Cybersecurity

AWR376 - Understanding Targeted Cyber Attacks

This course provides participants with specific information regarding targeted cyber attacks, including advanced persistent threats. This information will place them in a better position to plan and prepare for, respond to, and recover from targeted cyber attacks. This course will fill the gap in threat-specific training for cybersecurity as a community-driven course that focuses on the phases of targeted cyber attacks and the attacker methods used during each phase. Participants will also receive valuable information on cyber attack prevention, mitigation and response.

Contact Information

CYB201 - Cybersecurity for Business Executives

The Cybersecurity for Business Executives classroom-based course provides awareness level training specifically to the owners, C-suite executives, and upper management of private sector businesses.  The course will provide information on the cybersecurity threats, regulations, and impacts a business is exposed to in today’s interconnected operations.  Discussions are focused on providing a better understanding of the risks involved and actions to help manage and mitigate those risks.  The course will provide guidance outlining the protective measures needed to reduce the vulnerability to malicious attacks and threats.

Contact Information

AWR136 - Essentials of Community Cybersecurity

The Essentials of Community Cybersecurity (ECCS) course provides individuals, community leaders, and first responders with information on how cyber attacks can impact, prevent, and/or stop operations and emergency responses in a community. The course also provides a cursory introduction to cybersecurity vulnerabilities, risks, threats, and countermeasures. It explains vulnerabilities of computer systems and networks and how these vulnerabilities can affect communities, organizations, and daily workplace operations. The course introduces actions communities can take in establishing a cybersecurity program. The course provides participants with an awareness of issues. It gives an overview of threats and vulnerabilities, without going into too many details, to highlight the potential impact a cyber attack could have. Participants discuss some of the fundamental activities needed to develop a cybersecurity program, without addressing the technical details of how to secure critical infrastructures. The course introduces the Community Cybersecurity Maturity Model (CCSMM) as a framework for understanding community cybersecurity and offers a brief introduction to low-cost or no-cost approaches to securing a community against cybersecurity threats and attacks. The course sets the stage for further efforts in which a community can build a cybersecurity program.

Course Objectives

At the conclusion of the course, participants will be able to:

• Recognize why community cybersecurity is important.
• Recognize the characteristics of a community cybersecurity program.

Contact Information

AWR366 - Developing a Cyber Security Annex for Incident Response

Cyber-attacks occur more frequently and have become increasingly sophisticated. Cybersecurity events now have the potential to significantly disrupt the business operations of government and critical infrastructure services. Public and private sectors, in the United States, are at increasing and continual risk of surprise attacks from nation-state and non-state actors. (Burgess, 2018)

The National Response Framework describes how preparedness can be achieved by developing an incident annex for each hazard. Incident annexes describe coordinating structures used to deliver core capabilities and support response missions unique to a specific type of incident. Incident annexes describe specialized response teams, resources, roles, responsibilities, and other scenario-specific considerations. 

At the end of this course, participants should possess the fundamentals needed to design and develop a cyber annex for states, locals, tribes, and/or territories (SLTTs). It addresses what the annex is, how it is used, who should participate in the design, implementation, and execution. 

This course was developed by the University of Texas at San Antonio Center for Infrastructure Assurance and Security through the DHS/FEMA Homeland Security National Training Program.  

Contact Information

MGT384 - Community Preparedness for Cyber Incidents

MGT 384, Community Preparedness for Cyber Incidents, is designed to provide organizations and communities with strategies and processes to increase cyber resilience. During this 12-hour course, participants will analyze cyber threats and initial and cascading impacts of cyber incidents, evaluate the process for developing a cyber preparedness program, examine the importance and challenges of cyber related information sharing and discover low to no-cost resources to help build cyber resilience.

Contact Information

MGT385 - Community Cybersecurity Exercise Planning

This course is designed to introduce cyber to exercise planners to help them recognize the nature and reach of cyber, so they can better help their communities prevent, detect, respond to, and recover from cyber incidents. Participants will recognize how cyber can be incorporated into exercises in a meaningful way. Participants will be introduced to cyber topics and how cyber can impact the business operations of an organization and community. Lecture and activities will explore objectives, players, cyber injects and challenges to incorporating cyber into exercises. Participants will be exposed to many possible injects and scenarios that can be used in an exercise. Participants will begin development of a community cybersecurity tabletop exercise. The Community Cybersecurity Maturity Model will be used to examine the contribution of exercises to a community’s overall cybersecurity posture. This course teaches planning personnel how to include cyber components in their regular planning process. Participants will be given the opportunity to plan cyber components for future community cybersecurity exercises.

Contact Information

MGT452 - Physical and Cybersecurity for Critical Infrastructure

The national and economic security of the United States depends on the reliable functioning of critical infrastructure. This course encourages collaboration efforts among individuals and organizations responsible for both physical and cybersecurity toward development of integrated risk management strategies that lead to enhanced capabilities necessary for the protection of our Nation’s critical infrastructure.

Participants will identify physical and cybersecurity concerns impacting overall infrastructure security posture, examine integrated physical and cybersecurity incidents and the evolving risks and impacts they pose to critical infrastructure, and explore resources that can be applied to improve security within an organization, business, or government entity.

This course meets Texas Commission on Law Enforcement (TCOLE) requirements for MGT452 Physical and Cyber Security for Critical Infrastructure course #78401.

Contact Information

MGT465 - Recovering from Cybersecurity Incidents

This course is designed to provide guidance for the implementation of an effective cybersecurity incident recovery program from a pre-incident and post-incident perspective. The training focuses on connecting IT with emergency management and is intended for government, critical infrastructure, and private sector personnel who have the responsibility for recovering after a cyber incident. Short term tactical and long-term strategic activities are discussed culminating in the development of an action plan.

Contact Information

AWR376 - Understanding Targeted Cyber Attacks

This course provides participants with specific information regarding targeted cyber attacks, including advanced persistent threats. This information will place them in a better position to plan and prepare for, respond to, and recover from targeted cyber attacks. This course will fill the gap in threat-specific training for cybersecurity as a community-driven course that focuses on the phases of targeted cyber attacks and the attacker methods used during each phase. Participants will also receive valuable information on cyber attack prevention, mitigation and response.

Contact Information

AWR169 - Cyber Incident Analysis and Response

This course covers various incident analysis tools and techniques that support dynamic vulnerability analysis and elimination, intrusion detection, attack protection, and network/resources repair. The trainee will be presented with real-world examples and scenarios to help provide knowledge, understanding, and capacity for effective cyber incident analysis and response.

Two credit hours through ACE are provided only if all three courses within the Online for Business Professionals (Cyber 301) track are completed.

Contact Information

AWR176 - Disaster Recovery for Information Systems

Disaster Recovery for Information Systems will train business managers to respond to varying threats that might impact their organization's access to information. This course provides requisite background theory and recommended best practices needed by managers to keep their offices running during incidents of different types. Topics include an overview of business continuity planning; disaster recovery planning; guides for implementing and managing disaster recovery plans, a discussion of technical vulnerabilities faced by organizations, and an examination of legal issues that may confront an organization.

Two credit hours through ACE are provided only if all three courses within the Online for Business Professionals (Cyber 301) track are completed.

Contact Information

AWR177 - Information Risk Management

This is an intermediate level course covering topics on information assets, identifying risks, and management processes highlighting best principles and practices. It will provide training on information risk-related tools and technologies (such as asset evaluation, business impact analysis, risk identification, risk quantification, risk response, security policies, and compliance) for better understanding of potential threats and vulnerabilities in business online, and learning to adopt levels of security measures and best practices.

Two credit hours through ACE are provided only if all three courses within the Online for Business Professionals (Cyber 301) track are completed.

Contact Information

AWR168 - Cyber Law and White Collar Crime

This intermediate course is designed to teach students the fundamentals of computer crime issues from a legal perspective. The training will highlight the various computer crimes and appropriate response by first defenders and others that may encounter these types of issues. Participants learn legislations and organizational efforts to control or prevent such crimes. This course covers intellectual property law (copyright, trade secrets, unfair competition, and unfair business practices), personal jurisdiction, electronic commerce and software contracts, telecommunications, antitrust, privacy, the right to accuracy of information, the right to access information, and the First Amendment.

Two credit hours through ACE are provided only if all three courses within the Online for Everyone - Non-Technical (Cyber 101) track are completed.

Contact Information

AWR174 - Cyber Ethics

Cyber Ethics is designed to teach students the proper techniques with which to approach the difficult ethical dilemmas that arise from using the modern Internet. In addition to providing students with the skills to assess future ethical dilemmas for themselves, Cyber Ethics also looks at some of the more pressing concerns related to Internet usage today.

Two credit hours through ACE are provided only if all three courses within the Online for Everyone - Non-Technical (Cyber 101) track are completed.

Contact Information

AWR175 - Information Security for Everyone

Information Security for Everyone is designed to teach the principles and practices that all computer users need to keep themselves safe, both at work and at home. By presenting best practices along with a small amount of theory, trainees are taught both what to do and why to do it. Topics covered include how to secure both clean and corrupted systems, protecting your personal data, securing simple computer networks, and safe Internet usage.

Two credit hours through ACE are provided only if all three courses within the Online for Everyone - Non-Technical (Cyber 101) track are completed.

Contact Information

AWR138 - Network Assurance

Network Assurance covers secure network practices necessary to protect networked systems against attacks and exploits. Network security administration topics include firewalls, intrusion detection/prevention, common cryptographic ciphers, AAA (authentication, authorization, and accounting), server and client security, and secure policy generation.

Two credit hours through ACE are provided only if all four courses within the Online for IT Professionals (Cyber 201) track are completed.

Contact Information

AWR139 - Digital Forensics Basics

This course covers investigative methods and standards for the acquisition, extraction, preservation, analysis, and deposition of digital evidence from storage devices. This course offers a wide array of forensics situations that are applicable to the real world. Students will learn how to find traces of illegal or illicit activities left on disk with computer forensics tools and manual techniques, and how to recover data intentionally hidden or encrypted by perpetrators.

Two credit hours through ACE are provided only if all four courses within the Online for IT Professionals (Cyber 201) track are completed.

Contact Information

AWR173 - Information Security Basics

Information Security Basics is designed to teach entry and mid-level IT staff the technological fundamentals of information security. The goal of this course is to provide trainees some preliminary knowledge of computer security to help in identifying and stopping various cyber threats. In addition to providing an introduction to information assurance, trainees will also learn general concepts (terminologies), an overview of TCP/IP, introductory network security, introductory operating system security, and basic cryptography.

Two credit hours through ACE are provided only if all four courses within the Online for IT Professionals (Cyber 201) track are completed.

Contact Information

AWR178 - Secure Software

This course covers secure programming practices necessary to secure applications against attacks and exploits. Topics covered include fundamental concepts of secure software development, defensive programming techniques, secure design and testing, and secure development methodologies.

Two credit hours through ACE are provided only if all four courses within the Online for IT Professionals (Cyber 201) track are completed.

Contact Information