Designed for anyone in an organization who needs to understand the basics of cybersecurity, the components of the NIST CSF, and how the NIST CSF aligns to risk management. Security, IT, risk management, policy makers, and other business professionals who have responsibility for aspects of business or technical security can benefit from this course.

This course is a great fit for anyone with an interest in or responsibility for the survival of the business. This includes IT, C level personnel, compliance, legal, auditing, human resources, etc.

  • One-day, high-level overview of threats and common risks.
  • Introduces the three main components of the NIST Cybersecurity Framework: the Core, Implementation Tiers and Profiles.
  • Outlines the Seven Step NIST CSF process that is used to analyze, plan, implement, monitor, and improve protection of critical assets.
Designed for individuals within an organization who are directly involved in the planning, design, creation, implementation, and or improvement of a cybersecurity program that will follow the principles of the NIST Cybersecurity Framework. Although some aspects of the course are technical, this course also includes risk management, business controls, and other topics that would be of value to staff outside of the traditional technical audience.

This course is suited for individuals working with and overseeing the technology, including CIOs, CISOs, IT Directors and Managers, IT Security personnel, and IT staff.

  • Two-day deep dive into Foundation concepts.
  • Focus on designing and implementing (or improving) a cybersecurity program to minimize risks and protect critical assets based on the NIST CSF.
  • Provides an analysis of various technical and business controls, including the Center for Internet Security v8 Critical Security Controls, the ISO 27001: 2013 Information Security Management System Requirements, and the NIST Risk Management Framework.
Designed for anyone in an organization who deals with risk, security, or technology related to the supply chain. This includes business, security, and IT professionals or anyone else who is a stakeholder in Cybersecurity Supply Chain Risk Management (C-SCRM). This course is specifically for those who have responsibility for or interest in C-SCRM. This is not a general IT security course.

The C-SCRM course provides value to anyone who may be involved in implementing or improving cybersecurity in relation to supply chain risks for an organization.

  • Two-day format to allow a deeper dive into the concepts of C-SCRM.
  • An understanding of the federal guidance from NIST SP 800-161r1.
  • An analysis of supply chain risk management from business, security, and information technology aspects, including privacy.
  • A review of factors resulting in successful cybersecurity supply chain risk management.
Designed for anyone working in an organization that is concerned about the threat of ransomware and would like the best-in-class guidance on defending against it. This course is especially applicable if your organization is using or considering using the NIST Cybersecurity Framework to create or improve a cybersecurity program.

The Ransomware Risk Management course provides value to anyone who is directly or indirectly responsible for keeping your organization safe from ransomware. IT and Security leadership and staff, CIOs, CISOs, and related roles would all benefit from the combination of business and technical guidance in this course.

  • One-day in depth analysis of managing ransomware risk using the NIST CSF.
  • An explanation of the challenges related to ransomware. Details on the different types of ransomware and how they are used to attack organizations. Methods and technologies organizations commonly use to manage ransomware risk with or without the NIST CSF.
  • An overview of the NIST Cybersecurity Framework. This information makes the course able to stand alone by providing an introduction to the Framework that is necessary to understanding the Ransomware Profile.
  • A very detailed look at the NIST CSF Profile for Ransomware Risk Management. This covers all the Framework functions, categories, and subcategories included in the Ransomware Risk Profile. It also includes explanations for each and a review of the associated Informative References.

For cybersecurity training and IT certification for employees, two instruction options provide maximum flexibility for students' learning preferences and scheduling needs.

  1. Live instructor-led training on scheduled days/times from any remote location or in person at our state-of-the-art training facility.
  2. Self-paced, e-learning courses at your own pace using our video format and interactive courseware from any remote location for six months after date of purchase. View a short clip of a pre-recorded course.

All LRS NIST Framework courses come with NIST Framework certification and continuing education credits, such as PDUs and CEUs. Online NIST Cybersecurity Framework Certification Exams are available and hosted through the LRS NIST Cybersecurity Framework Certification Portal. Candidates receive a certificate for a passing score and a skills-gap document within the portal after completing their exam. Have questions? Contact LRS Education Services at 877.832.0688 x1493 or email us at

go to NICCS National Initiative for Cybersecurity Careers and Studies website go to CISA Cybersecurity & Infrastructure Security Agency website go to NIST National Institute of Standards and Technology website

Executives, managers, and IT staff all have a stake in cybersecurity.

The NIST Cybersecurity Framework training courses (NCSF) offered by LRS Education Services provide employee training to teach students how to align and prioritize cybersecurity activities with business/mission requirements, risk tolerances, and resources using the Framework. For the past several years, organizations have been using knowledge and skills learned in LRS NIST cybersecurity training classes, which align with Federal standards, to create or improve their cybersecurity programs.

LRS Education Services NIST cybersecurity courses are recognized and listed on the National Initiative For Cybersecurity Careers and Studies (NICCS) website for our expertise and professionalism. NICCS is managed by the U.S. Department of Homeland Security.

About the NIST Cybersecurity Framework (NCSF)

CyberSecurity Framework Version 1.1: Recover, Identify, Protect, Detect, RespondPresidential Executive Order 13800 requires U.S. Federal agencies to use the Cybersecurity Framework (CSF) that was created by the National Institute for Standards and Technology (NIST) to improve cybersecurity for critical infrastructure.

The CSF was created as a result of collaboration between government and the private sector. It “uses a common language to address and manage cybersecurity risk in a cost-effective way based on business needs without placing additional regulatory requirements on businesses.” The Framework assists in cybersecurity risk assessment to determine which activities are most important to assure critical operations and service delivery. In turn, that helps prioritize investments and maximize the impact of each dollar spent on cybersecurity.

The NIST Roadmap for Improving Critical Infrastructure Cybersecurity, a companion document to the Cybersecurity Framework, reinforces the need for a skilled cybersecurity workforce. It recognizes that, as cybersecurity threats and technology environments evolve, the workforce must adapt in turn.

The Cybersecurity Enhancement Act of 2014 calls for NIST to coordinate a national cybersecurity awareness and education program that includes “widespread dissemination of cybersecurity technical standards and best practices” and efforts to make these best practices usable not only by enterprise organizations, but also by “small to medium-sized businesses, educational institutions, and state, local, and tribal governments." This legislation established the critical need for NIST Framework training.

On March 2, 2023, The White House released the National Cybersecurity Strategy to strengthen cybersecurity and secure cyberspace for all of America to realize the benefits and potential of our digital future. The Strategy calls on partnership between industry, civil society, and state/local/tribal/territorial governments to rebalance the responsibility for cybersecurity to be more effective and equitable, including alignment with the NIST Cybersecurity Framework.

About Cybersecurity Careers

To learn more about the numerous opportunities in cybersecurity, the interactive Cyber Career Pathways Tool can be utilized to identify potential cyber careers. Why use the Cyber Career Pathway Tool? Individuals considering a cybersecurity career, and professionals seeking to progress within the field, will find a wealth of information on the skills needed to begin, transition, or advance a cyber career in 52 different cybersecurity work roles. The tool was created and is maintained in partnership with the Interagency Federal Cyber Career Pathways Working Group, led by CISA, the Department of Defense, and the Department of Veterans Affairs.