Cybersecurity

AWR135 - Promoting Community Cybersecurity

The Promoting Community Cybersecurity (PCCS) course is designed to give participants an introduction to cybersecurity topics, methods, and processes, and to explore organizational responsibilities in the context of the community, state and nation. The course provides an overview of the steps taken within organizations to protect their cyber resources. The course also looks at that protection within the context of the broader community. Participants will explore the impact of the interconnections and dependencies introduced by information technology. Basic concepts of of cybersecurity, network connectivity, threats, types of attacks, and the structure of the Community Cybersecurity Maturity Model (CCSMM) will be discussed. The basic characteristics of communities and organizations that exhibit good cybersecurity are examined through the use of case studies within the context of each CCSMM dimension. In addition, the interrelationships between the dimensions of the CCSMM and the dependency on each dimension for good cybersecurity are also discussed.

Course Objectives

At the conclusion of the course, participants will be able to:

• Recognize various types of cyber threats and attacks.
• Identify the dimensions and general structure of the CCSMM.
• Recognize failures and successes in each of the CCSMM dimensions.
• Identify how to improve those dimensions within their own community and/or organization.
• Describe interdependencies associated with the CCSMM.

Contact Information

AWR136 - Essentials of Community Cybersecurity

The Essentials of Community Cybersecurity (ECCS) course provides individuals, community leaders, and first responders with information on how cyber attacks can impact, prevent, and/or stop operations and emergency responses in a community. The course also provides a cursory introduction to cybersecurity vulnerabilities, risks, threats, and countermeasures. It explains vulnerabilities of computer systems and networks and how these vulnerabilities can affect communities, organizations, and daily workplace operations. The course introduces actions communities can take in establishing a cybersecurity program. The course provides participants with an awareness of issues. It gives an overview of threats and vulnerabilities, without going into too many details, to highlight the potential impact a cyber attack could have. Participants discuss some of the fundamental activities needed to develop a cybersecurity program, without addressing the technical details of how to secure critical infrastructures. The course introduces the Community Cybersecurity Maturity Model (CCSMM) as a framework for understanding community cybersecurity and offers a brief introduction to low-cost or no-cost approaches to securing a community against cybersecurity threats and attacks. The course sets the stage for further efforts in which a community can build a cybersecurity program.

Course Objectives

At the conclusion of the course, participants will be able to:

• Recognize why community cybersecurity is important.
• Recognize the characteristics of a community cybersecurity program.

Contact Information

MGT384 - Community Preparedness for Cyber Incidents

MGT 384, Community Preparedness for Cyber Incidents, is designed to provide organizations and communities with strategies and processes to increase cyber resilience. During this 12-hour course, participants will analyze cyber threats and initial and cascading impacts of cyber incidents, evaluate the process for developing a cyber preparedness program, examine the importance and challenges of cyber related information sharing and discover low to no-cost resources to help build cyber resilience.

Contact Information

MGT385 - Community Cybersecurity Exercise Planning

This course is designed to introduce cyber to exercise planners to help them recognize the nature and reach of cyber, so they can better help their communities prevent, detect, respond to, and recover from cyber incidents. Participants will recognize how cyber can be incorporated into exercises in a meaningful way. Participants will be introduced to cyber topics and how cyber can impact the business operations of an organization and community. Lecture and activities will explore objectives, players, cyber injects and challenges to incorporating cyber into exercises. Participants will be exposed to many possible injects and scenarios that can be used in an exercise. Participants will begin development of a community cybersecurity tabletop exercise. The Community Cybersecurity Maturity Model will be used to examine the contribution of exercises to a community’s overall cybersecurity posture. This course teaches planning personnel how to include cyber components in their regular planning process. Participants will be given the opportunity to plan cyber components for future community cybersecurity exercises.

Contact Information

MGT452 - Physical and Cybersecurity for Critical Infrastructure

The national and economic security of the United States depends on the reliable functioning of critical infrastructure. This course encourages collaboration efforts among individuals and organizations responsible for both physical and cybersecurity toward development of integrated risk management strategies that lead to enhanced capabilities necessary for the protection of our Nation’s critical infrastructure.

Participants will identify physical and cybersecurity concerns impacting overall infrastructure security posture, examine integrated physical and cybersecurity incidents and the evolving risks and impacts they pose to critical infrastructure, and explore resources that can be applied to improve security within an organization, business, or government entity.

Contact Information

CYB201 - Introduction to Cybersecurity for Manufacturers

As manufacturing becomes more advanced with integrated systems and technology that continually monitors and manipulates various aspects of production, the industry’s dependence on cyber will only intensify in the future. Cyber space is woven into every aspect of business, and companies must ensure that they have properly considered the impact and ramifications of an intentional or accidental cyber event for not only themselves, but also their supply chain.

The Introduction to Cybersecurity for Manufacturers classroom-based course provides awareness level training specifically to the manufacturing sector. The course will provide information on the cybersecurity threats endangering manufacturing businesses, particularly through the various Industrial Control Systems (ICS) in place throughout the industry. The course will provide guidance outlining the protective measures needed to reduce the vulnerability of these control systems and other business operations to malicious attacks and threats.

Contact Information

AWR169 - Cyber Incident Analysis and Response

This course covers various incident analysis tools and techniques that support dynamic vulnerability analysis and elimination, intrusion detection, attack protection, and network/resources repair. The trainee will be presented with real-world examples and scenarios to help provide knowledge, understanding, and capacity for effective cyber incident analysis and response.

Two credit hours through ACE are provided only if all three courses within the Online for Business Professionals (Cyber 301) track are completed.

Contact Information

AWR176 - Disaster Recovery for Information Systems

Disaster Recovery for Information Systems will train business managers to respond to varying threats that might impact their organization's access to information. This course provides requisite background theory and recommended best practices needed by managers to keep their offices running during incidents of different types. Topics include an overview of business continuity planning; disaster recovery planning; guides for implementing and managing disaster recovery plans, a discussion of technical vulnerabilities faced by organizations, and an examination of legal issues that may confront an organization.

Two credit hours through ACE are provided only if all three courses within the Online for Business Professionals (Cyber 301) track are completed.

Contact Information

AWR177 - Information Risk Management

This is an intermediate level course covering topics on information assets, identifying risks, and management processes highlighting best principles and practices. It will provide training on information risk-related tools and technologies (such as asset evaluation, business impact analysis, risk identification, risk quantification, risk response, security policies, and compliance) for better understanding of potential threats and vulnerabilities in business online, and learning to adopt levels of security measures and best practices.

Two credit hours through ACE are provided only if all three courses within the Online for Business Professionals (Cyber 301) track are completed.

Contact Information

AWR168 - Cyber Law and White Collar Crime

This intermediate course is designed to teach students the fundamentals of computer crime issues from a legal perspective. The training will highlight the various computer crimes and appropriate response by first defenders and others that may encounter these types of issues. Participants learn legislations and organizational efforts to control or prevent such crimes. This course covers intellectual property law (copyright, trade secrets, unfair competition, and unfair business practices), personal jurisdiction, electronic commerce and software contracts, telecommunications, antitrust, privacy, the right to accuracy of information, the right to access information, and the First Amendment.

Two credit hours through ACE are provided only if all three courses within the Online for Everyone - Non-Technical (Cyber 101) track are completed.

Contact Information

AWR174 - Cyber Ethics

Cyber Ethics is designed to teach students the proper techniques with which to approach the difficult ethical dilemmas that arise from using the modern Internet. In addition to providing students with the skills to assess future ethical dilemmas for themselves, Cyber Ethics also looks at some of the more pressing concerns related to Internet usage today.

Two credit hours through ACE are provided only if all three courses within the Online for Everyone - Non-Technical (Cyber 101) track are completed.

Contact Information

AWR175 - Information Security for Everyone

Information Security for Everyone is designed to teach the principles and practices that all computer users need to keep themselves safe, both at work and at home. By presenting best practices along with a small amount of theory, trainees are taught both what to do and why to do it. Topics covered include how to secure both clean and corrupted systems, protecting your personal data, securing simple computer networks, and safe Internet usage.

Two credit hours through ACE are provided only if all three courses within the Online for Everyone - Non-Technical (Cyber 101) track are completed.

Contact Information

AWR138 - Network Assurance

Network Assurance covers secure network practices necessary to protect networked systems against attacks and exploits. Network security administration topics include firewalls, intrusion detection/prevention, common cryptographic ciphers, AAA (authentication, authorization, and accounting), server and client security, and secure policy generation.

Two credit hours through ACE are provided only if all four courses within the Online for IT Professionals (Cyber 201) track are completed.

Contact Information

AWR139 - Digital Forensics Basics

This course covers investigative methods and standards for the acquisition, extraction, preservation, analysis, and deposition of digital evidence from storage devices. This course offers a wide array of forensics situations that are applicable to the real world. Students will learn how to find traces of illegal or illicit activities left on disk with computer forensics tools and manual techniques, and how to recover data intentionally hidden or encrypted by perpetrators.

Two credit hours through ACE are provided only if all four courses within the Online for IT Professionals (Cyber 201) track are completed.

Contact Information

AWR173 - Information Security Basics

Information Security Basics is designed to teach entry and mid-level IT staff the technological fundamentals of information security. The goal of this course is to provide trainees some preliminary knowledge of computer security to help in identifying and stopping various cyber threats. In addition to providing an introduction to information assurance, trainees will also learn general concepts (terminologies), an overview of TCP/IP, introductory network security, introductory operating system security, and basic cryptography.

Two credit hours through ACE are provided only if all four courses within the Online for IT Professionals (Cyber 201) track are completed.

Contact Information

AWR178 - Secure Software

This course covers secure programming practices necessary to secure applications against attacks and exploits. Topics covered include fundamental concepts of secure software development, defensive programming techniques, secure design and testing, and secure development methodologies.

Two credit hours through ACE are provided only if all four courses within the Online for IT Professionals (Cyber 201) track are completed.

Contact Information