
Starting your Cybersecurity Career Journey...
When you think about breaking into cybersecurity at an entry level or making a mid-career transition into GRC, it can feel like staring at a mountain.Β Where do you start? What do you need to know? π€Β
One of the best guidebooks to begin with is the NIST Cybersecurity Framework (CSF). This 32-page document was first released 10 years ago in response to a presidential executive order and has been rapidly adopted since.
ο»ΏItβs remarkably effective at helping organizations of all shapes and sizes baseline their current state and establish an appropriate, tailored, desired state to become cyber resilient.
What You'll Learn
Competencies
β Understand the key principles of cyber resilience and its role in protecting organizational assets
β Identify and analyze common cybersecurity threats and vulnerabilities
β Gain foundational knowledge of the NIST Cybersecurity Framework and its core components
β Implement basic resilience strategies to mitigate risks and reduce the impact of cyber incidents
β Communicate basic cyber resilience concepts effectively to stakeholders

About Your Instructor, Steve McMichael, CCRP
Instructor Steve McMichael is committed to helping YOU accelerate your cybersecurity career.
Steve is passionate about guiding students, from backgrounds as diverse as accounting, into cybersecurity GRC. He successfully made this transition himself and shares how you can do it too in the popular blog, CPA to Cybersecurity. Exam prep courses for the AKYLADE Certified Cyber Resilience Fundamentals (A/CCRF), AKYLADE Certified Cyber Resilience Practitioner (A/CCRP) and AKYLADE Cyber Risk Management Foundations (A/CRMF) can help accelerate that journey.
Steve holds advanced degrees in business (BBA, MBA), along with top cybersecurity certifications (CCRP, CRMP, CISSP, CISA), and is a Chartered Professional Accountant (CPA). With nearly 20 years of experience in tech, he currently serves as Director of Governance, Risk, and Compliance at BlackBerry.
Curriculum
- ποΈ 3.1 Introduction and Exam Objectives (4:15)
- π§± 3.2 Risk Management Fundamentals (3:55)
- ποΈ 3.3 Phase One: Risk Identification (4:13)
- βοΈ 3.4 Phase Two: Risk Assessment (7:30)
- ποΈ 3.5 Phase Three: Risk Response Planning (4:33)
- π‘οΈ 3.6 Phase Four: Risk Mitigation (5:52)
- π 3.7 Phase Five: Risk Monitoring and Review (0:53)
- β οΈ 3.8 Inherent Risk and Residual Risk (2:27)
- π₯ 3.9 Business Impact Analysis (BIA) (6:53)
- π 3.10 Financial Analysis (1:36)
- π 3.11 Quiz
- β 3.12 Conclusion and Touchpoints (0:42)
- ποΈ 4.1 Introduction and Exam Objectives (3:32)
- π οΈ 4.2 Development of the NIST Cybersecurity Framework (5:27)
- π 4.3 Relevant Executive Orders and Regulations (3:24)
- ποΈ 4.4 Applicability of the Cybersecurity Framework (5:18)
- π 4.5 Characteristics of the Framework (5:47)
- πͺ 4.6 Cyber Resilience (1:37)
- βοΈ 4.7 Critical Infrastructure (2:21)
- π₯ 4.8 Intended Audience & Purpose of CSF (2:01)
- π 4.9 Quiz
- β 4.10 Conclusion and Touchpoints (1:34)
- ποΈ 7.1 Introduction and Exam Objectives (2:52)
- ποΈ 7.2 Controls (1:29)
- π 7.3 Voluntary Nature of the NIST Cybersecurity Framework (4:42)
- π 7.4 Outcomes (5:27)
- π 7.5 Informative References (2:33)
- 7.6 ISO/IEC 27001 and 27002 (1:36)
- 7.7 NIST Special Publications (2:45)
- 7.8 CRI (0:44)
- 7.9 CIS CSC (0:55)
- 7.10 COBIT 5 (1:05)
- 7.11 ITIL (1:17)
- 7.12 PCI DSS (1:00)
- 7.13 HIPPA (1:39)
- 7.14 NERC CIP (1:10)
- 7.15 FedRAMP (1:12)
- 7.16 STAR (0:53)
- 7.17 OWASP (0:59)
- π 7.18 Quiz
- β 7.19 Conclusion and Touchpoints (0:41)
- ποΈ 8.1 Introduction and Exam Objectives (3:10)
- π€ 8.2 Choosing an Implementation Tier (7:37)
- ποΈ 8.3 Implementation Tier Progression (3:12)
- ππΆ 8.4 Maturity Models (5:36)
- βοΈ 8.5 Strategies for Moving Between Implementation Tiers (5:26)
- π 8.6 Quiz
- β 8.7 Conclusion and Touchpoints (2:49)
- ποΈ 9.1 Introduction and Exam Objectives (1:53)
- π€οΈ 9.2 Profiles (3:04)
- π¨ 9.3 Creating a Profile (6:48)
- πͺ‘ 9.4 Profile Tailoring (10:09)
- ποΈ 9.5 Sector-Specific Profiles (0:38)
- 9.6 Cyber Risk Institute (CRI) Profile (2:02)
- 9.7 Manufacturing Profile (5:50)
- 9.8 Election Infrastructure Profile (2:23)
- 9.9 Hybrid Satellite Networks Profile (2:23)
- 9.10 Smart Grid Profile (1:02)
- 9.11 Connected Vehicle Profiles (1:28)
- 9.12 Payroll Profile (1:06)
- 9.13 Maritime Profile (1:15)
- 9.14 Communications Profile (1:23)
- ποΈ 9.15 Profiles and Regulatory Compliance (3:05)
- βοΈ 9.16 Secure Once, Comply Many (3:27)
- π 9.17 Quiz
- β 9.18 Conclusion and Touchpoints (2:16)
- ποΈ 10.1 Introduction and Exam Objectives (2:16)
- π€ 10.2 Case Study: Meeting Our Client (2:20)
- β οΈ 10.3 Identifying Threats (2:17)
- π 10.4 Identifying Vulnerabilities (2:42)
- π 10.5 Identifying Risks (1:54)
- π‘οΈ 10.6 Risk Mitigation Recommendations (2:45)
- βοΈ 10.7 Benefits and Trade-offs of Risk Mitigations (3:04)
- ποΈ 10.8 Evaluating Effectiveness (1:51)
- π10.9 Risk Management Plan (1:44)
- βοΈ10.10 Cybersecurity Strategy (2:35)
- π 10.11 Quiz
- β 10.12 Conclusion and Touchpoints (2:11)
- π₯ 10.13 What to Expect on Exam Day and How to CRUSH It (4:21)

A/CCRF Exam Domains
-
Cybersecurity Framework Concepts (25%) π Understanding the basics.Β
-
Framework Core (30%) π Six functions (Govern, Identify, Protect, Detect, Respond, Recover) drilling down into 22 categories and 106 subcategories. These enable effective communication about cyber risk between executives, managers, and practitioners.Β
-
Tiers (10%) π πΆ Determining the level of security based on your organization's unique mission, risk tolerance, and resources. CSF is not prescriptive and not one-size-fits-all. It is flexible and scalable.Β
-
Profiles (15%) π§ Strategic planning between current and desired states to align cybersecurity efforts with organizational goals.Β
-
Risk Management (20%) β οΈ To reliably achieve objectives.
Where These Skills Can Take You
Job Roles
Disclaimer: Salary ranges represent estimates based on current market data. Individual compensation may vary based on experience, location, and economic factors. This information alone does not guarantee specific salary levels or employment.
Source: Indeed.com Cybersecurity Salary Guide
A/CCRF
(This Course)
πΌ IT Support Specialist $45,000 - $75,000 View job listings π
πΌ Junior Cybersecurity Analyst $55,000 - $85,000 View job listings π
πΌ Junior Risk Analyst $50,000 - $80,000 View job listings π
πΌ Compliance Specialist $55,000 - $90,000 View job listings π
πΌ IT Manager $85,000 - $130,000 View job listings π
πΌ SOC Analyst $60,000 - $95,000 View job listings π
πΌ Security Specialist $65,000 - $100,000 View job listings π
πΌ Security Administrator $70,000 - $110,000 View job listings π
And A/CCRF is a prerequisite for π
A/CCRP
(AKYLADE Certified Cyber Resilience Practitioner)
πΌ Cybersecurity Analyst $75,000 - $120,000 View job listings π
πΌ IT Security Consultant $90,000 - $150,000 View job listings π
πΌ Compliance Lead $100,000 - $160,000 View job listings π
πΌ Security Engineer $95,000 - $160,000 View job listings π
πΌ SOC Manager $120,000 - $180,000 View job listings π
πΌ CISO $165,000 - $375,000 View job listings π
What Does the Course Include? π

Even More Simply Cyber Academy GRC Courses
Simply Cyber Academy is tailored to empower those seeking a rewarding career in cybersecurity GRC