Book Your Course Special Offers See All Our Courses Our Awards & Certifications Virtual Consultation
Login Register
+44 (0) 20 8500 4534
enquiries@trainingcreatively.com
Blogs

Strengthening Cybersecurity Governance: Implementing the NIST Cybersecurity Framework Using COBIT® 2019

Introduction: When a Security Incident Triggers a Transformation

In early 2022, a medium-sized healthcare provider in the UK experienced a ransomware attack that disrupted operations for five days. Despite having standard cybersecurity protocols, the incident revealed a deeper problem: their cybersecurity governance lacked structure, adaptability, and business alignment. Following internal audits and consultation, leadership discovered the need for a comprehensive framework that not only responded to threats but aligned with enterprise governance objectives.

This realisation led them to adopt the NIST Cybersecurity Framework (CSF) while implementing it through COBIT® 2019, ISACA’s globally recognised framework for the governance and management of enterprise IT.

Team members upskilled through the Implementing the NIST Cybersecurity Framework Using COBIT® 2019 course London, virtual tutor-led, online e-learning, and corporate onsite training, enabling them to translate strategic security goals into actionable governance practices.

What Is the NIST Cybersecurity Framework?

The National Institute of Standards and Technology (NIST) developed the CSF to help organizations of any size better manage and reduce cybersecurity risk. It’s built around five core functions:

  1. Identify
  2. Protect
  3. Detect
  4. Respond
  5. Recover

It offers a risk-based approach to cybersecurity, enabling organisations to prioritise actions and investments based on their unique risk profiles.

However, implementing NIST-CSF effectively at an enterprise level often requires integration with a governance framework. This is where COBIT® 2019 comes in.

The Role of COBIT® 2019 in Cybersecurity Governance

COBIT® 2019 provides the structure and governance mechanisms to align IT with enterprise goals. It’s not just a control framework—it links business needs, regulatory requirements, and risk management into IT performance.

When used together, NIST-CSF and COBIT 2019 form a complete governance and security approach:

  • NIST-CSF defines what needs to be done to improve cybersecurity
  • COBIT 2019 explains how to integrate those activities into enterprise governance and operations

About the Certification Course

The Implementing the NIST Cybersecurity Framework Using COBIT® 2019 Certification course offered by ISACA is designed for:

  • Cybersecurity professionals
  • IT governance practitioners
  • Risk managers
  • Compliance officers
  • CIOs and CISOs

Learning Objectives Include:

  • Understanding the structure and purpose of NIST-CSF
  • Learning COBIT 2019’s governance and management objectives
  • Mapping and integrating NIST-CSF practices using COBIT 2019
  • Assessing an organisation’s current posture and creating a roadmap for improvement

Whether you choose the Implementing the NIST Cybersecurity Framework Using COBIT® 2019 course London, virtual tutor-led, online e-learning, and corporate onsite training, the course delivers practical skills and certification credibility.

Why This Matters: Backed by Industry Data

ind-dataAccording to ISACA’s 2023 State of Cybersecurity Report:

Only 38% of organisations are confident in their cybersecurity team’s ability to detect and respond to threats.
Source: ISACA Cybersecurity 2023

Moreover, the average cost of a data breach in the UK reached £3.4 million in 2023 (IBM Cost of Data Breach Report 2023).

These figures highlight an urgent need for frameworks that blend technical resilience with governance clarity—the exact intersection where NIST-CSF and COBIT 2019 provide unmatched value.

Case Study: Financial Institution’s Cyber Governance Revamp

Background

A regional financial services company operating across Europe had a fragmented approach to cybersecurity. The IT team handled incident response, while the compliance department oversaw risk registers—resulting in miscommunication, duplicated efforts, and gaps in coverage.

After a near-miss phishing campaign targeting C-level executives, the board authorised an overhaul. Their goals:

  • Create a unified cybersecurity governance strategy
  • Align it with business priorities and regulatory expectations (like GDPR and DORA)
  • Integrate risk and compliance functions
The Implementation

The organisation enrolled its IT governance, risk, and cybersecurity leads in a corporate onsite training program based on the Implementing the NIST Cybersecurity Framework Using COBIT® 2019 course.

Steps taken:
  1. Baseline Assessment: Current controls mapped against NIST-CSF
  2. Governance Integration: Used COBIT 2019’s Governance and Management Objectives to define ownership, performance measures, and assurance
  3. Roadmap Development: Prioritised high-impact improvements using risk scoring
  4. Execution and Monitoring: Implemented processes for detection and recovery aligned with COBIT’s performance management system
Outcomes
  • 35% improvement in incident response times
  • Alignment between IT and compliance teams improved by 60% (as measured by internal audit feedback)
  • Developed an annual cybersecurity governance review cycle
  • Strengthened board-level reporting on cyber risk posture

Benefits of Certification for Professionals and Organisations

For Professionals:
  • Gain expertise in governing cybersecurity risk strategically
  • Strengthen your credentials with two globally respected frameworks
  • Equip yourself for CISO, risk officer, and audit roles
For Organisations:
  • Bridge the gap between cybersecurity controls and enterprise governance
  • Reduce operational silos between IT, risk, and compliance
  • Improve security maturity and stakeholder trust

Training Creatively: Empowering the Governance of Cybersecurity

At Training Creatively, we specialise in delivering accredited training for ISACA certifications. Our delivery modes for the Implementing the NIST Cybersecurity Framework Using COBIT® 2019 course London, virtual tutor-led, online e-learning, and corporate onsite training are designed for flexibility, engagement, and real-world application.

We empower teams to not just understand frameworks—but to integrate them meaningfully across their governance, risk, and compliance landscapes.

Conclusion: Governance-Driven Security Is the Future

As cybersecurity becomes more central to business survival, organisations must move beyond ad hoc controls and reactive postures. The true differentiator lies in embedding cybersecurity into governance—strategically, systematically, and continuously.

By integrating NIST-CSF’s risk-based approach with COBIT 2019’s enterprise governance framework, professionals and organisations can achieve resilience that supports innovation and trust.

Whether you’re preparing your organisation for regulatory audits, digital transformation, or emerging cyber threats, this course delivers the tools, insights, and structure you need to succeed.

🔗 Recommended Source for Further Reading:

NIST Framework for Improving Critical Infrastructure Cybersecurity
https://www.nist.gov/cyberframework

COBIT 2019 Governance Framework
https://www.isaca.org/resources/cobit

For more info, contact us.

E-mailenquiries@trainingcreatively.com
Phone No. – +44 (0) 20 8500 4534
Address –   Suite 156, Rosden House,
372 Old Street, London, EC1V 9AU

Share Now
©2018 - Creative Consulting and Training Ltd , All rights reserved. Company VAT Number: 154 3653 12 JM