This course is designed as a tabletop activity simulating a community-wide cybersecurity event. Using a gamification approach, participants will strategize with a diverse group of stakeholders to plan for and respond from a cybersecurity incident that could have cascading effects across a community.
Specifically, this training will encourage participants to discuss budgeting and planning strategies; coordinate with other community stakeholders to respond to a cyber incident; and will inform participants of various recovery aspects that may be included in a cybersecurity program.
This course addresses different forms of authentication, such as two-factor, multi-factor and other authentication products protections addressing identity compromise. Designed for public and private personnel at all levels of government, law enforcement, the private sector and other stakeholders, CIAA provides a broad-base of knowledge connecting the underlying concepts of digital identity to how people, devices and systems are authorized to access digital resources and services. This course also covers “best practices” for using identity management and access control techniques and mechanisms to develop authentication standards.
This course covers basic cyber awareness for Municipal, Police, Fire and EMS Information Technology personnel. Participants will have an increased knowledge of threats specific to their jurisdiction and an understanding of the processes and procedures needed to develop a cyber-awareness program. This course will focus on the steps involved in being aware of cyber threats and effectively communicating the processes and procedures to protect users against common cyber threats. The participants will apply this knowledge by developing processes and procedures to integrate cyber awareness into routine operations.
This is an awareness-level, non-technical course that is focused on educational institutions with training to assist them in addressing cybersecurity threats. Educational institutions of all sizes (including universities, colleges and K-12 school districts) are data rich making them targets for cyber-attacks. Cybersecurity readiness is not solely a technology issue; it includes managing student safety, well-being and digital risks. The leadership are responsible for managing the cybersecurity risk for our schools.
The use of computers and networked systems in the workplace has opened businesses and organizations to a variety of risks. Every employee using a computer connected to the organization’s network is a potential point of entry for a cyber-attack. For this reason, cybersecurity and protecting the organization’s data/information is every employee’s responsibility. This course will help students understand the different types of cyber-attacks their company may face, the type of information that is at risk, how to recognize cyber-attacks and why it is important for everyone in the organization to participate in cybersecurity.
This course is designed to address specific technical and professional skills needed to assess, document, remediate and report on cybersecurity vulnerability assessments within organizations through a series of lectures and hands-on activities. Activities include examining, analyzing, and prioritizing assets, risks and vulnerabilities to develop a vulnerability assessment report that could be delivered to organizational leadership. This course utilizes active discussions and activities to extend the participant’s understanding of vulnerability assessments.
This course, through discussion, pre-recorded attacks and live example attacks, will demystify common cyber attacks for non-technical participants. Participants will also learn how common cyber attacks can be disrupted at various points of the cyber kill chain using various mitigation and response strategies.
Upon successful completion of this course, participants will have a better understanding of the progression of common cyber attacks; and, where and how they can be prevented or disrupted.
As computers and mobile devices become a part of most people’s everyday lives, the challenges of protecting computers and mobile devices and the data on them increases. Part of protecting computers and mobile devices is understanding how to recognize when they are compromised, the steps to take to respond to compromised computers and devices, and how to recover once they have been rid of any infection. This course will introduce students to various types of cyber-attacks and how to detect and respond to them in order to protect their data and information.
Disaster Recovery for Information Systems trains business managers to respond to varying threats that might impact their organization’s access to information. The course provides requisite background theory and recommended best practices needed by managers to keep their offices running during incidents of different types. Topics include an overview of business continuity planning; disaster recovery planning; guides for implementing and managing disaster recovery plans, a discussion of technical vulnerabilities faced by organizations and an examination of legal issues that may confront an organization.
The growing Information Sharing and Analysis Organization (ISAO) ecosystem provides an opportunity to empower the nation to become more educated and effective in preventing, detecting and responding to the increasingly sophisticated landscape of cyber threats. There are considerable challenges with the vast quantity of information, the complexities of analysis and the uncertainties of sharing data with a large network of organizations. This course assists communities of interest to establish an Information Sharing and Analysis Organization (ISAO).
Today’s advanced persistent threats (APTs) are increasingly sophisticated, varied, targeted, aggressive and successful. There is an increasing deployment of and dependence on Internet of Things (IoT) for remote access devices to National Critical Infrastructure Sectors and Services (NCISS). Inadequate deployment and maintenance of security on these systems could provide opportunities for attackers to harm to the American citizenry through NCISS infrastructure and associated resource disruption.
This course provides practical guidelines on responding to incidents effectively and efficiently as part of an incident response program. Primary topics include detecting, analyzing, prioritizing, and handling cyber incidents. Real-world examples and scenarios to help provide knowledge, understanding, and capacity for effective cyber incident analysis and response.
This advanced level course is designed to teach students the fundamental of cyber incident analysis and responses.
This course is designed to assist individuals better understand security and privacy issues associated with mobile devices and infrastructure; including benefits and challenges of designing, implementing, and maintaining Bring Your Own Device (BYOD) Programs. Using scenarios, thought challenges and exercises as a framework, students will learn about:
The purpose of Enterprise Mobile Management platforms
Elements that make mobile networks and operating systems different
Mobile malware classifications and detection strategies
Mobile architecture data leakage detection and prevention strategies.
The Internet (the world’s largest network) allows us to accomplish tasks more conveniently and efficiently at home, work and on the road! However, there are security risks with networks, and users must be aware and remain vigilant about these risks and how to secure their home or small business network.
This course will introduce students to the basics of networks for homes and small businesses and provide them with best practices to secure their networks in order to protect their personal information as well as other (friends, family, customers, vendors, etc.)
This course introduces fundamental cyber information sharing concepts that can be incorporated into a cybersecurity program for both inside and outside an agency or organization. It introduces the purpose and value of information sharing and how sharing can assist with cyber incident preparedness and response before, during and after a cyber incident occurs.
Organizations have increasingly been the target of cyberattacks that are preventable. One of the first steps to preventing cybersecurity incidents is developing and implementing cybersecurity policies in the organization. Developing robust cybersecurity policies is crucial for organizations to safeguard their digital assets and maintain operational resilience. Policies provide clear guidelines, define security standards, and establish procedures to protect against cyber threats such as data breaches, ransomware attacks, and unauthorized access. Organizations can mitigate risks, ensure compliance, and foster a security-conscious culture by implementing effective policies.
This survey course enables leaders to define and determine business risk related to cybersecurity in a multi-dimensional environment. Students are exposed to complex analysis and decision-making with consideration of converged catalysts (e.g., cyber, physical, informational) impacting operations. They will gain an appreciation for a standard taxonomy and introduced to methods to calculate risk. The course is based on Factor Analysis of Information Risk (FAIR) but does not purport to cover FAIR in its entirety.
Every organization has critical information and technology assets that are essential to their business operations and require enhanced security. Organizational resources that can be dedicated to cybersecurity are finite; therefore, those resources should be applied deliberately and strategically focusing on the most important assets. This course will enable participants to identify their high value assets, prioritize them, assess them and create a remediation action plan.
Cybersecurity preparedness and response in a resource-constrained enterprise, partnering Information Technology with Operational Technology security and operations professionals, and with a detailed focus on the business and regulatory environment that public and rural electricity providers experience.
In today’s interconnected world, the integration of technology into supply chains has significantly enhanced operational efficiency and global reach. However, this integration has simultaneously introduced considerable cybersecurity risks that necessitate urgent attention. Supply chains are increasingly targeted by sophisticated cyberattacks due to their complexity and the valuable of the data they handle, making cybersecurity a critical concern for ensuring the continuity and resilience of supply chain operations. Integrating cybersecurity training into supply chain management is critical to safeguarding against the increasing threat of cyberattacks.
This course is designed as a tabletop activity simulating a community-wide cybersecurity event. Using a gamification approach, participants will strategize with a diverse group of stakeholders to plan for and respond from a cybersecurity incident that could have cascading effects across a community.
Specifically, this training will encourage participants to discuss budgeting and planning strategies; coordinate with other community stakeholders to respond to a cyber incident; and will inform participants of various recovery aspects that may be included in a cybersecurity program.