SEC575 - Information Security Continuous Monitoring (ISCM) Training

Course Description

Short Course | 18 hours | 1.8 CEUs | $2,385

ISCM was developed by the US National Institute of Standards and Technology (NIST). NIST provides detailed guidance on implementing a risk management framework. It also provides a detailed and broad control set for federal agencies to adopt— though any organization can adopt the controls as standards. There are lessons to be learned and technology improvements that can be implemented in any industry, such as finance, utilities, health care, and more. A combination of the risk management framework, control set and the continuous monitoring implementation guidance can be used to set up acceptable continuous monitoring plan. In this course students explore new guidance, policy and procedures for implementing a well- developed and thorough strategy for building a continuous monitoring program IAW SP 800-137, 800-39, 800-55, 800-128, 800-37 (Rev. 2), and 800-53 (Rev. 5). Topics include roles and responsibilities, establishment and implementation of the ISCM strategy, analysis and reporting of findings, and program review in accordance with NIST Special Publication (SP) 800-137.

Students will gain thorough knowledge of the theory and policy background underlying continuous monitoring as well as the practical knowledge needed for effective implementation.

SEC575 is the third course in the Government Cybersecurity RMF Specialist. To complete the certificate students will also enroll in SEC525, & SEC550. Click on each course link for more details and to add to cart.

Course Outline

• Introduction to Continuous Monitoring (NIST SP 800-137)
  • Overview/Objectives
  • Key Terms
  • Why Continuous Monitoring?
  • Overview of Continuous Monitoring Process
  • Organization-wide view of ISCM
  • ISCM Roles and Responsibilities
• Continuous Monitoring and Other NIST Guidance
  • NIST SP 800-39 – Risk Management Process
  • NIST SP 800-55 – Defining Organizational Metrics and Measurements
  • NIST SP 800-128 – Security Configuration Management for Information Systems
  • NIST SP 800-37, Rev. 1 – NIST Risk Management Framework
  • NIST SP 800-53, Rev. 4 – Security Control Catalogue
• ISCM Process – NIST SP 800-137
  • Step 1 – Define Strategy
  • Step 2 – Establish ISCM program
  • Step 3 – Implement
  • Step 4 – Analyze and Report
  • Step 5 – Respond to Findings
  • Step 6 – Review and Update
• The Fundamentals – Ongoing Monitoring in Support of Risk Management
  • Organization-wide View of Continuous Monitoring
  • Ongoing System Authorizations
  • Role of Automation in Continuous Monitoring
  • Technologies for Enabling ISCM
• Building a Continuous Monitoring Program
  • Define Continuous Monitoring Strategy
  • Establish an ISCM Program
• Implementing and Maintaining a Continuous Monitoring Program
  • Implement a Continuous Monitoring Program
  • Analyze Data and Report Findings
  • Respond to Findings
  • Review and Update the Monitoring Program and Strategy
• Supporting Technologies
  • Security Automation Domains
  • Security Information and Event Management (SIEM)
  • Security Content Automation Protocol (SCAP)
  • Reference Data Sources
    • National Vulnerability Database
    • Security Configuration Checklists
• ISCM Reference Model

Duration

Applies Towards the Following Certificates

• Cybersecurity Risk Management Certificate- 72 Hour : Required
• Government RMF Specialist Certificate : 72 Hour Certificate