Cybersecurity Framework 2.0 for Florida State and Local Government Agencies

Format Online, Synchronous

Date & Time Wednesday, December 10, 2025, from 9:00 AM - 11:00 AM Eastern

Prerequisites

Prior knowledge of NIST CFS 2.0 is not required to take the course, however, the course does explore some of the higher-level concepts of applying the framework.

Course Overview

• Learn about the components and implementation of the NIST Cybersecurity Framework 2.0
• Understand how to utilize the primary Components of the Framework, including Core, Tiers and Profiles
• Use the framework’s Risk-Based Approach in order to understand, assess, and prioritize cybersecurity efforts, enhancing overall security posture.
• Tailor the framework to fit your agency, drawing from the CSF V2 being non-prescriptive, to fit your agency’s specific operational objectives, resources, and risk tolerance.
• Integrate holistic cybersecurity by integrating cybersecurity into agency risk management and operations.

This course takes roughly two hours to complete.

Key Takeaways

1. Key changes and major updates from CSF v1.1 to v2.0
2. Understanding CSF Core, CSF Profiles and CSF Tiers
3. Understanding the shift from functions to domains and the main content for each domain:

Govern Domain

• Understand the key components and activities introduced in Version 2.0 of the CSF framework
• Review why leadership and governance in cybersecurity risk management is key
• Comprehend how to establish a risk management strategy and framework
• Define the appropriate roles and responsibilities for cybersecurity
• Develop and implement your agency’s cybersecurity policies and procedures

Identify Domain

• Understand asset classification and data sensitivity
• Identify critical assets, systems, and data
• Explore business continuity and impact analysis (BCM / BIA) concepts

Protect Domain

• Understand cybersecurity controls and their implementation
• Comprehend different types of controls (preventive, detective, corrective)
• Learn how to select and implement appropriate controls based on CSF-defined risk assessments.

Who Should Attend?

This course is intended to enable agencies to be capable of complying with State law, which mandates the use of NIST cybersecurity standards.

In addition to managers interfacing with IT teams, IT and Risk professionals seeking to deepen their knowledge of the NIST CSF V2.0, the Department of Homeland Security recommends cross-functional team involvement of those representing business, operations, security, information technology, and maintenance areas, including those responsible for:

• Agency leaders
• Chief Privacy Officer / Data Protection Officers
• Agency Risk Managers
• Internal Audit leaders
• Chief Compliance Officer & Compliance Managers
• IT Policy and Governance personnel
• Business Operations Managers
• IT Security Planning and Management personnel
• Business Continuity and Disaster Recovery Planning team members
• IT Infrastructure / IT Operations personnel
• Procurement and Vendor Managers
• Legal team members

Completion

Upon successful course completion, participants receive a USF digital badge as recognition of their training. Participants can showcase this certificate on their professional profiles, such as LinkedIn.