Training is essential to preparing the cybersecurity workforce of tomorrow, and for keeping current cybersecurity workers up-to-date on skills and evolving threats. The Cybersecurity and Infrastructure Security Agency (CISA) is committed to providing the nation with access to cybersecurity training and workforce development efforts to develop a more resilient and capable cyber nation.
Cybersecurity Workforce Training Guide
CISA’s Cybersecurity Workforce Training Guide (.pdf, 3.53 MB) is for current and future federal and state, local, tribal, and territorial (SLTT) cybersecurity and IT professionals looking to expand their cybersecurity skills and career options. This guide can be used to develop a training plan based on current skill levels and desired career paths. With over 100 training resources and certification prep courses, CISA’s workforce training guide can help cybersecurity professionals of all levels stay current and advance their careers. It is downloadable, interactive and meant to be used with the Cyber Career Pathways Tool. Start planning your next cyber career move today!
How To Register For Training
Go to the Event Catalog to register for upcoming featured events, Continuous Diagnostics and Mitigation (CDM) training sessions, and the Identify, Mitigate, and Recover (IMR) webinar series and cyber range challenges.
Go to https://fedvte.usalearning.gov/ to register for an account or log into the Federal Virtual Training Environment (FedVTE).
Go to https://ics-training.inl.gov/learn to register for free web-based training on Industrial Control Systems (ICS).
Assessment Evaluation and Standardization
The Cybersecurity and Infrastructure Security Agency (CISA) Vulnerability Management team offers the Assessment Evaluation and Standardization (AES) program that is available to federal, state, local, tribal and territorial governments, critical infrastructure, and federal agency partners. The program is designed to enable organizations to have a trained individual that can perform several cybersecurity assessments and reviews in accordance with industry and/or federal information security standards.
For more information on the AES program, visit AES program.
CISA Tabletop Exercise Package
The CISA Tabletop Exercise Package (CTEP) is designed to assist critical infrastructure owners and operators in developing their own tabletop exercises to meet the specific needs of their facilities and stakeholders. CTEP allows users to leverage pre-built exercise templates and vetted scenarios to build tabletop exercises to assess, develop, and update information sharing processes, emergency plans, programs, policies, and procedures.
Continuous Diagnostics and Mitigation (CDM)
Visit CDM Program for more information about the program . To find more information about training, visit CDM Training. Sign up! Receive training opportunity notices, learn more about our online, interactive, self-paced training options, webinars and micro-learns by emailing CyberInsights@cisa.dhs.gov to join the distribution list.
The Cybersecurity and Infrastructure Security Agency (CISA) conducts cyber and physical security exercises with government and industry partners to enhance security and resilience of critical infrastructure. These exercises provide stakeholders with effective and practical mechanisms to identify best practices, lessons learned, and areas for improvement in plans and procedures. These exercises may also inform future planning, technical assistance, training, and education efforts.
CISA works with partners to design and conduct exercises that range from small-scale, discussion-based exercises to large-scale, operations-based exercises. CISA also offers a wide portfolio of downloadable CISA Tabletop Exercise Packages (CTEPs) to serve as an off-the-shelf solution for a variety of stakeholders’ exercise needs. For more information visit: Critical Infrastructure Exercises | CISA
Federal Cyber Defense Skilling Academy
The Federal Cyber Defense Skilling Academy is a 12-week cohort created for federal employees to develop the baseline knowledge, skills and abilities of a Cyber Defense Analyst (CDA). The course is mapped to the National Institute for Cybersecurity Education (NICE) Cybersecurity Workforce Framework and will provide training in CDA, to include CompTIA Security+ with testing for certification. For more information visit the Federal Cyber Defense Skilling Academy page.
Federal Virtual Training Environment (FedVTE)
The Federal Virtual Training Environment (FedVTE) is a free, online and on-demand cybersecurity training system. With courses ranging from beginner to advanced levels, you can strengthen or build your cybersecurity skillsets – at your own pace and schedule! FedVTE provides cybersecurity training to federal, state, local, tribal, and territorial government employees, federal contractors, U.S. military veterans and the public.
A limited number of courses are publicly available here: https://fedvte.usalearning.gov/public_fedvte.php
- Certification prep courses – Prepare and train for your next certification with our Certified Ethical Hacker, Cybersecurity Analyst (CySA+), Network +, Security +, Certified Information Security Manager (CISM), and Certified Information Systems Security Professional (CISSP) courses.
- Access – FedVTE courses can be completed at your own pace, at any time using your PC, laptop, or other mobile devices (i.e., smartphones, tablets).
- NICE Cybersecurity Workforce Framework – All courses are mapped to the NICE Framework Categories and Specialty Areas to help you identify courses that you need for your job or aspiration.
To register for an account or see the full course catalog, visit fedvte.usalearning.gov. For more information, visit niccs.us-cert.gov/training/federal-virtual-training-environment-fedvte.
FedVTE offers courses from Beginner to Advanced Levels:
- The Election Official as IT Manager
- Cryptocurrency for Law Enforcement
- Cyber Supply Chain Risk Management (C-SCRM)
- Fundamentals of Cyber Risk Management
- (ISC)2™ Systems Security Certified Practitioner
- CompTIA A+ Certification Prep
- CompTIA Network+ Certification Prep
- 101 Critical Infrastructure Protection
- 101 Reverse Engineering
- 101 Coding
- Cyber Dark Arts
- Mobile and Device Security
- Wireless Network Security (WNS)
- Windows Operating System Security
- Cloud Computing Security
- Comp TIA Security+ (SY-501) Certification Prep
- ISACA Certified Information Security Manager (CISM)
- (ISC)2™ Certified Information Systems Security Professional (CISSP) Certification Prep
- (EC-Council) Certified Ethical Hacker Version 10 Prep
- (ISC)2™ CISSP Concentration: ISSEP (Engineering)
- (ISC)2™ CISSP Concentration: ISSMP (Management)
- Mobile Forensics
- IPv6 Security
Incident Response Training
To learn more about CISA's incident response training, please visit the Incident Response Training page. Receive training opportunity notices and learn more about online and interactive training options by emailing CyberInsights@cisa.dhs.gov to join the distribution list.
Industrial Control Systems (ICS)
For more information about the ICS program visit: https://www.us-cert.gov/ics. To find more information about the ICS Training visit: https://www.us-cert.gov/ics/Training-Available-Through-ICS-CERT. Register for free web-based training at https://ics-training.inl.gov/learn.
National Initiative for Cybersecurity Careers and Studies
The National Initiative for Cybersecurity Careers and Studies (NICCS) was developed in close partnership between DHS, NIST, the Office of the Director of National Intelligence, and the Department of Defense, along with other government agencies, to leverage efforts of government, industry, and academia to provide a comprehensive, single resource to address the Nation’s cybersecurity knowledge needs.
NICCS is an online resource for cybersecurity training that connects government employees, students, educators, and industry with cybersecurity training providers throughout the Nation.
Resource benefits include:
- NICCS Education and Training Catalog – The catalog is a central location of over 3,000 cybersecurity related courses from over 125 different providers. The catalog can be searched by course location, preferred delivery method (i.e., online or in-person), specialty area, and proficiency level. Courses are designed for participants to add a skillset, increase their level of expertise, earn a certification, or transition to a new career. Strict vetting criteria for course providers ensure that the courses listed in the catalog are offered by organizations that are recognized as providing quality resources. Each course has been mapped to at least one specialty area within the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. For more information on NICCS and the National Cybersecurity Workforce Framework, visit niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework.
- Formal Education –
- The National Centers of Academic Excellence (CAE) Program - Jointly sponsored by DHS and the National Security Agency (NSA), CAE designates specific two- and four-year colleges and universities, based on their robust degree programs and alignment to cybersecurity-related knowledge units validated by cybersecurity experts.
- The CyberCorps Scholarship for Service (SFS) Program - The National Science Foundation (NSF provides scholarships for students at select colleges and universities in return for service in federal or SLTT governments upon graduation. For more information on SFS, visit www.sfs.opm.gov/.
- Workforce Development –
- The Cybersecurity Workforce Development Toolkit - The toolkit helps organizations understand their cybersecurity workforce and staffing need to protect their information, customers, and networks better. The toolkit includes cybersecurity career path templates and recruitment resources to recruit and retain top cybersecurity talent. For more information on NICCS and the Cybersecurity Workforce Development Toolkit visit niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework.
- The National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework - The NICE Framework provides a blueprint to describe cybersecurity work by categories, specialty areas, work roles, tasks, and knowledge, skills, and abilities (KSAs). The NICE Framework provides a common language to speak about cybersecurity positions. For more information on NICCS and the National Cybersecurity Workforce Framework, visit niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework.
For more information, visit niccs.us-cert.gov/ or contact NICCS@hq.dhs.gov