Security for the SMB: Implementing the NIST Framework

Security for the SMB: Implementing the NIST Framework
Security for the SMB: Implementing the NIST Framework
English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 1h 23m | 212 MB

Cybersecurity incidents impact organizations of all sizes, in all sectors. Small and medium businesses (SMBs) may not have the same infrastructure or resources for security, but face the same risks. In this course, Ron Woerner explains how to secure SMB assets, systems, and networks, leveraging the five functions of the National Institute of Standards and Technology (NIST) Cybersecurity Framework—identify, protect, detect, respond, and recover—as a scaffold for creating a robust cybersecurity program. Learn how to identify your assets and necessary levels of access, set up defenses such as firewalls and encryption, monitor your systems, create an effective incident response plan, and use backups and cloud services to ensure you can recover and resume operations as quickly as possible.

Topics include:

  • Cybersecurity threats and vulnerabilities
  • Building a cybersecurity program
  • Creating an inventory of critical assets
  • Writing security policies and procedures
  • Network defenses
  • Personal and physical security
  • Establishing a response plan
  • Response testing and training
  • Backup and recovery
Table of Contents

1 Secure your infrastructure with NIST

Review of Cybersecurity Fundamentals
2 Understanding and managing your risks
3 Cybersecurity threats and vulnerabilities
4 Cybersecurity requirements
5 NIST Cybersecurity Framework
6 Cybersecurity five-step process overview
7 Building a cybersecurity program

8 Inventory of critical assets
9 Business impact assessment
10 Security policies and procedures
11 I-AAA

12 Overview of defending business assets
13 Network defenses
14 System security
15 Encryption
16 Personnel and physical security

17 Detecting security issues overview
18 System auditing and logging
19 Monitoring and alerting
20 Assessments and audits

21 Establishing a response plan
22 Incident response plan examples
23 Digital forensics
24 Response testing and training

25 Your continuity of operations plan
26 Backups, virtualization, and the cloud

27 Best practices
28 Resources