Cybersecurity Training & Exercises

Training is essential to preparing the cybersecurity workforce of tomorrow, and for keeping current cybersecurity workers up-to-date on skills and evolving threats. The Department of Homeland Security (DHS) is committed to providing the nation with access to cybersecurity training and workforce development efforts to develop a more resilient and capable cyber nation.

How To Register For Training

Go to the Event Catalog to register for upcoming featured events, Continuous Diagnostics and Mitigation (CDM) training sessions, and the Identify, Mitigate, and Recover (IMR) webinar series and cyber range challenges.

Go to https://fedvte.usalearning.gov/ to register for an account or log into the Federal Virtual Training Environment (FedVTE).

Go to https://ics-training.inl.gov/learn to register for free web-based training on Industrial Control Systems (ICS).

CISA Tabletop Exercise Package

The CISA Tabletop Exercise Package (CTEP) is designed to assist critical infrastructure owners and operators in developing their own tabletop exercises to meet the specific needs of their facilities and stakeholders. CTEP allows users to leverage pre-built exercise templates and vetted scenarios to build tabletop exercises to assess, develop, and update information sharing processes, emergency plans, programs, policies, and procedures.

Continuous Diagnostics and Mitigation (CDM)

For more information about the CDM program visit: https://www.cisa.gov/cdm. To find more information about the CDM Training visit: https://www.cisa.gov/cdm-training. Sign up! Receive training opportunity notices, learn more about our online, interactive, self-paced training options, webinars and micro-learns by emailing CyberInsights@cisa.dhs.gov to join the distribution list.

Cybersecurity Exercises

NCCIC provides cyber exercise and incident response planning to support EI partners. NCCIC delivers a full spectrum of cyber exercise planning workshops and seminars, and conducts tabletop, full-scale, and functional exercises, as well as the biennial National Cyber Exercise: Cyber Storm and the annual Cyber Guard Prelude exercise. These events are designed to assist organizations at all levels in the development and testing of cybersecurity prevention, protection, mitigation, and response capabilities.

Exercises range from small discussion-based exercises that last two hours to full-scale, internationally scoped, operations-based exercises that span multiple days.

Cyber Storm – Cyber Storm is DHS’s flagship, biennial exercise series, which provides an opportunity for the Federal Government, SLTT organizations, and the private sector to address cyber incident response as a community. Now on its sixth iteration, each exercise in the series has simulated the discovery of, and response to a coordinated CI cyber attack.
Exercise planning and conduct – NCCIC leverages DHS’s Homeland Security Exercise and Evaluation Program (HSEEP) model to plan and conduct a full spectrum of discussion- and operations-based cyber exercises based on stakeholder needs. This support includes the development of exercise scenarios and supporting materials, meeting facilitation, exercise facilitation and control, and exercise evaluation.
Cyber exercise consulting – For entities that prefer to develop their own exercises, NCCIC provides subject matter experts to consult on exercise design and development. NCCIC also makes off-the-shelf resources available for stakeholder use, which includes a scenario library, the Cyber Tabletop Exercise Package, Cyber Virtual Tabletop Exercises, and cyber incident response planning templates.
Cyber planning support – SME-run Cyber Planning Workshops are available to assist stakeholders with developing and revising integrated cyber plans.

For more information on cyber exercises, contact ncciccustomerservice@hq.dhs.gov.

Federal Virtual Training Environment (FedVTE)

The Federal Virtual Training Environment (FedVTE) is a free, online and on-demand cybersecurity training system. With courses ranging from beginner to advanced levels, you can strengthen or build your cybersecurity skillsets – at your own pace and schedule! FedVTE provides cybersecurity training to federal, state, local, tribal, and territorial government employees, federal contractors, U.S. military veterans and the public.

A limited number of courses are publicly available here: https://fedvte.usalearning.gov/public_fedvte.php

Highlights include:

Certification prep courses – Prepare and train for your next certification with our Certified Ethical Hacker, Cybersecurity Analyst (CySA+), Network +, Security +, Certified Information Security Manager (CISM), and Certified Information Systems Security Professional (CISSP) courses.
Access – FedVTE courses can be completed at your own pace, at any time using your PC, laptop, or other mobile devices (i.e., smartphones, tablets).
NICE Cybersecurity Workforce Framework – All courses are mapped to the NICE Framework Categories and Specialty Areas to help you identify courses that you need for your job or aspiration.

To register for an account or see the full course catalog, visit fedvte.usalearning.gov. For more information, visit niccs.us-cert.gov/training/federal-virtual-training-environment-fedvte.

FedVTE offers courses from Beginner to Advanced Levels:

Basic

The Election Official as IT Manager
Cryptocurrency for Law Enforcement
Cyber Supply Chain Risk Management (C-SCRM)
Fundamentals of Cyber Risk Management
(ISC)2™ Systems Security Certified Practitioner
CompTIA A+ Certification Prep
CompTIA Network+ Certification Prep
101 Critical Infrastructure Protection
101 Reverse Engineering
101 Coding

Intermediate

Cyber Dark Arts
Mobile and Device Security
Wireless Network Security (WNS)
Windows Operating System Security
Cloud Computing Security
Comp TIA Security+ (SY-501) Certification Prep
ISACA Certified Information Security Manager (CISM)

Advanced

(ISC)2™ Certified Information Systems Security Professional (CISSP) Certification Prep
(EC-Council) Certified Ethical Hacker Version 10 Prep
(ISC)2™ CISSP Concentration: ISSEP (Engineering)
(ISC)2™ CISSP Concentration: ISSMP (Management)
Mobile Forensics
IPv6 Security

Incident Response Training

For more information about the Incident Response series, visit https://www.cisa.gov/incident-response-training. Receive training opportunity notices and learn more about online and interactive training options by emailing CyberInsights@cisa.dhs.gov to join the distribution list.

Industrial Control Systems (ICS)

For more information about the ICS program visit: https://www.us-cert.gov/ics. To find more information about the ICS Training visit: https://www.us-cert.gov/ics/Training-Available-Through-ICS-CERT. Register for free web-based training at https://ics-training.inl.gov/learn.

National Initiative for Cybersecurity Careers and Studies

The National Initiative for Cybersecurity Careers and Studies (NICCS) was developed in close partnership between DHS, NIST, the Office of the Director of National Intelligence, and the Department of Defense, along with other government agencies, to leverage efforts of government, industry, and academia to provide a comprehensive, single resource to address the Nation’s cybersecurity knowledge needs.

NICCS is an online resource for cybersecurity training that connects government employees, students, educators, and industry with cybersecurity training providers throughout the Nation.

Resource benefits include:

NICCS Education and Training Catalog – The catalog is a central location of over 3,000 cybersecurity related courses from over 125 different providers. The catalog can be searched by course location, preferred delivery method (i.e., online or in-person), specialty area, and proficiency level. Courses are designed for participants to add a skillset, increase their level of expertise, earn a certification, or transition to a new career. Strict vetting criteria for course providers ensure that the courses listed in the catalog are offered by organizations that are recognized as providing quality resources. Each course has been mapped to at least one specialty area within the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. For more information on NICCS and the National Cybersecurity Workforce Framework, visit niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework.
Formal Education –
- The National Centers of Academic Excellence (CAE) Program - Jointly sponsored by DHS and the National Security Agency (NSA), CAE designates specific two- and four-year colleges and universities, based on their robust degree programs and alignment to cybersecurity-related knowledge units validated by cybersecurity experts.
- The CyberCorps Scholarship for Service (SFS) Program - The National Science Foundation (NSF provides scholarships for students at select colleges and universities in return for service in federal or SLTT governments upon graduation. For more information on SFS, visit www.sfs.opm.gov/.
Workforce Development –
- The Cybersecurity Workforce Development Toolkit - The toolkit helps organizations understand their cybersecurity workforce and staffing need to protect their information, customers, and networks better. The toolkit includes cybersecurity career path templates and recruitment resources to recruit and retain top cybersecurity talent. For more information on NICCS and the Cybersecurity Workforce Development Toolkit visit niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework.
- The National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework - The NICE Framework provides a blueprint to describe cybersecurity work by categories, specialty areas, work roles, tasks, and knowledge, skills, and abilities (KSAs). The NICE Framework provides a common language to speak about cybersecurity positions. For more information on NICCS and the National Cybersecurity Workforce Framework, visit niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework.

For more information, visit niccs.us-cert.gov/ or contact NICCS@hq.dhs.gov