Cybersecurity Training & Exercises

CISA looks to enable the cyber-ready workforce of tomorrow by leading training and education of the cybersecurity workforce by providing training for federal employees, private-sector cybersecurity professionals, critical infrastructure operators, educational partners, and the general public. CISA is committed to supporting the national cyber workforce and protecting the nation's cyber infrastructure.

Federal Employees

Federal Virtual Training Environment

The Federal Virtual Training Environment (FedVTE) is a free, online, and on-demand cybersecurity training system. With courses ranging from beginner to advanced levels, you can strengthen or build your cybersecurity skillsets at your own pace and schedule! 

  • Certification Prep 

    Certification prep courses are available on topics such as Ethical Hacking, Certified Information Security Manager (CISM), and Certified Information Systems Security Professional (CISSP). 
  • NICE Framework  

    The NICE Cybersecurity Workforce Framework is the foundation for increasing the size and capability of the U.S. cybersecurity workforce. It provides a common definition of cybersecurity, a comprehensive list of cybersecurity tasks, and the knowledge, skills, and abilities (KSAs) required to perform those tasks. All FedVTE courses are aligned with NICE Cybersecurity Workforce Framework work roles, so you can find courses that are the most applicable to your role. 
Federal Cyber Defense Skilling Academy

The Federal Cyber Defense Skilling Academy is a 12-week cohort program created for federal employees to develop the baseline knowledge, skills, and abilities of a Cyber Defense Analyst (CDA). 

Incident Response Training

CISA’s no-cost Incident Response Training curriculum provides a range of training offerings for beginner and intermediate cyber professionals encompassing basic cybersecurity awareness and best practices for organizations and hands-on cyber range training courses for incident response.

Workforce Training Guide

CISA’s Cybersecurity Workforce Training Guide is for current and future federal and state, local, tribal, and territorial (SLTT) cybersecurity and IT professionals looking to expand their cybersecurity skills and career options. This is a downloadable, interactive guide meant to be used with the Cyber Career Pathways Tool. Start planning your next cyber career move today!

Cybersecurity Exercises

CISA conducts cyber and physical security exercises with government and industry partners to enhance security and resilience of critical infrastructure. These exercises provide stakeholders with effective and practical mechanisms to identify best practices, lessons learned, and areas for improvement in plans and procedures.

Exercise Planning and Conduct Support Services

INCREASE YOUR RESILIENCE
Contact: cisa.exercises@cisa.dhs.gov
CISA provides end-to-end exercise planning and conduct support to assist stakeholders in examining their cybersecurity and physical security plans and capabilities.
Foundational, Intermediate, Advanced
A group of people in a course sitting in seats listening to an instructor up front

CISA Tabletop Exercise Packages

INCREASE YOUR RESILIENCE
Contact: cisa.exercises@cisa.dhs.gov
A comprehensive set of resources designed to assist stakeholders in conducting their own exercises and initiating discussions within their organizations about their ability to address a variety of threat scenarios.
Foundational

Cyber Storm

INCREASE YOUR RESILIENCE
Contact: cyberstorm@cisa.dhs.gov
CISA-sponsored cybersecurity exercise that simulates a large-scale, coordinated cyber-attack impacting critical infrastructure
Intermediate

Tabletop the Vote 

EXERCISE | OTHER
Tabletop the Vote is CISA’s yearly national election security exercise. Federal partners, state and local election officials, and vendors come together to identify and share best practices and areas for improvement related to election security.

Critical Infrastructure Operators

Assessment Evaluation and Standardization

The Assessment Evaluation and Standardization (AES) program is designed to enable organizations to have a trained individual that can perform several cybersecurity assessments and reviews in accordance with industry and/or federal information security standards. 

Continuous Diagnostics and Mitigation

The Continuous Diagnostics and Mitigation (CDM) program supports government-wide and agency-specific efforts to provide risk-based, consistent, and cost-effective cybersecurity solutions to protect federal civilian networks across all organizational tiers. 

CISA Tabletop Exercise Package

The CISA Tabletop Exercise Package (CTEP) is designed to assist critical infrastructure owners and operators in developing their own tabletop exercises to meet the specific needs of their facilities and stakeholders.

Industrial Control Systems

CISA offers free Industrial Control Systems (ICS) cybersecurity training to protect against cyber-attacks to critical infrastructure, such as power grids and water treatment facilities. CISA’s ICS training is globally recognized for its relevance and available virtually around the world.

Cybersecurity Professionals (Non-Federal)

Federal Virtual Training Environment

The Federal Virtual Training Environment (FedVTE) is a free, online, and on-demand cybersecurity training system. With courses ranging from beginner to advanced levels, you can strengthen or build your cybersecurity skillsets at your own pace and schedule! 

  • Certification Prep  

    Certification prep courses are available on topics such as Ethical Hacking, Certified Information Security Manager (CISM), and Certified Information Systems Security Professional (CISSP). 

  • NICE Framework  

    The NICE Cybersecurity Workforce Framework is the foundation for increasing the size and capability of the U.S. cybersecurity workforce. It provides a common definition of cybersecurity, a comprehensive list of cybersecurity tasks, and the knowledge, skills, and abilities (KSAs) required to perform those tasks. 

Workforce Training Guide

CISA’s downloadable Cybersecurity Workforce Training Guide (.pdf, 3.53 MB) helps staff develop a training plan based on their current skill level and desired career path.

General Public

Federal Virtual Training Environment Public Cyber Security Training On Demand

The Federal Virtual Training Environment (FedVTE) is now offering courses that are free and available to the public. With courses ranging from beginner to advanced levels, you can strengthen or build your cybersecurity skillsets at your own pace and schedule! 

  • Certification Prep  

    Certification prep courses are available to the public on topics such as 101 Coding, Cyber Supply Chain Risk Management, Cyber Essentials, and Foundations of Cybersecurity for Managers. 

  • NICE Framework  

    The National Initiative for Cybersecurity Education (NICE) Framework provides a blueprint to categorize, organize, and describe cybersecurity work into specialty areas and tasks, including knowledge, skills, and abilities (KSAs). FedVTE divides the available courses into these elements and tags them by specialty area to help you identify courses that you need for your particular job or aspiration. 

Incident Response Training

CISA’s no-cost Incident Response Training curriculum provides a range of training offerings for beginner and intermediate cyber professionals encompassing basic cybersecurity awareness and best practices for organizations and hands-on cyber range training courses for incident response.