What is included?

• You have 12 months time as of reception of the learning material to learn, do the exam and get your certification
  
• Certification and examination fees are included in the price of the training course 
• Participants will be provided with the training course material containing over 450 pages of explanatory information, examples, best practices, exercises, and quizzes
  
• An Attestation of Course Completion worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course. 
• In case candidates do not pass the exam, they are entitled to a free retake within 12 months from the date the coupon code is received  
• + 20% reduction on the first year subscription for our all-in-one ISMS/GRC management solution

Why should you take this training course?

In today’s increasingly digital world, organizations face growing challenges in securing their information systems and ensuring compliance with regulatory standards. NIST publications such as NIST SP 800-12, NIST SP 800-53, NIST RMF, NIST SP 800-171, and the NIST Cybersecurity Framework offer comprehensive guidelines and best practices for establishing robust cybersecurity measures. Implementing these frameworks helps organizations enhance their cybersecurity posture, manage risks effectively, and maintain compliance with federal requirements.

Through in-depth guidance on NIST publications, participants learn to tackle complex security challenges, applying frameworks to build robust cybersecurity programs that align with organizational goals. The course also provides practical expertise to prevent, detect, and respond to cyber threats efficiently, integrating best practices and standards to create a cohesive security approach. 

Upon completing the course, participants will be eligible to take the exam. Those who pass the exam will be awarded the globally recognized "PECB Certified NIST Cybersecurity Consultant" credential.

Who should attend?

This training course is intended for: 

• Executives or directors responsible for overseeing cybersecurity initiatives within their organizations
• System administrators and network engineers seeking a deeper understanding of security controls and risk management processes to adhere to NIST security standards
• Professionals involved in the development and implementation of cybersecurity programs
• Consultants and advisors who provide cybersecurity and compliance services, ensuring they stay up to date with the latest NIST frameworks and best practices 
• Digital forensics and cybercrime investigators who need to understand the technical and regulatory aspects of cybersecurity frameworks to investigate and respond to security incidents comprehensively
• Individuals working in cybersecurity or information security who aim to enhance their understanding of NIST guidelines and develop practical skills in managing cybersecurity risks

Training course structure

Module 1 | Introduction to NIST cybersecurity standards and principles

• Training course objectives and structure
• Cybersecurity frameworks and standards
• Introduction to NIST and its role in cybersecurity
• Introduction to cybersecurity
• The organization and its context
• Cybersecurity program roles and responsibilities
• Cybersecurity policy

Module 2 | Risk management strategy and supply chain risk management

• Risk management strategy
• Supply chain risk management
• Asset management
• Improvement

Module 3 | Selecting security controls, awareness and training, and continuous monitoring

• Security control selection
• Awareness and training
• Security measures
• Security continuous monitoring

Module 4 | Cybersecurity incident management, monitoring, and continual improvement

• ICT readiness in business continuity
• Cybersecurity incident management
• Testing in cybersecurity
• Measuring and reporting cybersecurity performance and metrics
• Continual improvement
• Closing of the training course

Module 5 | Certification Exam

Learning objectives

 By the end of this training course, the participants will be able to:

• Discuss fundamental cybersecurity principles and concepts, including confidentiality, integrity, and availability, and how these principles are applied to protect information systems
• Explain key NIST publications, including NIST SP 800-12, NIST SP 800-53, the Risk Management Framework, NIST SP 800-171, and the NIST Cybersecurity Framework, and apply their guidance and requirements
• Implement a process to effectively monitor, assess, and manage security controls based on NIST publications
• Apply structured risk management techniques to identify, assess, and prioritize cybersecurity risks
• Develop risk mitigation strategies and implement risk treatment plans that align with NIST’s risk management recommendations, ensuring a balanced approach to risk reduction and resource allocation
• Design a cybersecurity program that aligns with the organization’s strategic goals and addresses specific security requirements

Examination

The “Certified NIST Cybersecurity Consultant” exam meets the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:

• Domain 1: Fundamental principles and concepts of cybersecurity
• Domain 2: Planning an organizational strategy in cybersecurity 
• Domain 3: Implementing a cybersecurity program and security controls
• Domain 4: Cybersecurity incident management 
• Domain 5: Cybersecurity incident response
  

Duration: 3 hours
Location: Online through the PECB app OR in person in one of the PECB exam centers
Preparation: PECB Exam Preparation Guides
Language: The exam is available in multiple other languages and does not need to be taken in the same language as the training material. Additional time can be requested when your native language is not available in your mother tongue (to be requested by candidates on the exam day)
Retake: In case you fail the exam, you can retake it within 12 months following the initial attempt for free

For specific information about the exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.

Certification

After successfully passing the exam, you can apply for the respective credential. You will receive the certificate once you comply with all the requirements of this certification.

The requirements for PECB Certified NIST Cybersecurity Consultant certifications are as follows:

To be considered valid, these activities should follow best cybersecurity management practices and include the following:

1. Assisting in applying the NIST guidelines and controls 
2. Providing guidance on incident response and crisis management in accordance with NIST guidelines
3. Designing security awareness and training programs to educate employees about cybersecurity risks, compliance requirements, and best practices recommended by NIST
4. Establishing mechanisms to monitor security controls and processes, including regular reviews and assessments
5. Conducting thorough risk assessments using the NIST Risk Management Framework to identify and prioritize cybersecurity risks

For more information about PECB certifications and the PECB certification process, please refer to the Certification Rules and Policies.

Contact us on training@brainframe.com if you have other questions