Security for the SMB: Implementing the NIST Cybersecurity Framework
1h 23mIntermediate2020-01-02
Authors

Ronald Woerner
Professor, Cybersecurity Expert
Course details
Cybersecurity incidents impact organizations of all sizes, in all sectors. Small and medium businesses (SMBs) may not have the same infrastructure or resources for security, but face the same risks. In this course, Ron Woerner explains how to secure SMB assets, systems, and networks, leveraging the five functions of the National Institute of Standards and Technology (NIST) Cybersecurity Framework—identify, protect, detect, respond, and recover—as a scaffold for creating a robust cybersecurity program. Learn how to identify your assets and necessary levels of access, set up defenses such as firewalls and encryption, monitor your systems, create an effective incident response plan, and use backups and cloud services to ensure you can recover and resume operations as quickly as possible.
Topics include:
- Cybersecurity threats and vulnerabilities
- Building a cybersecurity program
- Creating an inventory of critical assets
- Writing security policies and procedures
- Network defenses
- Personal and physical security
- Establishing a response plan
- Response testing and training
- Backup and recovery
Topics include:
- Cybersecurity threats and vulnerabilities
- Building a cybersecurity program
- Creating an inventory of critical assets
- Writing security policies and procedures
- Network defenses
- Personal and physical security
- Establishing a response plan
- Response testing and training
- Backup and recovery
Skills covered
Incident ResponseCybersecurityDeep Dive (X:Y)
Concepts
0. Introduction
- 01 - Secure your infrastructure with NIST
1. Review of Cybersecurity Fundamentals
- 02 - Understanding and managing your risks
- 03 - Cybersecurity threats and vulnerabilities
- 04 - Cybersecurity requirements
- 05 - NIST Cybersecurity Framework
- 06 - Cybersecurity five-step process overview
- 07 - Building a cybersecurity program
2. Identify
- 08 - Inventory of critical assets
- 09 - Business impact assessment
- 10 - Security policies and procedures
- 11 - I-AAA
3. Protect
- 12 - Overview of defending business assets
- 13 - Network defenses
- 14 - System security
- 15 - Encryption
- 16 - Personnel and physical security
4. Detection
- 17 - Detecting security issues overview
- 18 - System auditing and logging
- 19 - Monitoring and alerting
- 20 - Assessments and audits
5. Respond
- 21 - Establishing a response plan
- 22 - Incident response plan examples
- 23 - Digital forensics
- 24 - Response testing and training
6. Recover
- 25 - Your continuity of operations plan
- 26 - Backups, virtualization, and the cloud
Conclusion
- 27 - Best practices
- 28 - Resources
Related courses
- Red Hat Enterprise Linux 8 Essential Training
- The Startup/SMB Guide to Integrating and Managing AI Agents
- Linux System Engineer: Network Filesystems Using NFS and Samba
- Microsoft 365 Business Essential Training for SMBs
- Leveraging AI for Small and Medium Business Growth
- Windows Server 2019: Advanced Networking Features
- Azure Networking and Security for Beginners: Tools and Services
- CCSK Cert Prep: 4 Data Security for Computing
Related learn paths
- AI Boot Camp for Small and Medium-Sized Businesses (SMBs)
- Essential Skills for Growing as an Entrepreneur
- Getting Started with Linux
- Prepare for the CSA Certificate of Cloud Security Knowledge (CCSK) Exam
- Prepare for the Microsoft Cybersecurity Architect (SC-100) Certification Exam
- Prepare for the Microsoft Azure Fundamentals (AZ-900) Certification Exam
- Prepare for the Microsoft Cybersecurity Architect Expert (SC-100) Certification
- Prepare for the Azure Data Engineer Associate (DP-203) Certification by Microsoft Press