DHS Cybersecurity

AWR136 – Essentials of Community Cybersecurity

The Essentials of Community Cybersecurity (ECCS) course provides individuals, community leaders, and first responders with information on how cyber attacks can impact, prevent, and/or stop operations and emergency responses in a community. The course also provides a cursory introduction to cybersecurity vulnerabilities, risks, threats, and countermeasures. It explains vulnerabilities of computer systems and networks and how these vulnerabilities can affect communities, organizations, and daily workplace operations. The course introduces actions communities can take in establishing a cybersecurity program. The course provides participants with an awareness of issues. It gives an overview of threats and vulnerabilities, without going into too many details, to highlight the potential impact a cyber attack could have. Participants discuss some of the fundamental activities needed to develop a cybersecurity program, without addressing the technical details of how to secure critical infrastructures. The course introduces the Community Cybersecurity Maturity Model (CCSMM) as a framework for understanding community cybersecurity and offers a brief introduction to low-cost or no-cost approaches to securing a community against cybersecurity threats and attacks. The course sets the stage for further efforts in which a community can build a cybersecurity program.

Course Objectives

At the conclusion of the course, participants will be able to:

• Recognize why community cybersecurity is important.
• Recognize the characteristics of a community cybersecurity program.

Contact Information

AWR376 – Understanding Targeted Cyber Attacks

This course provides participants with specific information regarding targeted cyber attacks, including advanced persistent threats. This information will place them in a better position to plan and prepare for, respond to, and recover from targeted cyber attacks. This course will fill the gap in threat-specific training for cybersecurity as a community-driven course that focuses on the phases of targeted cyber attacks and the attacker methods used during each phase. Participants will also receive valuable information on cyber attack prevention, mitigation and response.

Contact Information

MGT384 – Community Preparedness for Cyber Incidents

MGT 384, Community Preparedness for Cyber Incidents, is designed to provide organizations and communities with strategies and processes to increase cyber resilience. During this 12-hour course, participants will analyze cyber threats and initial and cascading impacts of cyber incidents, evaluate the process for developing a cyber preparedness program, examine the importance and challenges of cyber related information sharing and discover low to no-cost resources to help build cyber resilience.

Contact Information

MGT385 – Community Cybersecurity Exercise Planning

This course is designed to introduce cyber to exercise planners to help them recognize the nature and reach of cyber, so they can better help their communities prevent, detect, respond to, and recover from cyber incidents. Participants will recognize how cyber can be incorporated into exercises in a meaningful way. Participants will be introduced to cyber topics and how cyber can impact the business operations of an organization and community. Lecture and activities will explore objectives, players, cyber injects and challenges to incorporating cyber into exercises. Participants will be exposed to many possible injects and scenarios that can be used in an exercise. Participants will begin development of a community cybersecurity tabletop exercise. The Community Cybersecurity Maturity Model will be used to examine the contribution of exercises to a community’s overall cybersecurity posture. This course teaches planning personnel how to include cyber components in their regular planning process. Participants will be given the opportunity to plan cyber components for future community cybersecurity exercises.

This course was developed by the University of Memphis through the DHS/FEMA Homeland Security National Training Program.  

Contact Information

MGT452 – Physical and Cybersecurity for Critical Infrastructure

The national and economic security of the United States depends on the reliable functioning of critical infrastructure. This course encourages collaboration efforts among individuals and organizations responsible for both physical and cybersecurity toward development of integrated risk management strategies that lead to enhanced capabilities necessary for the protection of our Nation’s critical infrastructure.

Participants will identify physical and cybersecurity concerns impacting overall infrastructure security posture, examine integrated physical and cybersecurity incidents and the evolving risks and impacts they pose to critical infrastructure, and explore resources that can be applied to improve security within an organization, business, or government entity.

This course meets Texas Commission on Law Enforcement (TCOLE) requirements for MGT452 Physical and Cyber Security for Critical Infrastructure course #78401.

Contact Information

MGT465 – Recovering from Cybersecurity Incidents

This course is designed to provide guidance for the implementation of an effective cybersecurity incident recovery program from a pre-incident and post-incident perspective. The training focuses on connecting IT with emergency management and is intended for government, critical infrastructure, and private sector personnel who have the responsibility for recovering after a cyber incident. Short term tactical and long-term strategic activities are discussed culminating in the development of an action plan.

Contact Information

OGT627 – Cybersecurity Resiliency in Industrial Control Systems

This course provides an understanding of cybersecurity resiliency in industrial control systems (ICS). The course will review the Internet of Things (IoT), vulnerabilities within Operational Technology (OT) and Supervisory Control and Data Acquisition (SCADA) systems, methods of detecting and responding to cyber attacks in the systems, as well as actions that can be taken by non-technical personnel to mitigate or minimize the effects of cyber attacks.

Contact Information

AWR353 – Using the Community Cyber Security Maturity Model (CCSMM) to Develop a Cyber Security Program

Using the Community Cyber Security Maturity Model to Develop a Cyber Security Program will introduce students to the DHS-supported Community Cyber Security Maturity Model (CCSMM) which can be used as a guide for communities and states in developing their own CCSMM-consistent cybersecurity programs. Students will learn what is required to develop a coordinated, sustained, and viable community cyber security program and resources available to assist in improving awareness, information sharing, policies, and plans.  

This course was developed by the University of Texas at San Antonio Center for Infrastructure Assurance and Security through the DHS/FEMA Homeland Security National Training Program

Contact Information

AWR366 – Developing a Cyber Security Annex for Incident Response

Cyber-attacks occur more frequently and have become increasingly sophisticated. Cybersecurity events now have the potential to significantly disrupt the business operations of government and critical infrastructure services. Public and private sectors, in the United States, are at increasing and continual risk of surprise attacks from nation-state and non-state actors. (Burgess, 2018)

The National Response Framework describes how preparedness can be achieved by developing an incident annex for each hazard. Incident annexes describe coordinating structures used to deliver core capabilities and support response missions unique to a specific type of incident. Incident annexes describe specialized response teams, resources, roles, responsibilities, and other scenario-specific considerations. 

At the end of this course, participants should possess the fundamentals needed to design and develop a cyber annex for states, locals, tribes, and/or territories (SLTTs). It addresses what the annex is, how it is used, who should participate in the design, implementation, and execution. 

This course was developed by the University of Texas at San Antonio Center for Infrastructure Assurance and Security through the DHS/FEMA Homeland Security National Training Program.  

Contact Information

AWR367 – Understanding Social Engineering Attacks

This online course covers topics on social engineering attack techniques and tools, while also equipping learners with a better understanding of how attackers use people as the weakest link to compromise targeted organizations. Participants will learn about social engineering and become familiar with phishing attacks, develop security awareness and take preventive measures. 

This course was developed by the University of Memphis, Center for Information Assurance (CfIA) through the DHS/FEMA Homeland Security National Training Program.  

Contact Information

AWR368 – Introduction to Basic Vulnerability Assessment Skills

This course introduces the preparatory skills needed to learn penetration testing and vulnerability assessment, and familiarizes Information Technology support personnel and managers with the tactics, techniques and procedures (TTPs) that are used by attackers and penetration testers. Participants will have an increased knowledge and understanding about the tools used in a cyber-attack and in turn be better able to prepare defenses. The course focuses on the basic skills and knowledge needed to conduct and plan vulnerability assessments and penetration tests as well as show how to legally and ethically conduct tests and assessments. Participants will be introduced to Open Source tools such as Metasploit and Nmap, as well as methodologies for researching vulnerabilities. This course is designed based on research and federal agency reports.

This course was developed by the Norwich University Applied Research Institutes (NUARI) through the DHS/FEMA Homeland Security National Training Program.  

Contact Information

AWR381 – Establishing an Information Sharing and Analysis Organization

Cyber-attacks occur more frequently and have become increasingly sophisticated. Cybersecurity events now have the potential to significantly disrupt the business operations of government and critical infrastructure services. Public and private sectors, in the United States, are at increasing and continual risk of surprise attacks from nation-state and non-state actors. (Burgess, 2018)

The growing Information Sharing and Analysis Organization (ISAO) ecosystem provides an opportunity to empower the nation to become more educated and effective in preventing, detecting, and responding to the increasingly sophisticated landscape of cyber threats. There are considerable challenges with the vast quantity of information, the complexities of analysis, and the uncertainties of sharing data with a large network of organizations.

In the 2016 National Preparedness Report, 88% of states and territories indicated a high prioritization of cybersecurity, with only a 13% proficiency in that capability. Likewise, 86% of states and territories ranked intelligence and information sharing as a high priority, with a reported 57% proficiency in that capability. The establishment of an ISAO is a critical step to improve both of these capabilities.

Executive Order 13691 encourages the formation of ISAOs, and states that “organizations engaged in the sharing of information related to cybersecurity risks and incidents play an invaluable role in the collective cybersecurity of the United States”. At the end of this course, participants should possess the fundamentals needed to design and develop an Information Sharing and Analysis Organization (ISAO) for states, locals, tribes, and/or territories (SLTTs). It addresses what the ISAO is, how it is used, who should participate in the design, implementation, building, and execution.

This course was developed by the University of Texas at San Antonio Center for Infrastructure Assurance and Security through the DHS/FEMA Homeland Security National Training Program

Contact Information

AWR385 – Mobile Device Security and Privacy

This course is designed to assist individuals better understand security and privacy issues associated with mobile devices and infrastructure; including benefits and challenges of designing, implementing, and maintaining Bring Your Own Device (BYOD) Programs. Using scenarios, thought challenges and exercises as a framework, students will learn about: 

• The purpose of Enterprise Mobile Management platforms 
• Elements that make mobile networks and operating systems different
• Mobile malware classifications and detection strategies
• Mobile architecture data leakage detection and prevention strategies.

This course was developed by the University of Memphis through the DHS/FEMA Homeland Security National Training Program.  

Contact Information

AWR169 – Cyber Incident Analysis and Response

This course covers various incident analysis tools and techniques that support dynamic vulnerability analysis and elimination, intrusion detection, attack protection, and network/resources repair. The trainee will be presented with real-world examples and scenarios to help provide knowledge, understanding, and capacity for effective cyber incident analysis and response.

Two credit hours through ACE are provided only if all three courses within the Online for Business Professionals (Cyber 301) track are completed.

Contact Information

AWR176 – Disaster Recovery for Information Systems

Disaster Recovery for Information Systems will train business managers to respond to varying threats that might impact their organization’s access to information. This course provides requisite background theory and recommended best practices needed by managers to keep their offices running during incidents of different types. Topics include an overview of business continuity planning; disaster recovery planning; guides for implementing and managing disaster recovery plans, a discussion of technical vulnerabilities faced by organizations, and an examination of legal issues that may confront an organization.

Two credit hours through ACE are provided only if all three courses within the Online for Business Professionals (Cyber 301) track are completed.

Contact Information

AWR177 – Information Risk Management

This is an intermediate level course covering topics on information assets, identifying risks, and management processes highlighting best principles and practices. It will provide training on information risk-related tools and technologies (such as asset evaluation, business impact analysis, risk identification, risk quantification, risk response, security policies, and compliance) for better understanding of potential threats and vulnerabilities in business online, and learning to adopt levels of security measures and best practices.

Two credit hours through ACE are provided only if all three courses within the Online for Business Professionals (Cyber 301) track are completed.

Contact Information

AWR168 – Cyber Law and White Collar Crime

This intermediate course is designed to teach students the fundamentals of computer crime issues from a legal perspective. The training will highlight the various computer crimes and appropriate response by first defenders and others that may encounter these types of issues. Participants learn legislations and organizational efforts to control or prevent such crimes. This course covers intellectual property law (copyright, trade secrets, unfair competition, and unfair business practices), personal jurisdiction, electronic commerce and software contracts, telecommunications, antitrust, privacy, the right to accuracy of information, the right to access information, and the First Amendment.

Two credit hours through ACE are provided only if all three courses within the Online for Everyone – Non-Technical (Cyber 101) track are completed.

Contact Information

AWR174 – Cyber Ethics

Cyber Ethics is designed to teach students the proper techniques with which to approach the difficult ethical dilemmas that arise from using the modern Internet. In addition to providing students with the skills to assess future ethical dilemmas for themselves, Cyber Ethics also looks at some of the more pressing concerns related to Internet usage today.

Two credit hours through ACE are provided only if all three courses within the Online for Everyone – Non-Technical (Cyber 101) track are completed.

Contact Information

AWR175 – Information Security for Everyone

Information Security for Everyone is designed to teach the principles and practices that all computer users need to keep themselves safe, both at work and at home. By presenting best practices along with a small amount of theory, trainees are taught both what to do and why to do it. Topics covered include how to secure both clean and corrupted systems, protecting your personal data, securing simple computer networks, and safe Internet usage.

Two credit hours through ACE are provided only if all three courses within the Online for Everyone – Non-Technical (Cyber 101) track are completed.

Contact Information

AWR138 – Network Assurance

Network Assurance covers secure network practices necessary to protect networked systems against attacks and exploits. Network security administration topics include firewalls, intrusion detection/prevention, common cryptographic ciphers, AAA (authentication, authorization, and accounting), server and client security, and secure policy generation.

Two credit hours through ACE are provided only if all four courses within the Online for IT Professionals (Cyber 201) track are completed.

Contact Information

AWR139 – Digital Forensics Basics

This course covers investigative methods and standards for the acquisition, extraction, preservation, analysis, and deposition of digital evidence from storage devices. This course offers a wide array of forensics situations that are applicable to the real world. Students will learn how to find traces of illegal or illicit activities left on disk with computer forensics tools and manual techniques, and how to recover data intentionally hidden or encrypted by perpetrators.

Two credit hours through ACE are provided only if all four courses within the Online for IT Professionals (Cyber 201) track are completed.

Contact Information

AWR173 – Information Security Basics

Information Security Basics is designed to teach entry and mid-level IT staff the technological fundamentals of information security. The goal of this course is to provide trainees some preliminary knowledge of computer security to help in identifying and stopping various cyber threats. In addition to providing an introduction to information assurance, trainees will also learn general concepts (terminologies), an overview of TCP/IP, introductory network security, introductory operating system security, and basic cryptography.

Two credit hours through ACE are provided only if all four courses within the Online for IT Professionals (Cyber 201) track are completed.

Contact Information

AWR178 – Secure Software

This course covers secure programming practices necessary to secure applications against attacks and exploits. Topics covered include fundamental concepts of secure software development, defensive programming techniques, secure design and testing, and secure development methodologies.

Two credit hours through ACE are provided only if all four courses within the Online for IT Professionals (Cyber 201) track are completed.

Contact Information