Home Specialist skills Security SEC566: Implementing and Auditing Security Frameworks and Controls

SEC566: Implementing and Auditing Security Frameworks and Controls

Learn to apply a security framework based on actual threats that is measurable, scalable and reliable in stopping known attacks and protecting organizations' important information and systems
Identify and use tools that implement controls through automation
Employ specific metrics to establish a baseline and measure the effectiveness of security controls
Understand map critical controls to standards such as the NIST Cybersecurity Framework, NIST SP 800-171, the CMMC and more
Negotiate business transactions in the ever-changing cyber world

Overview

Off the shelf (OTS)

High-profile cybersecurity attacks indicate that offensive attacks are outperforming defensive measures. Cybersecurity engineers, auditors, privacy and compliance team members are asking how they can practically protect and defend their systems and data and how they should implement a prioritized list of cybersecurity hygiene controls.

In SANS SEC566, learners will learn how an organization can defend its information by using vetted cybersecurity frameworks and standards. Learners will specifically learn how to navigate security control requirements defined by the Center for Internet Security's(CIS) Controls (v7.1 / 8.0), the NIST Cybersecurity Framework(CSF), the Cybersecurity Maturity Model Certification(CMMC), NIST SP 800-171, ISO/IEC 27000 and other frameworks into a cohesive strategy to defend their organization while complying with industry standards.