course, not everything about NIST is voluntary for all organizations (U.S. government contractors, for example, must demonstrate security compliance under NIST 800-171 or risk losing their contracts), and regulations are always changing. That’s why the CSF is still the roadmap — not the engine — to drive your organization toward the most secure data and architectures possible.

A short list of benefits and deliverables includes:

• Superior and unbiased cyber security
• Enables long-term cybersecurity and risk management
• Ripple effects across supply chains and vendor lists
• Bridges the gap between technical and business side stakeholders
• Flexibility and adaptability of the Framework
• Built for future regulation and compliance requirements

Certified NIST CSF Lead Implementer™

The Certified NIST CSF LI certification certifies your ability to implement the formal structure, governance, and policy of a robust cybersecurity framework following internationally recognized and respected NIST best practices and standards. 

Upon completion of this training and certificate program, you will:

• be equipped with knowledge and skills required to manage, monitor, and improve NIST Cybersecurity Framework policy and program in line with the NIST CSF 1.1 and related standards of best practice;
• expand your cybersecurity competency;
• be prepared to integrate a robust NIST CSF program into an ISO 27001 Information Security Management System (ISMS)
• increase your credibility through gaining international recognition; and
• improve your résumé and help to increase your earning potential.

Getting certified is easy, and can be accomplished completely online. The NIST CSF LI certification is available to qualified candidates who:

1. Are a member of CIS in good standing. If you are not already an Associate member of the CIS certification student body, you must first become a member to pursue the NIST CSF LI credential.
2. Attend the required course, live or online, CIS' NIST CSF Lead Implementer training.
   
3. Pass the Certified NIST CSF Lead Implementer Exam. For Lead Implementer certification, candidates must pass exam #CSF101. The exam is administered online and can be taken at your convenience at your home or work through the CIS eLearning Center, where your progress and score are monitored and recorded centrally. Your exam results are provided automatically upon completion of your exam.
4. Complete and submit your NIST CSF LI certification application to the Certification Department at certification@certifiedinfosec.com. Certification applications are available for download at www.certifiedinfosec.com/services/certification-programs/cis-professional-certification-program/certification-kit-brochures-and-applications.

Your digital credentials

You will officially become certified (certificated) once your exam results and required documentation are validated and approved by the certification committee.

Your digital credential certificates and badges will be processed and emailed to you within 10 business days following the receipt of the required documentation. Learn more about CIS' digital certificates and badges.

Certification maintenance and renewal requirements can be viewed at www.certifiedinfosec.com/services/certification-programs.

Upgrade Paths: Certified ISO 27001 Internal Controls Architect, Certified ISO 27001 Internal Controls Architect, and Certified ISO 27001 Lead Auditor™

Certified Information Security is authorized to provide all required training and exams for Certified NIST CSF Lead Implementer certification. NIST CSF Lead Implementer certification candidates must successfully complete: 

• CIS' NIST CSF Lead Implementer training

ISO NIST CSF Lead Implementer certification requires successful completion of one exam - CSF101.

Required Exam: CSF101

Exam #CSF101 maps to NIST CyberSecurity Framework and related standards content areas taught in "Certified NIST CSF Lead Implementer"

• Required  for NIST CSF Lead Implementer certification
• Number of questions: 65
• Passing score: 75%
• Time limit: 70 minutes

CSF101 Content Areas

1. Framework Core Functions
   1. Identify
   2. Protect
   3. Detect
   4. Respond
   5. Recover
2. Framework Implementation Tiers (Cybersecurity Risk Management)
3. Framework Profiles
4. Converging the CSF Framework into an ISO 27001 Information Security Management System

Qualified experience

Certified NIST CSF LI is an entry-level certification. No previous experience is required.