The Cybersecurity Academy is offering nine courses in 2017 to information security officers in Georgia state agencies. They are taught as instructor-led training and online as virtual instructor-led training through the GTA Learning Center. They take place on the dates indicated below from 9 a.m. to 3 p.m.
Introduction and Basic Cybersecurity, January 24 (One day)
This course is a primer and is meant to convey a broad abstract of cybersecurity in a networking environment. This course sets out some of the security basics for cybersecurity professionals, examines where the major threats are coming from today and in the future, and looks at some new solutions to the growing challenge of managing security.
Information Security Officer in the Public Sector, February 7 ‒ 9 (Three days)
This course introduces the role and responsibility of an information security officer within state government. This course also provides the ISO with general guidance and assistance in understanding the ISO role in developing and maintaining an effective information security program in the public sector.
Building an Information Security Program in the Public Sector, March 7 ‒ 9 (Three days)
This course identifies eight key components to be considered when developing, implementing, reviewing, or seeking to improve the effectiveness of an information security program in the public sector. The key components are:
- Security Governance
- Strategic Information Security Planning
- Policy and Compliance Management
- IT/IS Risk Management
- Cyber Security Incident Management
- Security Awareness and Training
- Continuity of Operations Planning
- Annual Information Security Program Report
Cybersecurity Strategic Planning, April 4 ‒ 5 (Two days)
This course will systematically walk through the process of creating an IT or IS Strategic and Implementation Plan. Strategy is the match between an organization’s resources and skills, the environmental opportunities and risks it faces, and the purpose it wishes to accomplish. Strategic planning and strategic thinking will be discussed.
Cybersecurity Policy Management, May 2 ‒ 3 (Two days)
As the (C)ISO and/or security designee for you organization, you must provide for the protection of its information assets by establishing appropriate administrative, operational, and technical policies, standards, and procedures to ensure its operations conform with business requirements, laws, and administrative policies. You must also make sure personnel maintain a standard of due care to prevent misuse, loss, disruption, or compromise of state entity information assets. Where does one start in the adoption, maintenance, and enforcement of internal administrative, operational, and technical policies, standards, and procedures to support information security program goals and objectives?
IT and Information Security Risk Management, June 6 ‒ 7 (Two days)
This course provides participants with foundational knowledge of the Risk Management Framework (RMF) in accordance with the Federal Information Security Management Act (FISMA) and the National Institute of Standards and Technology.
Security Awareness, Training, Education, and Professional Development, August 8 (One day)
A strong cybersecurity program cannot be put in place without significant attention to training agency users on security policy, standards, procedures, and techniques. Training must also focus on the various management, operational, and technical controls necessary and available to secure resources and assets. Those in the agency who manage the IT infrastructure need to have the necessary skills to effectively carry out their assigned duties.
Continuity of Operations Planning/Cyber Resilience, September 12 ‒ 13 (Two days)
A COOP is a collection of resources, actions, procedures, and information that is developed, tested, and held in readiness for use in the event of a major disruption of operations. COOP planning helps prepare state entities to maintain mission-critical operations after any emergency or disaster. Examples include backups and recovery, cyber incident response, disaster recovery, and business continuity.
IT and Cybersecurity Leadership, October 10 ‒ 11 (Two days)
What makes leaders great? Is it their courage? Their business acumen? Their expert knowledge? Their ability to organize? Leadership is the process of influencing others to accomplish stated goals and objectives by providing purpose, direction, and motivation. This course will explore the following topics:
- Characteristics of leaders and how leaders think
- Dyadic leadership: One-on-one leadership within the organization; influencing and engaging others
- Leading up: Leading managers and other leaders
- Team building, team dynamics, and how to assemble a team
Participants will spend the month of November 2017 researching a chosen topic on cybersecurity and preparing a presentation.