top of page

NIST Cybersecurity Professional®
(NCSP®) 800‑154


Learn how to apply NIST SP 800‑154 threat modelling principles to strengthen system and data protection.

NCSP 800-154 Foundation.png

NIST Cybersecurity Professional®

(NCSP®) 800‑154 Foundation Certificate

Course Description

Threat modelling helps organisations identify, analyse, and mitigate risks to data and systems. NIST SP 800‑154 provides authoritative guidance for data‑centric threat modelling.


The NCSP® 800‑154 Foundation Certificate is a 2‑day, instructor‑led course introducing participants to threat modelling principles and practices as defined in NIST SP 800‑154. This course explains data flows, adversary analysis, attack surface mapping, and alignment with NIST CSF 2.0.


Participants learn how to apply foundational threat modelling concepts across systems and applications, preparing them for more advanced NCSP® risk and architecture training.

What You Will Learn

Participants gain knowledge of NIST SP 800-154 and how how to apply threat modelling to increase cyber resilience. You will learn:

  • How NIST SP 800‑154 aligns with NIST CSF 2.0 and supports threat modelling programs.

  • The core concepts of data‑centric threat modelling.

  • How to identify assets, adversaries, and attack surfaces.

  • How to analyse threats and vulnerabilities.

  • How to document and communicate threat models.

  • How to integrate threat modelling into development and operations.

Course Agenda

Day 1: Threat Modelling Foundations, Governance & Analysis
Module 1: Introduction to NIST SP 800‑154
Module 2: Core Threat Modelling Concepts
Module 3: Governance, Roles & Policy Responsibilities
Module 4: Asset Identification & Adversary Analysis


Day 2: Attack Surface, Documentation & Continuous Improvement
Module 5: Attack Surface Mapping
Module 6: Threat Analysis & Prioritisation
Module 7: Documentation, Reporting & Communication
Module 8: Continuous Improvement & Alignment with NIST CSF 2.0

Learning Outcomes

Participants will be able to:

  • Explain how NIST SP 800‑154 supports NIST CSF 2.0 and threat modelling programs.

  • Describe data‑centric threat modelling concepts.

  • Apply foundational threat modelling practices.

  • Analyse adversaries, assets, and attack surfaces.

  • Understand documentation and communication requirements.

  • Translate NIST SP 800‑154 guidance into actionable threat modelling practices.

Who Should Attend?

Ideal for individuals responsible threat modelling, risk management and risk assessments, including:

  • IT & Security Staff

  • Cybersecurity Beginners & Career‑Changers

  • GRC Personnel

  • Developers & Application Support Personnel

  • Compliance & Audit Teams

  • Technical Support Staff

Prerequisites

There are no formal prerequisites for this Foundation‑level course. It is designed as an accessible entry point into NIST‑aligned cybersecurity training.


Participants are provided with:

  • NIST Cybersecurity Professional® (NCSP®) 800‑154 Foundation Certificate courseware including links to further reading and resources.

  • NIST Cybersecurity Professional® (NCSP®) 800‑154 Foundation Certificate, Certificate of Completion.

  • NIST Cybersecurity Professional® (NCSP®) 800‑154 Foundation Certificate digital badge.

​Enrol Today

Learn how to apply NIST SP 800‑154 threat modelling principles to strengthen system and data protection.

NCSP 800-154 Foundation.png
Further Reading

NIST Cybersecurity Professional® 

NCSP®, NIST Cybersecurity Professional® and NIST Cyber Security Professional® are registered trademarks of CySec Professionals Ltd. All frameworks, models, and course materials are proprietary intellectual property protected across the UK, EU, US, Canada, and Australia. The Digital Trust Institute® (DTI®) is a trading name of CySec Professionals Ltd.

NCSP® is a governed, trademarked credential ecosystem aligned to NIST CSF 2.0 and key NIST Special Publications, stewarded by CySec Professionals Ltd and The Digital Trust Institute® (DTI®).

NIST content is republished courtesy of the National Institute of Standards and Technology. CySec Professionals Ltd is an independent organisation and is not affiliated with or endorsed by NIST.

Part of the NCSP® Credential Ecosystem - https://digitaltrust.institute

© 2017 - 2026 CySec Professionals Ltd. All rights reserved.

Terms & Conditions

UK Cyber Security Council Membership
Federation of Small Business Member
Greater Manchester Chamber of Commerce Member
bottom of page