Technology enabling the business of government

Cybersecurity Workforce Academy Course Descriptions and Schedule

The Cybersecurity Workforce Academy is offering 12 courses in 2017 to information security officers in Georgia state agencies. They are taught as online virtual instructor-led training through the GTA Learning Center. They take place on the dates indicated below from 9 a.m. to 3 p.m.

Enrollment for 2017 courses is closed, but an online application for the 2018 session will be available beginning in November.

Introduction and Basic Cybersecurity, January 24 (One day)

This course is a primer and is meant to convey a broad abstract of cybersecurity in a networking environment. This course sets out some of the security basics for cybersecurity professionals, examines where the major threats are coming from today and in the future, and looks at some new solutions to the growing challenge of managing security.

Information Security Officer in the Public Sector, February 7 ‒ 8 (Two days)

This course introduces the role and responsibility of an information security officer within state government. This course also provides the ISO with general guidance and assistance in understanding the ISO role in developing and maintaining an effective information security program in the public sector.

Building an Information Security Program in the Public Sector, March 7 ‒ 8 (Two days)

This course identifies eight key components to be considered when developing, implementing, reviewing, or seeking to improve the effectiveness of an information security program in the public sector. The key components are:

  1. Security Governance
  2. Strategic Information Security Planning
  3. Policy and Compliance Management
  4. IT/IS Risk Management
  5. Cyber Security Incident Management
  6. Security Awareness and Training
  7. Continuity of Operations Planning
  8. Annual Information Security Program Report

Cybersecurity Strategic Planning, April 4 ‒ 5 (Two days)

This course will systematically walk through the process of creating an IT or IS Strategic and Implementation Plan. Strategy is the match between an organization’s resources and skills, the environmental opportunities and risks it faces, and the purpose it wishes to accomplish. Strategic planning and strategic thinking will be discussed.

Cybersecurity Policy Management, May 2 (One day)

As the (C)ISO and/or security designee for you organization, you must provide for the protection of its information assets by establishing appropriate administrative, operational, and technical policies, standards, and procedures to ensure its operations conform with business requirements, laws, and administrative policies. You must also make sure personnel maintain a standard of due care to prevent misuse, loss, disruption, or compromise of state entity information assets. Where does one start in the adoption, maintenance, and enforcement of internal administrative, operational, and technical policies, standards, and procedures to support information security program goals and objectives?

Cybersecurity Incident Management, June 20 (One day)

This course will review agency, enterprise, and state incident management processes. The focus is on describing and identifying processes associated with the National Incident Management System (NIMS) and its relationship to the state of Georgia's cyber incident management process. Course materials will also detail the importance of goals and objectives in response management.

IT and Information Security Risk Management, July 11 ‒ 12 (Two days)

This course provides participants with foundational knowledge of the Risk Management Framework (RMF) in accordance with the Federal Information Security Management Act (FISMA) and the National Institute of Standards and Technology. 

Security Awareness, Training, Education, and Professional Development, August 8 (One day)

A strong cybersecurity program cannot be put in place without significant attention to training agency users on security policy, standards, procedures, and techniques. Training must also focus on the various management, operational, and technical controls necessary and available to secure resources and assets. Those in the agency who manage the IT infrastructure need to have the necessary skills to effectively carry out their assigned duties.

Cybersecurity Maturity, August 22 (One day)

“If cyber security is a journey; not a destination,” then where is your cyber security program in the journey?  Are you still reactive and ad-hoc or proactive and prepared for any eventuality? A comprehensive information security program can significantly limit the organization's exposure to business-critical risks. Come, let’s explore cyber security program maturity: culture, philosophy, processes, technology and awareness.  What are the program maturity levels and how does one assess and what industry models are available?  Move beyond a narrow, IT-centric view of information security to align security activities with business needs, and to develop an organization-wide "security aware" culture.

Continuity of Operations Planning/Cyber Resilience, September 12 ‒ 13 (Two days)

A COOP is a collection of resources, actions, procedures, and information that is developed, tested, and held in readiness for use in the event of a major disruption of operations. COOP planning helps prepare state entities to maintain mission-critical operations after any emergency or disaster. Examples include backups and recovery, cyber incident response, disaster recovery, and business continuity.

IT and Cybersecurity Leadership, October 10 ‒ 11 (Two days)

What makes leaders great? Is it their courage? Their business acumen? Their expert knowledge? Their ability to organize? Leadership is the process of influencing others to accomplish stated goals and objectives by providing purpose, direction, and motivation. This course will explore the following topics:

  • Characteristics of leaders and how leaders think
  • Dyadic leadership: One-on-one leadership within the organization; influencing and engaging others
  • Leading up: Leading managers and other leaders
  • Team building, team dynamics, and how to assemble a team

Capstone Project, November

Participants will spend the month of November 2017 researching a chosen topic on cybersecurity and preparing a presentation to demonstrate competency and mastery of subject matter. A certification ceremony will take place in December 2017.