How long is the NCSP 800-160 Foundation course?

The course is delivered over 2 days.

Who should attend this systems security engineering course?

It is suitable for engineers, architects, system designers, and cybersecurity professionals.

Do I need engineering experience?

No prior engineering experience is required for this Foundation-level course.

Does the course include certification?

Yes, participants receive the NCSP 800-160 Foundation Certificate and digital badge.

NIST Cybersecurity Professional®
NCSP® 800-160 Foundation Certificate

Build Secure, Resilient Systems with NIST Systems Security Engineering

NIST Cybersecurity Professional®

NCSP® 800-160 Foundation Certificate

Course Description

Modern organisations depend on complex, interconnected systems that must remain secure and resilient in the face of evolving cyber threats. NIST SP 800‑160 provides the authoritative engineering‑focused guidance for designing, developing, and operating trustworthy systems, integrating security and resilience into every stage of the system lifecycle.

The NCSP® 800‑160 Foundation Certificate is a 2‑day, instructor‑led course introducing participants to the principles, processes, and practices of Systems Security Engineering (SSE) and Cyber Resiliency Engineering as defined in NIST SP 800‑160 Volumes 1 and 2.

This course teaches how to embed security and resilience into system architecture, development, acquisition, and operations. It also explains how 800‑160 aligns with the NIST Cybersecurity Framework (CSF) 2.0 and supports modern engineering, DevSecOps, and risk management programs.

What You Will Learn

Participants gain foundational knowledge required to apply NIST SP 800‑160 concepts across the system lifecycle. You will learn:

How Systems Security Engineering (SSE) integrates with the NIST CSF 2.0 and enterprise risk management.
The structure, principles, and engineering processes defined in NIST SP 800‑160 Vol. 1.
How to design and implement cyber‑resilient systems using the techniques in NIST SP 800‑160 Vol. 2.
How to apply SSE concepts to system architecture, requirements, design, development, testing, and operations.
How to integrate security engineering into acquisition, supply chain, and lifecycle management.
Approaches for building trustworthy systems that anticipate, withstand, recover from, and adapt to cyber threats.

Course Agenda

Day 1: Systems Security Engineering Foundations & Lifecycle Integration
Module 1: Introduction to NIST SP 800‑160

Understanding the purpose, evolution, and scope of Vol. 1 (SSE) and Vol. 2 (Cyber Resiliency Engineering).

Module 2: Systems Security Engineering Principles

Exploring the foundational engineering principles that guide the development of secure and trustworthy systems.

Module 3: SSE Processes Across the System Lifecycle

Applying engineering processes to concept development, requirements, architecture, design, implementation, verification, deployment, and sustainment.

Module 4: Integrating SSE with NIST CSF 2.0

Mapping engineering activities to CSF 2.0 functions and outcomes to support enterprise‑wide security programs.

Day 2: Cyber Resiliency, Architecture & Operational Integration
Module 5: Cyber Resiliency Engineering Concepts

Understanding the goals, objectives, and techniques defined in NIST SP 800‑160 Vol. 2.

Module 6: Designing for Resilience

Applying architectural strategies such as diversity, segmentation, redundancy, deception, and adaptive response.

Module 7: Engineering Trustworthy Systems

Integrating security and resilience into system architecture, supply chain considerations, and DevSecOps practices.

Module 8: Continuous Improvement & Lifecycle Sustainment

Implementing ongoing engineering activities, monitoring, and feedback loops that maintain system trustworthiness over time.

Learning Outcomes

Participants will be able to:

Explain how NIST SP 800‑160 Vol. 1 and Vol. 2 support the NIST Cybersecurity Framework 2.0 and modern engineering practices.
Identify and describe the Systems Security Engineering principles and processes across the system lifecycle.
Apply cyber‑resiliency engineering concepts to strengthen system architecture and operational resilience.
Integrate SSE into acquisition, development, supply chain, and operational processes.
Develop engineering‑aligned documentation and artifacts that support trustworthy system design and operation.
Translate engineering guidance into actionable practices that enhance system security and resilience.

Who Should Attend?

This course is designed for professionals responsible for designing, developing, or managing secure and resilient systems, including:

Systems Engineers & Security Architects
Cybersecurity & Risk Management Professionals
DevSecOps & Software Engineering Teams
Systems Integrators & Technology Vendors
Program & Project Managers overseeing system development
Governance, Compliance, and Assurance Personnel

Prerequisites

There are no formal prerequisites for this Foundation‑level course, though a basic understanding of cybersecurity concepts and the NIST CSF is recommended.

Participants are provided with:

NIST Cybersecurity Professional® (NCSP®) 800-160 Foundation Certificate courseware including links to further reading and resources.
NIST Cybersecurity Professional® (NCSP®) 800-160 Foundation Certificate, Certificate of Completion.
NIST Cybersecurity Professional® (NCSP®) 800-160 Foundation Certificate digital badge.