Training is essential to preparing the cybersecurity workforce of tomorrow, and for keeping current cybersecurity workers up-to-date on skills and evolving threats. The Department of Homeland Security (DHS) is committed to providing the nation with access to cybersecurity training and workforce development efforts to develop a more resilient and capable cyber nation.
NCCIC provides cyber exercise and incident response planning to support EI partners. NCCIC delivers a full spectrum of cyber exercise planning workshops and seminars, and conducts tabletop, full-scale, and functional exercises, as well as the biennial National Cyber Exercise: Cyber Storm and the annual Cyber Guard Prelude exercise. These events are designed to assist organizations at all levels in the development and testing of cybersecurity prevention, protection, mitigation, and response capabilities.
Exercises range from small discussion-based exercises that last two hours to full-scale, internationally scoped, operations-based exercises that span multiple days.
- Cyber Storm – Cyber Storm is DHS’s flagship, biennial exercise series, which provides an opportunity for the Federal Government, SLTT organizations, and the private sector to address cyber incident response as a community. Now on its sixth iteration, each exercise in the series has simulated the discovery of, and response to a coordinated CI cyber attack.
- Exercise planning and conduct – NCCIC leverages DHS’s Homeland Security Exercise and Evaluation Program (HSEEP) model to plan and conduct a full spectrum of discussion- and operations-based cyber exercises based on stakeholder needs. This support includes the development of exercise scenarios and supporting materials, meeting facilitation, exercise facilitation and control, and exercise evaluation.
- Cyber exercise consulting – For entities that prefer to develop their own exercises, NCCIC provides subject matter experts to consult on exercise design and development. NCCIC also makes off-the-shelf resources available for stakeholder use, which includes a scenario library, the Cyber Tabletop Exercise Package, Cyber Virtual Tabletop Exercises, and cyber incident response planning templates.
- Cyber planning support – SME-run Cyber Planning Workshops are available to assist stakeholders with developing and revising integrated cyber plans.
For more information on cyber exercises, contact firstname.lastname@example.org.
National Initiative for Cybersecurity Careers and Studies
The National Initiative for Cybersecurity Careers and Studies (NICCS) was developed in close partnership between DHS, NIST, the Office of the Director of National Intelligence, and the Department of Defense, along with other government agencies, to leverage efforts of government, industry, and academia to provide a comprehensive, single resource to address the Nation’s cybersecurity knowledge needs.
NICCS is an online resource for cybersecurity training that connects government employees, students, educators, and industry with cybersecurity training providers throughout the Nation.
Resource benefits include:
- NICCS Education and Training Catalog – The catalog is a central location of over 3,000 cybersecurity related courses from over 125 different providers. The catalog can be searched by course location, preferred delivery method (i.e., online or in-person), specialty area, and proficiency level. Courses are designed for participants to add a skillset, increase their level of expertise, earn a certification, or transition to a new career. Strict vetting criteria for course providers ensure that the courses listed in the catalog are offered by organizations that are recognized as providing quality resources. Each course has been mapped to at least one specialty area within the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. For more information on NICCS and the National Cybersecurity Workforce Framework, visit niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework.
- Formal Education –
- The National Centers of Academic Excellence (CAE) Program - Jointly sponsored by DHS and the National Security Agency (NSA), CAE designates specific two- and four-year colleges and universities, based on their robust degree programs and alignment to cybersecurity-related knowledge units validated by cybersecurity experts.
- The CyberCorps Scholarship for Service (SFS) Program - The National Science Foundation (NSF provides scholarships for students at select colleges and universities in return for service in federal or SLTT governments upon graduation. For more information on SFS, visit www.sfs.opm.gov/.
- Workforce Development –
- The Cybersecurity Workforce Development Toolkit - The toolkit helps organizations understand their cybersecurity workforce and staffing need to protect their information, customers, and networks better. The toolkit includes cybersecurity career path templates and recruitment resources to recruit and retain top cybersecurity talent. For more information on NICCS and the Cybersecurity Workforce Development Toolkit visit niccs.us- cert.gov/workforce-development/cyber-security-workforce-framework.
- The National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework - The NICE Framework provides a blueprint to describe cybersecurity work by categories, specialty areas, work roles, tasks, and knowledge, skills, and abilities (KSAs). The NICE Framework provides a common language to speak about cybersecurity positions. For more information on NICCS and the National Cybersecurity Workforce Framework, visit niccs.us- cert.gov/workforce-development/cyber-security-workforce-framework.
For more information, visit niccs.us-cert.gov/ or contact NICCS@hq.dhs.gov
Federal Virtual Training Environment
The Federal Virtual Training Environment (FedVTE) is a free, online, on-demand cybersecurity training system managed by DHS that is available to federal and SLTT government personnel, veterans, and federal government contractors, and contains more than 800 hours of training on topics such as ethical hacking, surveillance, risk management, and malware analysis. The department’s efforts focus on building a strong cyber workforce that can keep up with evolving technology and increasing cybersecurity risks.
Resource benefits include:
- Diverse courses – The program offers more than 300 demonstrations and 3,000 related materials, including online lectures and hands-on virtual labs.
- Certification offerings – Offerings include Network +, Security +, Certified Information Systems Security Professional (CISSP), Windows Operating System Security, and Certified Ethical Hacker.
- Experienced instructors – All courses are taught by experienced cybersecurity subject matter experts.
For more information, visit niccs.us-cert.gov/training/federal-virtual-training-environment-fedvte. To register for an account and for more information on available courses, visit fedvte.usalearning.gov.
Continuous Diagnostics and Mitigation
For more information about the CDM program visit: https://www.cisa.gov/cdm. To find more information about the CDM Training visit: https://www.us-cert.gov/cdm/training. Sign up! Receive training opportunity notices, learn more about our online, interactive, self-paced training options, webinars and micro-learns by emailing CyberInsights@hq.dhs.gov to register.
Industrial Control Systems
For more information about the ICS program visit: https://www.us-cert.gov/ics. To find more information about the ICS Training visit: https://www.us-cert.gov/ics/Training-Available-Through-ICS-CERT. Register for free web-based training at https://ics-cert-training.inl.gov/learn.
CISA Tabletop Exercise Package
The CISA Tabletop Exercise Package (CTEP) is designed to assist critical infrastructure owners and operators in developing their own tabletop exercises to meet the specific needs of their facilities and stakeholders. CTEP allows users to leverage pre-built exercise templates and vetted scenarios to build tabletop exercises to assess, develop, and update information sharing processes, emergency plans, programs, policies, and procedures.