National Cybersecurity
Preparedness Consortium

Jurisdictional

Category

Cyber Threat Information Sharing

Learn to prepare for known threats by collaborating with the community

Coordination & Planning

Learn to design a cybersecurity strategy that connects with other communities

Awareness

Courses that bring an important cybersecurity topic to light

Cyber Incident Response & Recovery

Learn to respond to today's cybersecurity threats

Technical

Dig into the implementation specifics of cybersecurity
Audience

End Users

Cybersecurity courses for everyone

Leadership & Management

Cybersecurity courses for our leaders

Technical

Cybersecurity courses for technologists
Modality

Web-based Training

Self-paced, prerecorded online courses

Instructor-led Training

In-person or online courses with live instructor
Scope

Organizational

Courses focused on the cybersecurity of organizations

Individual

Courses focused on the cybersecurity of individuals

Jurisdictional

Courses focused on the cybersecurity of jurisdictions
Developers

MGT-478

• 16hrs

Community Cybersecurity Information Sharing Integration

instructor-led training

This course will introduce foundational cybersecurity information sharing concepts that can be leveraged to build a community information sharing collaborative. It will establish the purpose and value of community information sharing; and will explore how sharing can assist communities with cyber incident preparedness and response before, during and after a cyber incident occurs.

CIAS (UTSA)

In Development

• 8hrs

Community Engagement

instructor-led training

A distributed Community Engagement Training Event designed for the Whole Community and offered as a capstone event following certification pathways in the Community Cyber Security Maturity Model (CCSMM). Participants (organizational and individual) practice and refine cybersecurity skills and procedures developed independently, within a coordinated training environment. Attendees work collaboratively to enhance preparedness, response, and recovery capabilities in an All-Hazards event.

NUARI (Norwich)

In Development

• 16hrs

Community-Level Cybersecurity Planning and Training Gap Analysis

instructor-led training

Designed as a collaborative community approach to identifying the gaps in cyber plans and the training needed in cybersecurity for all levels of community personnel and local critical infrastructure partners. At the end of this course, participants will be able to conduct a community cybersecurity gap analysis resulting in a cybersecurity training plan for all levels of community personnel and local critical infrastructure partners.

CflA (Memphis), CIAS (UTSA), CJI (Arkansas), NUARI (Norwich), TEEX NERRTC (Texas A&M)

PER-398

• 8hrs

Cybersecurity Resiliency for Industrial Control Systems

instructor-led training

The national and economic security of the United States depends on the reliable functioning of critical infrastructure and community stability. This course provides participants from throughout various levels of government, private industry and community an understanding of cybersecurity resiliency in industrial control systems (ICS). Additionally, this course provides an understanding of cybersecurity resiliency in industrial control systems (ICS) and will review the Internet of Things (IoT), vulnerabilities within Operational Technology (OT) and Supervisory Control and Data Acquisition (SCADA) systems, methods of detecting and responding to cyber attacks in the systems, as well as actions that can be taken by non-technical personnel to mitigate or minimize the effects of cyber attacks.

TEEX NERRTC (Texas A&M)

AWR-383

• 4hrs

Cybersecurity Risk Awareness for Officials and Senior Management

instructor-led training

This is a non-technical course designed to develop awareness of cybersecurity risks for elected officials, appointed officials and other senior managers so that they are better informed to properly protect the jurisdiction/organization during a cybersecurity incident. It is designed to help officials and senior management work more effectively with their Information Technology (IT) departments to mitigate cyber threats. Upon successful completion of the course, participants shall have a better understanding of the cybersecurity risks that their jurisdiction or organization faces and how to work with their IT teams and other departments to mitigate those risks.

TEEX NERRTC (Texas A&M)

AWR-366-W

• 6hrs

Developing a Cyber Security Annex for Incident Response

web-based training

Cyber-attacks occur more frequently and have become increasingly sophisticated. Cybersecurity events now have the potential to significantly disrupt the business operations of government and critical infrastructure services. Public and private sectors, in the United States, are at increasing and continual risk of surprise attacks from nation-state and non-state actors. (Burgess, 2018) The National Response Framework describes how preparedness can be achieved by developing an incident annex for each hazard. Incident annexes describe coordinating structures used to deliver core capabilities and support response missions unique to a specific type of incident.

TEEX NERRTC (Texas A&M)

AWR-136

• 8hrs

Developing Cybersecurity Resiliency for Everyone

instructor-led training

This discussion-based, non-technical course is an introduction to cybersecurity that provides individuals, community leaders and first responders with information on how cyber attacks can impact, prevent and/or stop operations and emergency responses in a community. The Developing Cybersecurity Resiliency for Everyone course provides a cursory introduction to cybersecurity vulnerabilities, risks, threats and countermeasures and introduces actions communities can take to establish a cybersecurity program. It introduces the Community Cybersecurity Maturity Model (CCSMM) as a framework for understanding community cybersecurity and offers a brief introduction to low or no-cost approaches to securing a community against cybersecurity threats and attacks; setting the stage for further efforts in which a community can build a cybersecurity program.

TEEX NERRTC (Texas A&M)

AWR-389-W

• 2hrs

Incident Response for Municipal, Police, Fire and EMS Information Technology Personnel

web-based training

This course is the second training in a two-part course. It is intended to introduce the basics of the incident response process to the Information Technology personnel in Police, Fire or EMS departments. This web-based course focuses on the steps involved in being aware of common cyber incidents, as well as steps in developing an incident response plan. The participants will apply this knowledge by developing a response plan specific to their jurisdiction. The content of the course includes: common cyber incidents occurring in Police, Fire and EMS IT departments, developing a response plan for common cyber incidents, distinguishing tasks for police, fire and EMS IT departments, and processes for future improvements to response plans.

NUARI (Norwich)

MGT-456

• 24hrs

Integration of Cybersecurity Personnel into the Emergency Operations Center for Cyber Incidents

instructor-led training

Traditionally, cybersecurity is the responsibility of each organization individually using their own information security and technology personnel to manage threats. However, the physical consequences of a cyber incident are a shared responsibility that involves all levels of government, law enforcement, the private sector and other “stakeholders”. With this shared responsibility, there is a clear need to bring IT professionals and traditional emergency management personnel together to prepare for, respond to, and recover from the impacts of a cyber incident. The course is designed to assist jurisdictions at all response levels (i.e.,

TEEX NERRTC (Texas A&M)

AWR-398-W

• 2hrs

Introduction to Information Sharing and Analysis Organizations

web-based training

This course introduces the basics of the cybersecurity information sharing processes. Participants will gain knowledge of cybersecurity information sharing and an understanding of how to join or establish an Information Sharing and Analysis Organization (ISAO) or Information Sharing and Analysis Center (ISAC). This course introduces elected officials at multiple levels (State, Local, Tribal, Territorial), as well as senior management and decision-makers (including for commercial entities), to the value proposition of sharing cybersecurity information.

NUARI (Norwich)

MGT-452

• 8hrs

Physical and Cybersecurity for Critical Infrastructure

instructor-led training

The national and economic security of the United States depends on the reliable functioning of critical infrastructure. This course encourages collaboration efforts among individuals and organizations responsible for both physical and cybersecurity toward development of integrated risk management strategies that lead to enhanced capabilities necessary for the protection of our Nation’s critical infrastructure. Participants will identify physical and cybersecurity concerns impacting overall infrastructure security posture, examine integrated physical and cybersecurity incidents and the evolving risks and impacts they pose to critical infrastructure, and explore resources that can be applied to improve security within an organization, business, or government entity.

TEEX NERRTC (Texas A&M)

MGT-384

• 16hrs

Preparing for Cyber Attacks and Incidents

instructor-led training

Preparing for Cyber Attacks and Incidents is a two-day, non-technical course designed to provide organizations and communities with strategies and processes to increase cyber resilience. During this course, participants will analyze cyber threats and initial and cascading impacts of cyber incidents, evaluate the process for developing a cyber preparedness program, examine the importance and challenges of cyber related information sharing and discover low to no-cost resources to help build cyber resilience.

TEEX NERRTC (Texas A&M)

MGT-465

• 16hrs

Recovering from Cybersecurity Incidents

instructor-led training

The Recovering from Cybersecurity Incidents course is designed to provide guidance to a jurisdiction on the actions necessary to effectively recover from a cybersecurity attack. It discusses the pre- and post-incident programmatic activities needed for short-term and long-term recovery. The course bridges the different worlds of information technology and emergency management. This training is particularly pertinent to IT management, emergency management personnel, as well as any other government, critical infrastructure, or private sector personnel who has the responsibility for recovering after a cyber incident.

TEEX NERRTC (Texas A&M)

AWR-353-W

• 2hrs

Using the Community Cyber Security Maturity Model (CCSMM) to Develop a Cyber Security Program

web-based training

Using the Community Cyber Security Maturity Model (CCSMM) to develop a cybersecurity program will enable community leaders, network/security personnel and those individuals involved in developing or maintaining plans used for and throughout the community. This course assists participants to understand what is required to develop a coordinated, sustained and viable community cybersecurity program. The course introduces participants at all levels to the DHS-supported CCSMM and can be used to guide communities and states in developing their own CCSMM-consistent cybersecurity programs. Participants are introduced to different resources that can be used for a community program.

CIAS (UTSA)

Share the Printed Course Catalog

The NCPC catalog is available as a brochure in PDF form. Get the latest edition here: