Incoming Transmission… Registration for President’s Cup 7 is Almost Here!
Agents, your directive is clear: On December 8, register for the most elite cybersecurity mission of the year. This is your chance to defend digital borders and outmaneuver opposing forces.
CISA’s President’s Cup Cybersecurity Competition is the ultimate proving ground for cyber specialists and enthusiasts, open to all federal civilian employees and active-duty military and National Guard personnel. This is your chance to battle head-to-head to secure bragging rights, prestige, and national recognition.
Whether you are a digital defender or cyber infiltrator, President’s Cup lets you operate as an individual or assemble a team of up to 5.
|
|
|
|
|
|
December 8, 2025-January 13, 2026
|
December 8, 2025-January 27, 2026
|
|
|
|
|
|
|
|
|
|
|
April 14-16, 2026
•Defensive Track: 4/14 •Offensive Track: 4/15 •Teams 4/16
|
|
|
|
Need to train before deployment? The President’s Cup Practice Area is your dossier library - packed with open-source mission materials from previous competitions.
Agents, we have intercepted critical information that demands your immediate attention. President’s Cup 7 brings exciting changes designed to elevate the competition experience and celebrate long term excellence.
-
Solo Spotlight: Individuals will now compete before teams, allowing solo competitors to take the spotlight first.
-
Streamlined Platform: The new competition platform will provide a streamlined experience and require all participants to create a new login to compete.
-
Hack of Fame Debut: This year also marks the debut of the Hack of Fame. Competitors who achieve three total top 3 finishes, regardless of event type, track, or year, will earn a place in this exclusive group. Once inducted, they will be honored for their accomplishments and step aside to make room for new champions.
-
Game of the Month: Test your skills year-round with monthly cybersecurity challenges designed to keep you engaged and sharp in a non-competitive environment. For more information, visit https://presidentscup.cisa.gov/game-of-the-month.
-
Game of the Month is open to anyone that wishes to participate, including the private sector!
The clock is ticking and the mission won't wait! Accept your assignment at presidentscup.cisa.gov.
Eligible Audience: Open to federal civilian employees, active-duty military, and National Guard personnel.
The President’s Cup Game of the Month December challenge is now live. Participants can sign up and compete to:
- Develop Key Skills engaging in continuous learning and gaining hands-on experience by applying their skills in in digital forensics and incident response.
- Boost their Careers by working on NICE framework tasks critical to cybersecurity investigations.
- And testing their abilities with challenges based upon real-world cyber incident scenarios.
Eligible Audience: Open to federal employees and non-federal employees.
CISA’s Federal Cyber Defense Skilling Academy (Skilling Academy) provides widely recognized, 100% virtual cybersecurity training for full-time federal employees, promoting collaboration and interactive learning in order to protect, defend, respond and reduce risk to our nation's critical infrastructure from cyber threats.
- In FY26, the Skilling Academy is offering full-time, virtual, and instructor-led training courses that provide students with baseline tasks, knowledge, and skills of various cyber work roles. Each pathway focuses on a specific cyber work role and at the end of the course, students will receive a voucher to take the accompanying certification exam.
Eligibility: All full-time United States federal employees, in any job series and any grade or grade equivalent for non-General Schedule (GS) employees, are eligible to apply to CISA's Federal Cyber Defense Skilling Academy. Selected participants within the Skilling Academy must retain their full-time employment status in the federal government for the duration of the course to maintain eligibility. Government contractors are not permitted to participate.
Participation in the Skilling Academy is prioritized for individuals from Departments and Agencies within the Federal Civilian Executive Branch. Applications from other federal government entities are welcome and will be considered based on course availability and program requirements.
|
Skilling Academy Pathway Courses Starting in Q2 FY26
|
|
Pathway Title & Session Number
|
Length
|
Course Start & End Date
|
Applications Close Date*
|
|
Systems Security Analysis – Session 1
|
4 weeks
|
1/12/2026 – 2/9/2026
|
12/31/2025 (5 pm ET)
|
|
Artificial Intelligence and Machine Learning (AI/ML) – Session 1
|
4 weeks
|
1/20/2026 – 2/18/2026
|
12/31/2025 (5 pm ET)
|
|
Vulnerability Analysis – Session 1
|
4 weeks
|
1/26/2026 – 2/23/2026
|
1/09/2026 (5 pm ET)
|
|
Incident Response – Session 1
|
4 weeks
|
2/23/2026 – 3/20/2026
|
1/30/2026 (5 pm ET)
|
*The application window will close when each course reaches 30 applicants, which may be sooner than the application close date.
This series provides training assistance to cyber incident responders to help them prepare for, identify, assess, mitigate and report cyber events. This series includes 100-level one-hour webinars for a general audience and 200-level virtual training courses with cyber range lab activities where participants can learn and practice investigation, remediation, and incident response skills. The course audience is government employees and contractors at all levels—federal, state, local, tribal, and territorial—as well as educational and critical infrastructure partners. For more information, email cyberinsights@cisa.dhs.gov.
To learn more or register visit: Incident Response Training | CISA
Eligible Audience: Open to federal employees and supporting contractors, state, local, tribal, and territorial, and critical infrastructure partners.
This training series provides training assistance to cyber practitioners so they can enable secure systems by strengthening their cyber defenses against vulnerabilities, weaknesses, and threats. This series includes 100-level one-hour webinars for a general audience and 200-level virtual training courses with cyber range lab activities. The course audience is government employees and contractors at all levels—federal, state, local, tribal, and territorial—as well as educational and critical infrastructure partners. For more information, email cyberinsights@cisa.dhs.gov.
To learn more or register visit: Incident Response Training | CISA
Eligible Audience: Open to federal employees and supporting contractors, state, local, tribal, and territorial, and critical infrastructure partners.
These trainings provide instructor-led, hands-on CDM Dashboard training for Federal Civilian Executive Branch (FCEB) employees and contractors in a cyber virtual learning environment (CVLE). The virtual and in-person training events enhance the dynamic CDM approach to fortifying the cybersecurity of government networks and systems. These courses are designed for personnel at agencies participating in the CDM program who monitor, manage, or oversee controls on their information systems such as ISSOs, CDM POCs, ISSMs and those reporting metrics.
These CDM trainings enable participating FCEB agencies to improve their networks and defend against cyber adversaries. The CDM training provides detailed class discussion with real world simulated computer labs using a CVLE. The training will teach participants the basics of CDM and how to use the CDM Dashboard capabilities to help mitigate agency threats. We will also offer various CDM resources and external references.
Currently, the courses use version ES 6.6 of the CDM Dashboard within the CVLE. The current content focuses on the most recent version of the dashboard, including FISMA Automation, HVA reporting, CyHy (Cyber Hygiene) and SCuBA (Secure Cloud Business Applications), and other dashboard capabilities. Current CDM courses are offered at the 100-level (Introductory) and 200-level (Intermediate).
To learn more or register visit: Continuous Diagnostics and Mitigation Training | CISA
Eligible Audience: Open to federal employees and supporting contractors.
This virtual ICS training is free and designed for critical infrastructure owners and operators. The sessions aim to reduce cybersecurity risks to critical infrastructure and promote collaboration between CISA and the private sector. Training sessions vary in length and take place from 8:00 a.m. – 5:00 p.m. MT (10:00 a.m. – 7:00 p.m. ET). Most trainings are conducted online through the CISA Virtual Learning Portal (VLP), except for the three- or four-day, in-person courses at Idaho National Labs (INL) in Idaho Falls, ID.
*The ICS300 online course is a prerequisite for attending the in-person ICS301 training hosted by CISA at the Idaho National Laboratory. This ICS300 course focuses on many of the hands-on skills needed to protect and secure Industrial Control Systems and Operational Technology networks. The ICS401 course is available either online (ICS401V) or in-person (ICS401L).
To learn more or sign up, visit: ICS Training Calendar
Eligible Audience: Primary audience is critical infrastructure partners, however, federal, state, local, tribal, and territorial employees with critical infrastructure responsibilities are also eligible
CISA is now offering Skilling Continuation Labs (SCLs), which are part of CISA’s ongoing goal to better equip the cyber workforce with the skills needed to defend our country against cyber threats. This new series of hands-on training opportunities cover specific cyber topics and use cases that are tied to CISA guidance and publications (All Resources & Tools | CISA). These labs are standalone training sessions and are not part of a curriculum, allowing the learner to focus solely on the topic of interest, minimizing training time as the labs strengthen the role of the cyber workforce!
The SCLs cover:
-
Network Segmentation – associated with CISA’s Securing Network Infrastructure Devices guidance, this topic is crucial to defending cyber threats as these devices are ideal targets for malicious cyber actors
-
Enhanced Security with DNS – leveraging CISA’s Encrypted Domain Name System (DNS) Implementation Guidance and the Protective Domain Name System Resolver, this topic is part of the vital effort to advance and strengthen zero trust cybersecurity across agencies
-
Living Off the Land Attacks – using CISA’s techniques, in cooperation with the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI), this lab provides threat detection information and mitigations applicable to LOTL activities, regardless of threat actor covering malware attacks and how effective logging can detect them.
-
Automated Defenses – using CISA’s best practices for denial-of-service attacks, this lab covers the concept of automated defenses, demonstrating endpoint detection and response (EDR). It shows how to mitigate denial of service attacks using firewall throttling techniques and the use of honeypots.
-
XZ Utils – A Case Study on Supply Chain Trust – applying CISA’s XZ Utils Vulnerability prevention method, this lab applies supply chain trust, using SBOMs to manage vulnerabilities in open source software. A “software bill of materials” (SBOM) has emerged as a key building block in software security and software supply chain risk management. This lab guides the learner through an XZ Utils supply chain trust scenario.
-
Secure Programming – using the CISA Secure by Design approach, this lab examines any flaws in code that could lead to overflow attacks and details how to prevent them from occurring. The lab focuses on SQL and OS command injection vulnerable and exploitable code.
These Skilling Continuation Labs were created for cyber professionals with some IT/cyber experience who fall into the upper beginner to lower intermediate cyber skill range. These labs are available to play in the President’s Cup Practice Area. We are confident these labs will provide a continuation of skills for the cyber professional.
Eligible Audience: Open to federal employees and military only.
Available Now: New Interactive Training and Career Guide!
Are you interested in growing your career in the cybersecurity industry? Check out the latest guide on NICCS to create a personalized plan for cybersecurity training and development to help you meet your career goals. Work your way through the guide by following these interactive steps:
- Identify Work Roles that apply to you in the NICE Framework and assess your proficiency for those Work Roles.
- Prioritize Work Roles to target for growth using the Cyber Career Pathways Tool.
- Learn about training and development opportunities to help you grow in your desired career path.
- Create your own cybersecurity career development & training plan!
Get started today by downloading the Career Development and Training Guide, which can be found on the NICCS Additional Resources page under Guides. Questions or feedback about other resources you’d like to see on NICCS? Email NICCS at NICCS@cisa.dhs.gov.
Want to subscribe to the newsletter? Sign up a co-worker or friend? Enter your email here Cybersecurity and Infrastructure Security Agency to receive this Cyber Training Bulletin every month!
For additional information about ongoing cyber training, contact us at cybertraining@cisa.dhs.gov.
|
