Cyber Education & Training Updates
February - March 2025
Highlights: What You Want to Know
-
Applications are now open for all FY25 Federal Cyber Defense Skilling Academy These 100% virtual, free training offerings are designed to equip federal employees with foundational and specialized cybersecurity skills. Each course emphasizes practical training to ensure that participants gain experience in protecting and defending against cyber threats. For additional information on the Skilling Academy, including the schedule for Micro-Courses and Pathways, and instructions on how to apply, see the Skilling Academy section below. Questions about the program can be sent to SkillingAcademy@cisa.dhs.gov.
-
The new CDM144 course, VULNERABILITY AND RISK MANAGEMENT USING THE CDM AGENCY DASHBOARD will launch on February 25. The course will cover the new CDM capabilities: CyHy (Cyber Hygiene) and SCuBA (Secure Cloud Business Applications). It will be hosted in the Cybersecurity Virtual Learning Environment (CVLE), which includes training labs for the CDM Agency Dashboard training labs.
- CISA is thrilled to announce that we are now offering Skilling Continuation Labs (SCL)! This new series of hands-on training opportunities covers specific cyber topics and use cases that are tied to CISA guidance and publications. To try your hand at the Network Segmentation and Enhanced Security with DNS labs, head over to the President’s Cup Practice Area.
|
| |
| |
Cyber Trainings
Federal Cyber Defense Skilling Academy
The purpose of CISA’s Skilling Academy is to provide widely recognized cybersecurity training for full-time federal employees, promoting collaboration and interactive learning to protect, defend, respond, and reduce risk to our nation’s critical infrastructure from cyber threats.
The Skilling Academy offers two types of trainings:
-
Micro-courses: These condensed, self-paced, 100% virtual trainings are designed to equip students with foundational and specialized cybersecurity skills. Each course emphasizes practical training to ensure that participants gain real-world experience in protecting and defending against cyber threats. The micro-courses range from 40 to 80 hours in duration.
-
Pathways: These offerings are live, virtual, intense, full-time, one to three-month accelerated training offerings. Pathway students are provided with valuable opportunities to practice cybersecurity skills in lab environments, which are led by an online instructor.
Eligibility: All full-time federal employees, in any job series and any grade or grade equivalent for non-General Schedule (GS) employees, are eligible to apply to CISA's Federal Cyber Defense Skilling Academy. Government contractors are not permitted to participate.
Participation in the Skilling Academy is prioritized for individuals from Departments and Agencies within the Federal Civilian Executive Branch. Applications from other federal government entities are welcome and will be considered based on course availability and program requirement.
|
Skilling Academy Micro-Course Dates through March
|
|
Micro-Course Title & Session Number
|
Length
|
Course Start & End Date
|
Applications Close Date*
|
|
Intro to Incident Response – Session 2
|
1 week (40 hours)
|
03/03/2025 - 03/07/2025
|
02/14/2025 (5 pm EST)
|
|
Intro to Incident Detect/Response/Handling – Session 1
|
2 weeks (80 hours)
|
03/10/2025 - 03/21/2025
|
02/21/2025 (5 pm EST)
|
|
Intro to Pen-Testing – Session 2
|
1 week (40 hours)
|
03/24/2025 - 03/28/2025
|
03/07/2025 (5 pm EST)
|
|
IT Fundamentals - Session 2
|
2 weeks (80 hours)
|
03/24/2025 - 04/04/2025
|
03/07/2025 (5 pm EST)
|
|
Skilling Academy Pathway Dates through March
|
|
Pathway Title & Session Number
|
Length
|
Course Start & End Date
|
Applications Close Date*
|
|
Systems Security Analysis - Session 1
|
4 weeks
|
02/24/2025 - 03/21/2025
|
02/07/2025 (5 pm EST)
|
|
Infrastructure Support - Session 1
|
4 weeks
|
03/03/2025 - 03/28/2025
|
02/14/2025 (5 pm EST)
|
|
Defensive Cybersecurity - Session 1
|
12 weeks
|
03/17/2025 - 06/13/2025
|
02/28/2025 (5 pm EST)
|
|
AI/ML Pathway - Session 1
|
4 weeks
|
03/24/2025 - 4/18/2025
|
03/07/2025 (5 pm EST)
|
|
Incident Response - Session 1
|
4 weeks
|
04/14/2025 - 05/09/2025
|
03/28/2025 (5 pm EST)
|
*The application window will close when each micro-course reaches 30 applicants, which may be sooner than the application close date.
More courses and additional dates for the listed courses are available. For more information and instructions on how to apply, send an email to SkillingAcademy@cisa.dhs.gov
Incident Response (IR)
This free training series includes 100-level webinars for a general audience which are cybersecurity topic overviews that provide core guidance and best practices to make your network more resilient to attacks. It also includes 200-level Cyber Range Training courses for government employees and contractors across federal, state, local, tribal, and territorial government, educational partners, and critical infrastructure partners. These Cyber Range Trainings provide guided step-action labs to learn and practice investigation, remediation, and incident response skills.
|
IR Training Events
|
|
Date
|
Course Code
|
Registration Opens
|
Course
|
Hours
|
|
02/06/2025
|
SS205
|
01/06/2025
|
Preventing Web and Email Server Attacks Cyber Range Training
|
4
|
|
02/10/2025
|
IR115
|
01/10/2025
|
IR115-Incident Response Triage: Initial Triage and Data Collection
|
1
|
|
02/11/2025
|
IR208
|
01/11/2025
|
Understanding Indicators of Compromise Cyber Range Training
|
4
|
|
02/12/2025
|
IR215
|
01/12/2025
|
IR215-Incident Response Triage: Initial Triage and Data Collection Cyber Range Training
|
4
|
|
02/13/2025
|
IR215
|
01/13/2025
|
IR215-Incident Response Triage: Initial Triage and Data Collection Cyber Range Training
|
4
|
|
02/14/2025
|
IR215
|
01/14/2025
|
IR215-Incident Response Triage: Initial Triage and Data Collection Cyber Range Training
|
4
|
|
02/19/2025
|
SS110
|
01/19/2025
|
Introduction to Log Management Webinar
|
1
|
|
02/27/2025
|
SS209
|
01/27/2025
|
Defending Against Ransomware Attacks Cyber Range Training
|
4
|
|
03/03/2025
|
IR116
|
02/03/2025
|
Incident Response Triage: Data Analysis
|
1
|
|
03/04/2025
|
IR216
|
02/04/2025
|
Incident Response Triage: Data Analysis Cyber Range Training
|
4
|
|
03/05/2025
|
IR216
|
02/05/2025
|
Incident Response Triage: Data Analysis Cyber Range Training
|
4
|
|
03/06/2025
|
IR216
|
02/06/2025
|
Incident Response Triage: Data Analysis Cyber Range Training
|
4
|
|
03/06/2025
|
IR111
|
02/06/2025
|
Using the CISA Incident Response Playbook at Your Organization Webinar
|
1
|
|
03/11/2025
|
SS210
|
02/11/2025
|
Introduction to Log Management Cyber Range Training
|
4
|
|
03/18/2025
|
SS204
|
02/18/2025
|
Defending Internet Accessible Systems Cyber Range Training
|
4
|
|
03/27/2025
|
IR211
|
02/27/2025
|
Using the CISA Incident Response Playbook at Your Organization
|
4
|
|
03/28/2025
|
IR211
|
02/28/2025
|
Using the CISA Incident Response Playbook at Your Organization
|
4
|
To learn more or register visit: IR Training|CISA
Continuous Diagnostics and Mitigation (CDM)
We provide instructor led, hands-on CDM Dashboard training for U.S. Executive Branch employees and contractors in a virtual cyber range training environment. These courses are designed for personnel at agencies participating in the CDM program who monitor, manage, or oversee controls on their information systems such as ISSOs, CDM POCs, ISSMs and those reporting metrics.
The goal of the CDM training is to teach participants the basics of CDM and how to use the CDM Dashboard capabilities to help mitigate agency threats. We will also offer various CDM resources and external references.
Currently, the courses use version of the CDM Dashboard (ES-6.2) within the cyber virtual training range (CVLE) and will be updated to the current 6.3 version in February. The current content focuses on the most recent version of the dashboard, including FISMA Automation, HVA reporting, and other dashboard capabilities. Current CDM courses are offered at the 100-level (Introductory) and 200-level (Intermediate).
|
CDM Training Events
|
|
Date
|
Course Code
|
Registration Opens
|
Course
|
Hours
|
|
02/04/2025
|
CDM141
|
01/06/2025
|
Introduction to the CDM Agency Dashboard
|
4
|
|
02/13/2025
|
CDM142
|
01/13/2025
|
Asset Management with the CDM Agency Dashboard
|
4
|
|
02/20/2025
|
CDM330
|
01/20/2025
|
Managing High Value Assets (HVAs) Using the CDM Agency Dashboard
|
4
|
|
02/25/2025
|
CDM144
|
02/01/2025
|
Vulnerability and Risk Management using the CDM Agency Dashboard – [New Course]
|
4
|
|
03/13/2025
|
CDM320
|
02/13/2025
|
Using the CDM Agency Dashboard to Respond to Federal Directives – BOD 22-01 & BOD 23-01
|
3
|
|
02/20/2025
|
CDM301
|
02/20/2025
|
Executive Overview of the CDM Agency Dashboard
|
2
|
|
02/25/2025
|
CDM203
|
02/25/2025
|
CDM Dashboard Role-Based Training - System Analyst
|
4
|
To learn more or register visit: CDM Training|CISA
Industrial Control Systems (ICS)
We offer free, virtual ICS trainings geared toward Critical Infrastructure owners and operators. The trainings are designed to reduce cybersecurity risks to critical infrastructure and encourage cooperation between CISA and the private sector. Trainings vary in length and run from 8:00 a.m. – 5:00 p.m. MST (10:00 a.m. – 7:00 p.m. EST). All trainings are conducted through Online Training or CISA Virtual Learning Portal (VLP), with the exception of the three- or four-day, in-person courses at Idaho National Labs (INL) in Idaho Falls, ID.
|
ICS Training Events
|
|
Date
|
Course Code
|
Course
|
Location
|
|
02/24/2025-02/27/2025
|
301
|
Industrial Control Systems Cybersecurity & RED-BLUE Exercise (301)
|
IN-PERSON TRAINING –
4 Days
|
|
03/10/2025-03/13/2025
|
301
|
Industrial Control Systems Cybersecurity & RED-BLUE Exercise (301)
|
IN-PERSON TRAINING –
4 Days
|
|
On Demand
|
100W
|
Operational Security (OPSEC) for Control Systems
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-1
|
Differences in Deployments of ICS
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-2
|
Influence of Common IT Components on ICS
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-3
|
Common ICS Components
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-4
|
Cybersecurity within IT & ICS Domains
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-5
|
Cybersecurity Risk
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-6
|
Current Trends (Threat)
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-7
|
Current Trends (Vulnerabilities)
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-8
|
Determining the Impacts of a Cybersecurity Incident
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-9
|
Attack Methodologies in IT & ICS
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-10
|
Mapping IT Defense-in-Depth Security Solutions to ICS - Part 1
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
210W-11
|
Mapping IT Defense-in-Depth Security Solutions to ICS - Part 2
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
FRE2115
|
Industrial Control Systems Cybersecurity Landscape for Managers
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
ICS300
|
Advanced Cybersecurity for Industrial Control Systems
|
CISA Training Virtual Learning Portal (VLP)
|
|
On Demand
|
ICS401V
|
Industrial Control Systems Evaluation
|
CISA Training Virtual Learning Portal (VLP)
|
To learn more or sign up, visit: ICS Training Calendar|CISA
*The following virtual courses are prerequisites to attending in-person 301 and 401 trainings hosted by CISA at the Idaho National Laboratory:
-
ICS 301v: Focuses on understanding, protecting and securing ICS from cyberattacks.
-
ICS 401v: Focuses on analyzing and evaluating an ICS network to determine its defense status and what changes need to be made.
The National Initiative for Cybersecurity Careers and Studies (NICCS)
Visit the NICCS website to gain access to tools and resources that allow you to explore and build career paths in cybersecurity, while also finding the necessary information, training, tools, and more to support you along the way. Two of the most recently updated tools on NICCS include:
-
Workforce Framework for Cybersecurity (NICE Framework): This interactive version of the NICE Framework allows you to explore cybersecurity Work Roles, and the Tasks, Knowledge, and Skills necessary to be successful in each one. Work Roles are also linked to relevant courses available in the NICCS Education & Training Catalog, which contains thousands of virtual and in-person courses for cybersecurity professionals of all skill levels.
-
Cyber Career Pathways Tool: This resource allows you to check out cybersecurity career paths mapped to the NICE Framework and gain valuable insights for launching or transitioning to a variety of different careers in cybersecurity. Find work descriptions, capabilities, videos, training, and more for 52 work roles across five different skill communities.
Be sure to visit NICCS today to explore these tools and more! Please email NICCS@mail.cisa.dhs.gov if you have any questions.
|
CDET Mission
|
CDET Vision
|
|
Address today’s cyber workforce challenges through innovative education and training opportunities.
|
Lead and influence national cyber training and education to promote and enable the cyber-ready workforce of tomorrow.
|
Contact Us: cyberinsights@cisa.dhs.gov
|
