
NIST Cybersecurity Professional®
(NCSP®) 800‑154
Learn how to apply NIST SP 800‑154 threat modelling principles to strengthen system and data protection.

NIST Cybersecurity Professional®
(NCSP®) 800‑154 Foundation Certificate
Course Description
Threat modelling helps organisations identify, analyse, and mitigate risks to data and systems. NIST SP 800‑154 provides authoritative guidance for data‑centric threat modelling.
The NCSP® 800‑154 Foundation Certificate is a 2‑day, instructor‑led course introducing participants to threat modelling principles and practices as defined in NIST SP 800‑154. This course explains data flows, adversary analysis, attack surface mapping, and alignment with NIST CSF 2.0.
Participants learn how to apply foundational threat modelling concepts across systems and applications, preparing them for more advanced NCSP® risk and architecture training.
What You Will Learn
Participants gain knowledge of NIST SP 800-154 and how how to apply threat modelling to increase cyber resilience. You will learn:
-
How NIST SP 800‑154 aligns with NIST CSF 2.0 and supports threat modelling programs.
-
The core concepts of data‑centric threat modelling.
-
How to identify assets, adversaries, and attack surfaces.
-
How to analyse threats and vulnerabilities.
-
How to document and communicate threat models.
-
How to integrate threat modelling into development and operations.
Course Agenda
Day 1: Threat Modelling Foundations, Governance & Analysis
Module 1: Introduction to NIST SP 800‑154
Module 2: Core Threat Modelling Concepts
Module 3: Governance, Roles & Policy Responsibilities
Module 4: Asset Identification & Adversary Analysis
Day 2: Attack Surface, Documentation & Continuous Improvement
Module 5: Attack Surface Mapping
Module 6: Threat Analysis & Prioritisation
Module 7: Documentation, Reporting & Communication
Module 8: Continuous Improvement & Alignment with NIST CSF 2.0
Learning Outcomes
Participants will be able to:
-
Explain how NIST SP 800‑154 supports NIST CSF 2.0 and threat modelling programs.
-
Describe data‑centric threat modelling concepts.
-
Apply foundational threat modelling practices.
-
Analyse adversaries, assets, and attack surfaces.
-
Understand documentation and communication requirements.
-
Translate NIST SP 800‑154 guidance into actionable threat modelling practices.
Who Should Attend?
Ideal for individuals responsible threat modelling, risk management and risk assessments, including:
-
IT & Security Staff
-
Cybersecurity Beginners & Career‑Changers
-
GRC Personnel
-
Developers & Application Support Personnel
-
Compliance & Audit Teams
-
Technical Support Staff
Prerequisites
There are no formal prerequisites for this Foundation‑level course. It is designed as an accessible entry point into NIST‑aligned cybersecurity training.
Participants are provided with:
-
NIST Cybersecurity Professional® (NCSP®) 800‑154 Foundation Certificate courseware including links to further reading and resources.
-
NIST Cybersecurity Professional® (NCSP®) 800‑154 Foundation Certificate, Certificate of Completion.
-
NIST Cybersecurity Professional® (NCSP®) 800‑154 Foundation Certificate digital badge.
Enrol Today
Learn how to apply NIST SP 800‑154 threat modelling principles to strengthen system and data protection.
