Cyber Education & Training Updates
January - February 2025
Highlights: What You Want to Know
-
Get ready because the President’s Cup Cybersecurity Competition is back! Registration for President’s Cup 6 opens on December 9 and runs through January 14 for Teams, and through January 28 for Individuals. This year, participants will be immersed into a world so neon-bright, they’ll need wraparound shades! Don’t miss the chance to show off your #cyberskills -- get ready to outwit and outlast your friends and colleagues with President’s Cup 6! Visit gov/presidentscup for more information and to sign up!
-
A new course titled “Managing High Value Assets (HVAs) using the CDM Agency Dashboard” will be delivered on January 9, 2025. This course covers the basics of the High Value Asset (HVA) program and demonstrates how to manage HVA's using the CDM Agency Dashboard. Participants will learn about important HVA guidance, the HVA Management Lifecycle, and tracking capabilities within the dashboard. By using the dashboard, users can identify, track, and prioritize their mitigation activities for HVA assets. This enhanced visibility will lead to faster responses and help decision-makers assess the urgency of their actions.
|
| |
| |
Cyber Trainings
Federal Cyber Defense Skilling Academy
The Cybersecurity and Infrastructure Security Agency (CISA) Federal Cyber Defense Skilling Academy’s (Skilling Academy) mission is to provide widely recognized cybersecurity training for full-time federal employees, promoting collaboration and interactive learning to protect, defend, respond, and reduce risk to our nation’s critical infrastructure from cyber threats.
The following two-week long, self-paced micro-courses will be available in early 2025.
Eligibility: All full-time federal employees, in any job series and any grade or grade equivalent for non-General Schedule (GS) employees, are eligible to apply to CISA's Federal Cyber Defense Skilling Academy. Government contractors are not permitted to participate.
Participation in the Skilling Academy is prioritized for individuals from Departments and Agencies within the Federal Civilian Executive Branch. Applications from other federal government entities are welcome and will be considered based on course availability and program requirement.
|
Skilling Academy Session Dates for Jan and Feb FY25
|
|
Micro-course Title
|
Length
|
Program Start & End Date
|
Applications Close Date*
|
|
IT Fundamentals - Session 1
|
2 weeks (80 hours)
|
01/27/2025 - 02/07/2025
|
01/10/2025 (5 pm EST)
|
|
Intro to Forensic Analysis, Fundamentals- Session 1
|
2 weeks (80 hours)
|
01/27/2025 - 02/07/2025
|
01/10/2025 (5 pm EST)
|
|
Basics of Threat Analysis- Session 1
|
2 weeks (80 hours)
|
02/03/2025 - 02/14/2025
|
01/17/2025 (5 pm EST)
|
|
For more information about the Skilling Academy and instructions on how to apply, send an email to SkillingAcademy@cisa.dhs.gov
|
*The application window will close when each micro-course reaches 30 applicants, which may be sooner than the application close date.
Incident Response (IR)
This free training series includes 100-level webinars for a general audience which are cybersecurity topic overviews that provide core guidance and best practices to make your network more resilient to attacks. It also includes 200-level Cyber Range Training courses for government employees and contractors across federal, state, local, tribal, and territorial government, educational partners, and critical infrastructure partners. These Cyber Range Trainings provide guided step-action labs to learn and practice investigation, remediation, and incident response skills.
|
IR Training Events
|
|
Date
|
Course Code
|
Registration Opens
|
Course
|
Hours
|
|
01/07/2025
|
SS209
|
12/09/2024
|
Defend Against Ransomware Attacks Cyber Range Training
|
4
|
|
01/13/2025
|
IR114
|
12/13/2024
|
Incident Response Triage: Instrumenting the Environment to Detect Suspicious and Malicious Activity
|
1
|
|
01/15/2025
|
IR214
|
12/15/2024
|
Incident Response Triage: Instrumenting the Environment to Detect Suspicious and Malicious Activity Cyber Range Training
|
4
|
|
01/16/2025
|
IR214
|
12/16/2024
|
Incident Response Triage: Instrumenting the Environment to Detect Suspicious and Malicious Activity Cyber Range Training
|
4
|
|
01/16/2025
|
SS206
|
12/16/2024
|
Preventing DNS Infrastructure Tampering Cyber Range Training
|
4
|
|
01/17/2025
|
IR214
|
12/17/2024
|
Incident Response Triage: Instrumenting the Environment to Detect Suspicious and Malicious Activity Cyber Range Training
|
4
|
|
01/22/2025
|
IR108
|
12/23/2024
|
Understanding Indicators of Compromise
|
4
|
|
01/28/2025
|
SS210
|
12/30/2024
|
Introduction to Log Management Cyber Range Training
|
4
|
|
01/30/2025
|
SS213
|
12/30/2024
|
Implementing SaaS Security Guidelines Cyber Range Training
|
4
|
|
02/06/2025
|
SS205
|
01/06/2025
|
Preventing Web and Email Server Attacks Cyber Range Training
|
4
|
|
02/10/2025
|
IR115
|
01/10/2025
|
IR115-Incident Response Triage: Initial Triage and Data Collection
|
1
|
|
02/11/2025
|
IR208
|
01/11/2025
|
Understanding Indicators of Compromise Cyber Range Training
|
4
|
|
02/12/2025
|
IR215
|
01/12/2025
|
IR215-Incident Response Triage: Initial Triage and Data Collection Cyber Range Training
|
4
|
|
02/13/2025
|
IR215
|
01/13/2025
|
IR215-Incident Response Triage: Initial Triage and Data Collection Cyber Range Training
|
4
|
|
02/14/2025
|
IR215
|
01/14/2025
|
IR215-Incident Response Triage: Initial Triage and Data Collection Cyber Range Training
|
4
|
|
02/19/2025
|
SS110
|
01/19/2025
|
Introduction to Log Management Webinar
|
1
|
|
02/27/2025
|
SS209
|
01/27/2025
|
Defending Against Ransomware Attacks Cyber Range Training
|
4
|
To learn more or register visit: IR Training|CISA
Continuous Diagnostics and Mitigation (CDM)
We provide instructor led, hands-on CDM Dashboard training for U.S. Executive Branch employees and contractors in a virtual cyber range training environment. These courses are designed for personnel at agencies participating in the CDM program who monitor, manage, or oversee controls on their information systems such as ISSOs, CDM POCs, ISSMs and those reporting metrics.
The goal of the CDM training is to teach participants the basics of CDM and how to use the CDM Dashboard capabilities to help mitigate agency threats. We will also offer various CDM resources and external references.
Currently, the courses use version of the CDM Dashboard (ES-6.2) within the cyber virtual training range (CVLE) and will be updated to the current 6.3 version in February. The current content focuses on the most recent version of the dashboard, including FISMA Automation, HVA reporting, and other dashboard capabilities. Current CDM courses are offered at the 100-level (Introductory) and 200-level (Intermediate).
|
CDM Training Events
|
|
Date
|
Course Code
|
Registration Opens
|
Course
|
Hours
|
|
01/10/2025
|
CDM330
|
12/09/2024
|
Managing High Value Assets (HVAs) Using the CDM Agency Dashboard
|
4
|
|
01/14/2025
|
CDM320
|
12/16/2024
|
|
Using the CDM Agency Dashboard to Respond to Federal Directives – BOD 22-01 & BOD 23-01
|
|
2.5
|
|
01/23/2025
|
CDM301
|
12/23/2024
|
Executive Overview of the CDM Agency Dashboard
|
2
|
|
02/04/2025
|
CDM141
|
01/06/2025
|
Introduction to the CDM Agency Dashboard
|
4
|
|
02/13/2025
|
CDM142
|
01/13/2025
|
Asset Management with the CDM Agency Dashboard
|
4
|
|
02/20/2025
|
CDM330
|
01/20/2025
|
Managing High Value Assets (HVAs) Using the CDM Agency Dashboard
|
4
|
|
02/25/2025
|
CDM144
|
02/01/2025
|
Vulnerability and Risk Management using the CDM Agency Dashboard – [New Course]
|
4
|
To learn more or register visit: CDM Training|CISA
Industrial Control Systems (ICS)
We offer free, virtual ICS trainings geared toward Critical Infrastructure owners and operators. The trainings are designed to reduce cybersecurity risks to critical infrastructure and encourage cooperation between CISA and the private sector. Trainings vary in length and run from 8:00 a.m. – 5:00 p.m. MST (10:00 a.m. – 7:00 p.m. EST). All trainings are conducted through Online Training or CISA Virtual Learning Portal (VLP), with the exception of the three- or four-day, in-person courses at Idaho National Labs (INL) in Idaho Falls, ID.
|
ICS Training Events
|
|
Date
|
Course Code
|
Course
|
Location
|
|
01/13/2025-01/16/2025
|
301
|
Industrial Control Systems Cybersecurity & RED-BLUE Exercise (301)
|
IN-PERSON TRAINING –
4 Days
|
|
02/24/2025-02/27/2025
|
301
|
Industrial Control Systems Cybersecurity & RED-BLUE Exercise (301)
|
IN-PERSON TRAINING –
4 Days
|
|
01/13/2025-01/16/2025
|
301
|
Industrial Control Systems Cybersecurity & RED-BLUE Exercise (301)
|
IN-PERSON TRAINING –
4 Days
|
|
On Demand
|
100W
|
Operational Security (OPSEC) for Control Systems
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-1
|
Differences in Deployments of ICS
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-2
|
Influence of Common IT Components on ICS
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-3
|
Common ICS Components
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-4
|
Cybersecurity within IT & ICS Domains
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-5
|
Cybersecurity Risk
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-6
|
Current Trends (Threat)
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-7
|
Current Trends (Vulnerabilities)
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-8
|
Determining the Impacts of a Cybersecurity Incident
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-9
|
Attack Methodologies in IT & ICS
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-10
|
Mapping IT Defense-in-Depth Security Solutions to ICS - Part 1
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-11
|
Mapping IT Defense-in-Depth Security Solutions to ICS - Part 2
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
FRE2115
|
Industrial Control Systems Cybersecurity Landscape for Managers
|
CISA Training Virtual Learning Portal (VLP)
|
To learn more or sign up, visit: ICS Training Calendar|CISA
*The following virtual courses are prerequisites to attending in-person 301 and 401 trainings hosted by CISA at the Idaho National Laboratory:
-
ICS 301v: Focuses on understanding, protecting and securing ICS from cyberattacks.
-
ICS 401v: Focuses on analyzing and evaluating an ICS network to determine its defense status and what changes need to be made.
The National Initiative for Cybersecurity Careers and Studies (NICCS)
Visit the NICCS website to gain access to tools and resources that allow you to explore and build career paths in cybersecurity, while also finding the necessary information, training, tools, and more to support you along the way. Two of the most recently updated tools on NICCS include:
-
Workforce Framework for Cybersecurity (NICE Framework): This interactive version of the NICE Framework allows you to explore cybersecurity Work Roles, and the Tasks, Knowledge, and Skills necessary to be successful in each one. Work Roles are also linked to relevant courses available in the NICCS Education & Training Catalog, which contains thousands of virtual and in-person courses for cybersecurity professionals of all skill levels.
-
Cyber Career Pathways Tool: This resource allows you to check out cybersecurity career paths mapped to the NICE Framework and gain valuable insights for launching or transitioning to a variety of different careers in cybersecurity. Find work descriptions, capabilities, videos, training, and more for 52 work roles across five different skill communities.
Be sure to visit NICCS today to explore these tools and more! Please email NICCS@mail.cisa.dhs.gov if you have any questions.
|
CDET Mission
|
CDET Vision
|
|
Address today’s cyber workforce challenges through innovative education and training opportunities.
|
Lead and influence national cyber training and education to promote and enable the cyber-ready workforce of tomorrow.
|
Contact Us: cyberinsights@cisa.dhs.gov
|
