#Japan #Minato #RMF Training #Japan Aerospace #Defense Consulting

New RMF Training Course by JADC

Japan Aerospace & Defense Consulting (JADC), a subsidiary of SHIFT, has announced the launch of a new RMF (Risk Management Framework) education program designed specifically for the defense sector. Starting from June 1, 2026, JADC will offer two distinct training modules: the "Tailored Learning Course" and the "Practitioner Bootcamp" for effective security management education.

Overview of the Tailored Learning Course

The Tailored Learning Course aims to educate participants on optimizing security management strategies for real-time and near-real-time defense equipment, including OT and IoT systems. While these systems require stringent security measures akin to general information systems, blanket enhancements could compromise their availability. Thus, optimizing security strategies considering system characteristics is crucial.

Participants will learn how to design a balanced approach to confidentiality, integrity, and availability based on mission priorities for defense equipment. The course combines theoretical lessons with practical exercises for a comprehensive understanding of tailored strategies.

Target Audience

• - Individuals with experience in RMF-related tasks.
• - Those who have completed the "Practitioner Program" in the RMF Training.

Course Duration

• - Length: 1 Day (8 hours)

Core Curriculum

1. Understanding NIST SP 800-53B Appendix C: What is an Overlay?
2. Fundamental Principles of Overlays
3. Key Regulatory Documents for Real-time and Near-real-time Defense Equipment
4. Official Overlay Listings
5. Control Selection and Tailoring Structure
6. Control Application Policies
7. Transitioning from RMF to CSRMC (Cybersecurity Risk Management Construct)
8. Summary

Course Objectives

Participants will be equipped to:

• - Accurately define, classify, and describe the hierarchical structure of overlays.
• - Select appropriate overlays for defense equipment according to its real-time characteristics.
• - Implement specific conditions for adding, removing, or modifying security management measures based on established criteria.
• - Understand the practical implications of transitioning to CSRMC and achieving Authorization to Operate (ATO).
• - Include tailored decision-making in the Security Assessment Plan (SSP).

Overview of the Practitioner Bootcamp

The Practitioner Bootcamp serves as a condensed version of the RMF training program, designed to impart practical knowledge on "Security Plans" and "Risk Assessment" over five days instead of the usual six weeks. Participants choose between two courses that target different audiences:

• - Organizational Course: Geared toward owners of defense systems and information systems, focusing on governance, risk management, and educational requirements for vendors.
• - Technical Course: Tailored for development vendors of defense equipment, addressing essential security requirements to be implemented in systems.

Target Audience

Participants should have knowledge equivalent to passing the Information Security Management Examination or have completed the RMF "Introduction" course.

Course Duration

• - Length: 5 Days (8 hours each)

Insights into JADC and RMF Training

Established in April 2025 as part of the SHIFT Group, JADC is focused on defense consulting. With a strong grasp of international security issues and domestic defense industries, JADC aims to address various challenges faced by stakeholders in the defense sector. By leveraging its expertise in RMF-related consulting and targeted training services, JADC supports organizations in navigating complexities in defense systems.

With a systematic curriculum rooted in the Department of Defense's cybersecurity standards, JADC's RMF education has proven effective and has been adopted by more than ten defense organizations since its inception. Understanding the current landscape of defense through JADC's reports will also provide valuable insights into security dynamics.

For further information, you can visit JADC's corporate website at SHIFT JADC.