Cybersecurity Training & Exercises


 

CISA looks to enable the cyber-ready workforce of tomorrow by leading training and education of the cybersecurity workforce by providing training for federal employees, private-sector cybersecurity professionals, critical infrastructure operators, educational partners, and the general public. CISA is committed to supporting the national cyber workforce and protecting the nation's cyber infrastructure.

Federal Employees

Cybersecurity Exercises:  

CISA conducts cyber and physical security exercises with government and industry partners to enhance security and resilience of critical infrastructure. These exercises provide stakeholders with effective and practical mechanisms to identify best practices, lessons learned, and areas for improvement in plans and procedures.  

Federal Virtual Training Environment:  

The Federal Virtual Training Environment (FedVTE) is a free, online, and on-demand cybersecurity training system. With courses ranging from beginner to advanced levels, you can strengthen or build your cybersecurity skillsets at your own pace and schedule! 

  • Certification Prep  
    Certification prep courses are available on topics such as Ethical Hacking, Certified Information Security Manager (CISM), and Certified Information Systems Security Professional (CISSP). 

  • NICE Framework  
    The NICE Cybersecurity Workforce Framework is the foundation for increasing the size and capability of the U.S. cybersecurity workforce. It provides a common definition of cybersecurity, a comprehensive list of cybersecurity tasks, and the knowledge, skills, and abilities (KSAs) required to perform those tasks. All FedVTE courses are aligned with NICE Cybersecurity Workforce Framework work roles, so you can find courses that are the most applicable to your role. 

Federal Cyber Defense Skilling Academy:  

The Federal Cyber Defense Skilling Academy is a 12-week cohort program created for federal employees to develop the baseline knowledge, skills, and abilities of a Cyber Defense Analyst (CDA). 

Incident Response Training:  

CISA’s no-cost Incident Response Training curriculum provides a range of training offerings for beginner and intermediate cyber professionals encompassing basic cybersecurity awareness and best practices for organizations and hands-on cyber range training courses for incident response. 

Workforce Training Guide: 

CISA’s Cybersecurity Workforce Training Guide (.pdf, 3.53 MB) is for current and future federal and state, local, tribal, and territorial (SLTT) cybersecurity and IT professionals looking to expand their cybersecurity skills and career options. This is a downloadable, interactive guide meant to be used with the Cyber Career Pathways Tool. Start planning your next cyber career move today! 

Critical Infrastructure Operators

Assessment Evaluation and Standardization: 

The Assessment Evaluation and Standardization (AES) program is designed to enable organizations to have a trained individual that can perform several cybersecurity assessments and reviews in accordance with industry and/or federal information security standards. 

Continuous Diagnostics and Mitigation:

The Continuous Diagnostics and Mitigation (CDM) program supports government-wide and agency-specific efforts to provide risk-based, consistent, and cost-effective cybersecurity solutions to protect federal civilian networks across all organizational tiers. 

CISA Tabletop Exercise Package: 

The CISA Tabletop Exercise Package (CTEP) is designed to assist critical infrastructure owners and operators in developing their own tabletop exercises to meet the specific needs of their facilities and stakeholders.

Industrial Control Systems:

CISA offers free Industrial Control Systems (ICS) cybersecurity training to protect against cyber-attacks to critical infrastructure, such as power grids and water treatment facilities. CISA’s ICS training is globally recognized for its relevance and available virtually around the world. 

Cybersecurity Professionals (Non-Federal)

Cybersecurity Exercises: 

CISA conducts cyber and physical security exercises with government and industry partners to enhance security and resilience of critical infrastructure. These exercises provide stakeholders with effective and practical mechanisms to identify best practices, lessons learned, and areas for improvement in plans and procedures.  

Federal Virtual Training Environment:  

The Federal Virtual Training Environment (FedVTE) is a free, online, and on-demand cybersecurity training system. With courses ranging from beginner to advanced levels, you can strengthen or build your cybersecurity skillsets at your own pace and schedule! 

  • Certification Prep  
    Certification prep courses are available on topics such as Ethical Hacking, Certified Information Security Manager (CISM), and Certified Information Systems Security Professional (CISSP). 

  • NICE Framework  
    The NICE Cybersecurity Workforce Framework is the foundation for increasing the size and capability of the U.S. cybersecurity workforce. It provides a common definition of cybersecurity, a comprehensive list of cybersecurity tasks, and the knowledge, skills, and abilities (KSAs) required to perform those tasks. 

Workforce Training Guide: 

CISA’s downloadable Cybersecurity Workforce Training Guide (.pdf, 3.53 MB) helps staff develop a training plan based on their current skill level and desired career path.

General Public

Federal Virtual Training Environment Public Cyber Security Training On Demand: 

The Federal Virtual Training Environment (FedVTE) is now offering courses that are free and available to the public. With courses ranging from beginner to advanced levels, you can strengthen or build your cybersecurity skillsets at your own pace and schedule! 

  • Certification Prep  
    Certification prep courses are available to the public on topics such as 101 Coding, Cyber Supply Chain Risk Management, Cyber Essentials, and Foundations of Cybersecurity for Managers. 

  • NICE Framework  
    The National Initiative for Cybersecurity Education (NICE) Framework provides a blueprint to categorize, organize, and describe cybersecurity work into specialty areas and tasks, including knowledge, skills, and abilities (KSAs). FedVTE divides the available courses into these elements and tags them by specialty area to help you identify courses that you need for your particular job or aspiration. 

Incident Response Training: 

CISA’s no-cost Incident Response Training curriculum provides a range of training offerings for beginner and intermediate cyber professionals encompassing basic cybersecurity awareness and best practices for organizations and hands-on cyber range training courses for incident response.

Was this webpage helpful?  Yes  |  Somewhat  |  No