The DS Information Assurance and Cybersecurity Role-Based Training Program. Diplomatic Security Training Center (DSTC) Dunn Loring, VA

Similar documents
Information Assurance Branch (IAB) Cybersecurity Best Practice for Executive Level Managers

Audit of the Department of State Information Security Program

Department of Homeland Security Federal Government Offerings, Products, and Services

An Overview of Large US Military Cybersecurity Organizations

GAO. INFORMATION SECURITY Persistent Weaknesses Highlight Need for Further Improvement

Statement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education

AUDIT REPORT. Federal Energy Regulatory Commission s Unclassified Cybersecurity Program 2015

CyberSkills Management Support Initiative

Middle Class Economics: Cybersecurity Updated August 7, 2015

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

Audit of the Board s Information Security Program

GAO Information Security Issues

Introduction to NICE Cybersecurity Workforce Framework

Actions and Recommendations (A/R) Summary

NICE and Framework Overview

DHS. CMSI Webinar Series

Deputy Chief Financial Officer Peggy Sherry. And. Chief Information Security Officer Robert West. U.S. Department of Homeland Security.

Compliance Risk Management IT Governance Assurance

Cybersecurity Risk Management Activities Instructions Fiscal Year 2015

GAO CYBERSECURITY HUMAN CAPITAL. Initiatives Need Better Planning and Coordination

INFRAGARD.ORG. Portland FBI. Unclassified 1

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record

Department of Homeland Security Office of Inspector General

Written Statement of Richard Dewey Executive Vice President New York Independent System Operator

Solving the CIO s Cybersecurity Dilemma: 20 Critical Controls for Effective Cyber Defense

National Cybersecurity Assessment and Technical Services

April 10, Ms. Melissa Hathaway Acting Senior Director for Cyberspace National Security and Homeland Security Councils. Dear Ms.

Department of Homeland Security

Department of Homeland Security Information Sharing Strategy

How To Improve Federal Network Security

FEDERAL INFORMATION SECURITY. Mixed Progress in Implementing Program Components; Improved Metrics Needed to Measure Effectiveness

Preventing and Defending Against Cyber Attacks November 2010

Threats to Local Governments and What You Can Do to Mitigate the Risks

2014 Audit of the Board s Information Security Program

US Cyber Marathon. David Ambrose, Chief Security Officer and Chief Privacy Officer Bureau of the Fiscal Service U.S. Department of the Treasury

Enhancing NASA Cyber Security Awareness From the C-Suite to the End-User

DEFINING CYBERSECURITY FEDERAL AGENCY CYBERSECURITY FUNDING

The Comprehensive National Cybersecurity Initiative

El Camino College Homeland Security Spring 2016 Courses

Independent Evaluation of NRC s Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2015

NASA OFFICE OF INSPECTOR GENERAL

National Initiative for Cyber Security Education

Wasting Money on the Tools? Automating the Most Critical Security Controls. Mason Brown Director, The SANS Institute

Homeland Open Security Technology HOST Program

ITL BULLETIN FOR SEPTEMBER 2012 REVISED GUIDE HELPS ORGANIZATIONS HANDLE SECURITY-RELATED INCIDENTS

The HIPAA Security Rule: Theory and Practice

AUDIT REPORT. Cybersecurity Controls Over a Major National Nuclear Security Administration Information System

U.S. ELECTION ASSISTANCE COMMISSION OFFICE OF INSPECTOR GENERAL

Hearing before the House Permanent Select Committee on Intelligence. Homeland Security and Intelligence: Next Steps in Evolving the Mission

STATEMENT OF JOSEPH DEMAREST ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION BEFORE THE

Homeland Security Virtual Assistance Center

Strategic Plan September 2012

Working with the FBI

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

The U.S. Department of Education s Compliance with the Federal Information Security Management Act of 2002 for Fiscal Year 2014 FINAL AUDIT REPORT

NICE Cybersecurity Workforce Framework Tutorial

SECTION-BY-SECTION. Section 1. Short Title. The short title of the bill is the Cybersecurity Act of 2012.

TSA audit - How Well Does It Measure Network Security?

EVALUATION REPORT. The Department of Energy's Unclassified Cybersecurity Program 2014

July 2015-August 2016

FREQUENTLY ASKED QUESTIONS

How to use the National Cybersecurity Workforce Framework. Your Implementation Guide

DEFINING CYBERSECURITY GROWTH CATALYSTS & LEGISLATION

NATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL

Department of Defense DIRECTIVE

NIST Cyber Security Activities

Program Overview and 2015 Outlook

Preventing and Defending Against Cyber Attacks June 2011

Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

Report on CAP Cybersecurity November 5, 2015

DEPARMTMENT OF HOMELAND SECURITY AUTHORIZATION BILL FOR FY 2008 AND FY 2009 SECTION-BY-SECTION

Computer Network Security & Privacy Protection

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

Cybersecurity Training

Portal Storm: A Cyber/Business Continuity Exercise. Cyber Security Initiatives

U.S. Department of Energy Office of Inspector General Office of Audits and Inspections. Evaluation Report

NARA s Information Security Program. OIG Audit Report No October 27, 2014

SCAC Annual Conference. Cybersecurity Demystified

INFORMATION SECURITY. Evaluation of GAO s Program and Practices for Fiscal Year 2012 OIG-13-2

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs)

Office of Inspector General

2015 List of Major Management Challenges for the CFPB

5 FAM 1060 INFORMATION ASSURANCE MANAGEMENT

Water Security in New Jersey: Partnership and Services

CLIENT UPDATE CRITICAL INFRASTRUCTURE CYBERSECURITY: U.S. GOVERNMENT RESPONSE AND IMPLICATIONS

a GAO GAO INFORMATION SECURITY Department of Homeland Security Needs to Fully Implement Its Security Program

Preventing and Defending Against Cyber Attacks October 2011

Priority III: A National Cyberspace Security Awareness and Training Program

Testimony of. Before the United States House of Representatives Committee on Oversight and Government Reform And the Committee on Homeland Security

Briefing Report: Improvements Needed in EPA s Information Security Program

Department of Homeland Security Office of Inspector General. DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems

White Paper on Financial Industry Regulatory Climate

UNCLASSIFIED (U) U.S. Department of State Foreign Affairs Manual Volume 5 Information Management 5 FAM 870 NETWORKS

2015 CEO & Board University Cybersecurity on the Rise. Matthew J. Putvinski, CPA, CISA, CISSP

EC-Council. Certified Ethical Hacker. Program Brochure

WORLDWIDE SECURITY PROTECTION

Confrontation or Collaboration?

Transcription:

The DS Information Assurance and Cybersecurity Role-Based Training Program Diplomatic Security Training Center (DSTC) Dunn Loring, VA

IAB Mission The Information Assurance Branch s (IAB s) mission is to provide information assurance and cybersecurity training to U.S. Government employees under the President s and Director of National Intelligence s directives that cybersecurity is a U.S. national priority. IAB, specifically, provides Department of State role-based Information Assurance and Cybersecurity training under the U.S. Comprehensive National Cybersecurity Initiative (CNCI).

Initiatives Collaboration within the Department DS/CS Awareness Program IRM/IA FSI/SAIT Consular Affairs Collaboration with other Agencies/Departments DHS Center of Excellence NIST (w/dhs) developed NICE NSA Participation in Exercises and Courses FBI NRC SSA NARA

DoS Instructor-led Cybersecurity and Information Assurance (IA) Training

IAB Training Purpose: Provide information assurance and cybersecurity training to U.S. Government employees under the President s and Director of National Intelligence s directives National Initiative for Cybersecurity Education (Cybersecurity Workforce Framework) FISMA Compliant (800-16, -34, -53) 508 Compliant Federal Law Enforcement Training Accreditation (FLETA) Ongoing Course Updates

Instructor-Led Courses IA101 IA for ISSOs IA201 IA for System Administrators IA304 IA for Managers IA305 IA for System Owners IA401 IA for Executives IA610 IA for Developers

Information Assurance for ISSOs IA101 Develops the skills and knowledge required of Information Systems Security Officers (ISSO) enabling them to conduct in-depth security assessments and evaluations on Government computer networks. The training provides hands-on network auditing exercises and promotes familiarity with various newly developed auditing technologies. Audience - The IT security workforce within the US Military, Federal, State, Local, Tribal Council, and US Territorial Governments. 5 Day Course at DSTC or Client Facility

Information Assurance for System Administrators IA201 Provides guidance to systems administrators on mandated network security policies and regulations that they are required to implement on the Windows operating system software used on Government networks. The training provides Best Practices security requirements and implementation procedures in accordance with the current Government security configuration requirements through hands-on exercises. Audience - Direct hire, contract personnel, and Government system administrators. 5 Day Course at DSTC or Client Facility

Information Assurance for Managers IA304 Provides training for personnel responsible for management of employees who handle sensitive information. Training focuses on manager's information security-related responsibilities to prevent and react to cybersecurity incidents within their group. Students are introduced to the risk management framework and core security principles as well as participate in scenario based problem-solving exercises and receive checklists and job aids. Audience - Government managers of employees who handle sensitive information; to include but not limited to: Management Officers and management section heads, Information Program Officers, Information Management Officers, Information Systems Officers overseas; Domestically, Program, Division, and Branch Chiefs. 3 Day Course at DSTC or Client Facility

Information Assurance for Executives IA401 Government personnel with highest level of responsibility. It includes an overview of the Government's information systems, their vulnerabilities, threats to information security and risk assessment/management. Topics include security and reporting requirements of FISMA, results of Office of the Inspector General audits and reports to the Office of Management and Budget and Congress. Case studies and lessons learned are used to emphasize the critical role of executive-level leadership in protecting the Government's information and information systems. This BP course is also available on-line. Audience - Deputy Secretary, Under Secretary, Assistant Secretary, Deputy Assistant Secretary, Senior Executive Service (SES), Executive Director, Principal Officer, and Chief Information Officer. 1 Day Course at DSTC, Client Facility, or Online

Information Assurance for System Developers IA610 Introduces application designers and/or developers to basic software assurance concepts and practices. The training provides the students with crucial resources currently available to software assurance professionals in the field, exposing the students to appropriate application security requirements, and providing hands-on experience manipulating code to mitigate weakness and prevent successful attacks. Emphasis placed on providing participants with an understanding of current threats and the specific software code vulnerabilities that they target, as well as techniques and tools used to counter these threats. Audience - Application Designers and Developers (including Web and Database Designers and Developers) 5 Day Course at DSTC or Client Facility

IAB Snapshot

Purpose: Cybersecurity On-Line Learning (COL) To provide instructor-led, interactive IT security learning opportunities on a just-in-time basis. Security-related Provides continuous learning Topics that are current, interesting and helpful Job aids Interactive CPEs and CEUs for maintaining certifications (with organization approval)

COL Topics Cyber Ransom Cyber Extortion Contingency Planning System Attack Methods Introduction IPV6 User Permissions BYOD Security Concerns Insider Threat Audits Windows 7 Implementation Application Security (I, II, III, IV) Stuxnet, Flame and Duqu ediscovery Wireless Security - Roundtable Discussion Network Security Monitoring (I and II) Know Your Cyber Enemy: Environmental Virtualization (Not an all-inclusive course list)

COL Snapshot

Information Systems Security Line of Business (ISSLOB) Certification of the Diplomatic Security Training Center as an Information Systems Security Line Of Business in June 2010 o Office of Management and Budget guidelines Department of Homeland Security (DHS) partnership Designation as a Center of Excellence for information assurance training Customized or Best Practices Courses DS remains at the cutting edge of physical, cyber, and technical security. Assistant Secretary of State Eric J. Boswell, DS 2010 Year In Review

Contact Information Information Assurance Branch Chief Caren Saxe SaxeCT@state.gov 571-226-9743 Information Assurance Section Chief Donald Vanderau VanderauDon@State.gov 571-204-6118 Cybersecurity On-Line Learning (COL) Stephan Campos CamposSD@State.gov 571-226-9466 Cybersecurity On-Line Learning (COL) John Light LightJA@State.gov 703-204-6117 Information Systems Security Line of Business (ISSLOB) Robert Clarke ClarkeRA@State.gov 571-226-9476

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information