Information Technology

This course provides participants with specific information regarding targeted cyber attacks, including advanced persistent threats. This information will place them in a better position to plan and prepare for, respond to, and recover from targeted cyber attacks. This course will fill the gap in threat-specific training for cybersecurity as a community-driven course that focuses on the phases of targeted cyber attacks and the attacker methods used during each phase. Participants will also receive valuable information on cyber attack prevention, mitigation and response.As part of a Department of Homeland Security/Federal Emergency Management Agency (DHS/FEMA) cooperative agreement training program, this course is available at no direct cost to state, county, and local government agencies. Show less

This is a non-technical course meant to develop awareness of cybersecurity risks so that elected officials, appointed officials, and other senior managers are better informed to properly protect the jurisdiction/organization during a cybersecurity incident. It is designed to help officials and senior management work more effectively with their Information Technology (IT) departments to mitigate cyber threats. The training is tailored to government, critical infrastructure, and private sector personnel who have the responsibility for directing and developing policy within their organization.As part of a Department of Homeland Security/Federal
Emergency Management Agency (DHS/FEMA) cooperative agreement training program,
this course is available at no direct cost to state, county, and local
government agencies. Show less

The purpose of this course is to provide an understanding of the history, definitions, and components that make up the Internet of Things (IoT). This course addresses the different applications of IoT as well as applicable laws and policies, technologies, emerging threats, best practices, security, and a variety of existing and developing technologies.This course is offered by the National Cybersecurity Preparedness Consortium (NCPC) and was developed by TEEX, a partner in the NCPC. The course is funded through the DHS/FEMA Homeland Security National Training Program and is offered at no cost. Show less

Today’s advanced persistent threats (APTs) are increasingly sophisticated, varied, targeted, aggressive, and successful. There is an increasing deployment of and dependence on Internet of Things (IoT) for remote access devices to National Critical Infrastructure Sectors and Services (NCISS). Inadequate deployment and maintenance of security on these systems could provide opportunities for attackers to harm to the American citizenry through NCISS infrastructure and associated resource disruption. This online course provides an overview of similarities and differences between traditional systems attacks and APT attacks. At the end of this course, participants should possess a fundamental understanding of the most common attack path for various advanced persistent threats (APTs). The course covers (a) the cyber kill chain model (b) APT cases and attack techniques and tools; and (c) common APT defense strategiesThis course is offered by the National Cybersecurity Preparedness Consortium (NCPC) and was developed by the NCPC partner the Norwich University Applied Research Institutes (NUARI).  The course is funded through the DHS/FEMA Homeland Security National Training Program and is offered at no cost. Show less

Through discussion, pre-recorded attacks, and live example attacks, Demystifying Cyber Attacks will explain and demonstrate common cyber attacks for non-technical participants. Participants will also learn how common cyber attacks can be disrupted at various points of the cyber kill chain using mitigation and response strategies. As part of a Department of Homeland Security/Federal Emergency Management Agency (DHS/FEMA) cooperative agreement training program, this course is available at no direct cost to state, county, and local government agencies. Show less

The Cybersecurity Vulnerability Assessment course is designed to address specific technical and professional skills needed to assess, document, remediate, and report on cybersecurity vulnerability assessments within organizations through a series of lectures and hands-on activities. Activities include examining, analyzing, and prioritizing assets, risks, and vulnerabilities to develop a vulnerability assessment report that could be delivered to organizational leadership. This course utilizes active discussions and activities to extend the participant’s understanding of vulnerability assessments.   Show less

Cybersecurity has become one of the nation’s most serious challenges today. The US Department of Homeland Security’s 2022 National Preparedness Report (NPR) highlighted the emerging threats of compromised digital network infrastructures to both private and government sectors and to our communities. According to the 2022 NPR, SLTT governments and the private sector will experience an array of cyber-enabled threats designed to access sensitive information, steal money, force ransom payments, cause service disruptions, and even impact the health of people living in the United States.  This increase in cyber threats and attacks makes it critical for technology personnel, risk managers, and emergency managers to understand how to work together to respond to cybersecurity incidents. The Cybersecurity Incident Response and Management course utilizes NIST 800-61r2 to introduce participants to the cyber incident lifecycle. Through the use of a cyber range, participants will acquire hands-on experience responding to simulated, real-world cyber attacks and gain a better understanding of the importance of information sharing during cyber incidents.  The course will also integrate the Incident Command System (ICS) into the cyber incident response process to provide the public and private sectors with a framework for a more effective response.   Show less

The Cybersecurity Resiliency in Industrial Control Systems course is designed to enhance understanding of the critical nature of Industrial Control System environments and the associated risks, threats, and defenses within an organization, business, or government entity. This course will introduce the convergence of physical security with cybersecurity, supervisory control and data acquisition (SCADA), and Industrial Control Systems security, increase awareness of the Internet of Things and Industrial Control Systems, and examine the threat landscape within Industrial Control Systems. Cyber threat mitigation techniques will be examined as well as methods of identifying cyber attacks and vulnerabilities. Tools to respond to and recover from cyber attacks on Industrial Control Systems will be addressed. State, local, regional, tribal, and territorial government officials; owners and operators of businesses and non-profits; and community members and other individuals interested in developing a greater understanding of developing cybersecurity resiliency in ICS.As part of a Department of Homeland Security/Federal Emergency Management Agency (DHS/FEMA) cooperative agreement training program, this course is available at no direct cost to state, county, and local government agencies. Show less