Sorry, you need to enable JavaScript to visit this website.
Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.

Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.

The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Breadcrumb

  1. Home
  2. Events
  3. Past Events

Past Events

Filter by topic
March 25
Cybersecurity on a Budget

Discover essential tools & strategies for keeping your small business cyber-safe!

You don’t need a massive IT budget to protect your business from cyber threats. This webinar will highlight affordable and effective cybersecurity tools, risk management strategies, and best practices tailored for small business owners.

Tuesday, March 25, 2025 - 12:30 (EDT)
March 20
CSF 2.0 Webinar Series: Implementing CSF 2.0—The Why, What, and How

To address the ever-evolving cybersecurity landscape and equip organizations with information and resources to more quickly and effectively manage cybersecurity risk and improve their cybersecurity posture, NIST published a significant update to the NIST Cybersecurity Framework in 2024—CSF 2.0—the first major update to the framework in 10 years. Throughout the last year, organizations of all sizes and sectors have spent time familiarizing themselves with the CSF 2.0 and many are in the process of upgrading their cybersecurity security posture informed by CSF 2.0. 

In the first episode of NIST’s new multi-part CSF 2.0 webinar series, we will provide an overview focused on implementing CSF 2.0, including:

  • Why organizations would want to upgrade and how to foster bidirectional cybersecurity risk communications between leadership and practitioners. 
  • Practical actions organizations can take to implement the CSF 2.0. 
  • What resources are available to assist with implementation.

Time will be reserved at the end for audience questions. 

Speaker: Stephen Quinn, Senior Computer Scientist and CSF Project Lead, NIST

Thursday, March 20, 2025 - 14:00 (EDT)
March 18
Defending Internet Accessible Systems (SS204)

The Cybersecurity and Infrastructure Security Agency (CISA) is proud to offer the Incident Response Training event, Defending Internet Accessible Systems Cyber Range Training (SS204). The 200-level training events are open to government employees and contractors across federal, state, local, tribal, and territorial government, educational partners, and critical infrastructure partners. Please use your organization email address when registering.

This course is ideal for those working in cybersecurity roles who are interested in learning technical incident response skills and requires active engagement from all participants. The course assumes a mixed audience (e.g., from disparate teams and organizations) of mixed capability.

Participants will be introduced to tactics and strategies that enable them to protect their organizations from attacks against internet accessible system(s) (i.e., Internet Accessible System Attacks or IAS), through awareness of individual and organizational points of vulnerability.

Experience these benefits and more: 

  • Practice in a realistic environment: Define IAS Vulnerabilities and their indicators. 
  • Learn how to implement CISA guidance: Course exercises include implementation of the recommendations in BOD 19-02. 
  • Identify and mitigate vulnerabilities in real time: Students will identify common methods of scanning for vulnerabilities, analyzing event logs, and modifying firewall rules.  
  • Expert facilitation and peer discussion: Throughout the course, expert cybersecurity engineers will moderate discussion and conduct a recovery debrief for the exercises. Participants are also encouraged to help one another and offer relevant input to address peers' questions.

This exercise is a step-by-step, facilitated experience that uses a keyboard approach to understand these topics in a realistic technical environment.

Approved registrants must attend a mandatory student technical check the day before the training to establish a connection to the course content and lab environment.

Tuesday, March 18, 2025 - 09:00 (EDT)
March 10
Intro to Cybersecurity

Empower your small business with a deep dive into cybersecurity basics at our upcoming Introduction to Cybersecurity event. Discover practical strategies to protect your business online. Join us for insights tailored to small businesses, ensuring your digital assets are secure. Do not miss out on the chance to boost your digital security knowledge.

This event will take place online using Microsoft Teams, please register to obtain for the login information. Please note, if you are planning to use a mobile device to access this webinar, you must first download the Teams app to your device.

SBA programs and services are extended to the public on a nondiscriminatory basis. For reasonable accommodation request please send an email to [email protected](Link is external) at least 7 days in advance.

Monday, March 10, 2025 - 10:00 (EDT)
March 5
Workshop on Foundational Cybersecurity Activities for IoT Device Manufacturers

NIST will host a full-day hybrid workshop at the NCCoE to continue discussions related to a major update of NIST IR 8259. The day's activities will feature an overview of NIST's current status in updating NIST IR 8259 with extensive Q-and-A  and invited speakers to discuss current cybersecurity and IoT topics relevant to the NIST IR 8259 updates with both in-person and virtual attendees. In-Person participation is encouraged, but the full day workshop will be broadcast virtually to those who cannot attend at the NCCoE.

Wednesday, March 5, 2025 - 09:00 (EST)
February 11
Beyond Basic Cybersecurity

Explore advanced cybersecurity tactics to strengthen your business against ever-evolving threats. In this no-fee webinar, we will guide you beyond the Cybersecurity Basics trainings into a deeper exploration of essential topics for building cyber resilience.

Join us on Tuesday, February 11th, at 1:00 pm PST / 4:00 pm EST for this webinar hosted by the NorCal Small Business Development Center. Zack Barton will lead a discussion with renowned cybersecurity specialist, Jacob Blacksten, to highlight the importance of password management, multi-factor authentication, emergency response plans, and staff training within today's digital space.

Tuesday, February 11, 2025 - 16:00 (EST)
February 6
University-Based Cybersecurity Clinics: Educating the Next Generation of Cybersecurity Leaders While Safeguarding Small Businesses

Colleges and universities have long been a valuable resource for small businesses in their communities. Examples of support and outreach include running start-up incubators and accelerators, hosting small business development centers, providing a source of interns and entry-level workforce members, hosting legal and medical clinics, and much more. Recently, higher education, with support from industry and government, has been addressing two critical questions in cybersecurity through an emerging network of cybersecurity clinics: 

  • How can we bolster the cybersecurity posture of small, under-resourced organizations in our community?
  • How can we build a stronger cybersecurity workforce by providing students with valuable, hands-on learning experiences?

Through the clinics, multidisciplinary teams of students work with faculty providing no-cost  cybersecurity services to the region’s small, under-resourced organizations—providing valuable workforce development experiences to students and important cybersecurity support to those organizations who need it the most. 

This webinar will provide an overview of cybersecurity clinics, while also highlighting experiences of students and small businesses who have participated in the program. The panel discussion will run for 45 minutes, with 15 minutes reserved at the end of the hour for questions. 

Opening Remarks: 

  • Rodney Petersen, Director, National Initiative for Cybersecurity Education (NICE), NIST

Panelists: 

  • Mehdi Abid, Cyber Program Coordinator, Department of Computer Science, University of Nevada, Las Vegas
  • Aisha Ali-Gombe, Ph.D., Associate Professor and Director, LSU Cybersecurity Clinic, Louisiana State University
  • Gary Anderson, Partner, Cardinal Capital, LLC
  • Keith Daniel Tan, Scholarship for Service(SFS) Student, University of Nevada, Las Vegas

Moderator: 

  • Daniel Eliot, Lead for Small Business Engagement, NIST
Thursday, February 6, 2025 - 14:00 (EST)
February 5
Cybersecurity Series: Ransomware and Cyberthreats

Join the  UVI Information Services & Institutional Assessment staff team as they prepare USVI Small Businesses with the tools necessary to secure their data and electronic information. Learn common fallacies for small businesses regarding cybersecurity, the types of threats encountered, strategies for combating the threats, and how to get started. This interactive webinar is free of cost and includes a question-and-answer segment.

In this session, you will learn:

•            What is ransomware and how it works

•            Ransomware prevention

•            How to understand cyber threats and what to do about them

We will provide practical insights and actionable strategies to enhance your ability to effectively mitigate ransomware threats.

Wednesday, February 5, 2025 - 10:00 (EST)
January 29
Cybersecurity Series: Phishing and Email Threat Awareness

Join the UVI Information Services & Institutional Assessment team as they prepare USVI Small Businesses with the tools necessary to secure their data and electronic information. Learn common fallacies for small businesses regarding cybersecurity, the types of threats encountered, strategies for combating the threats, and how to get started. This interactive webinar is free of cost and includes a question-and-answer segment.

This session’s topics will explain:

•            What is phishing and how it works

•            Different types of phishing attacks

•            Red flags to watch out for in suspicious emails

•            Best practices for protecting sensitive information

•            How to report phishing attempts

In today's digital age, phishing attacks have become increasingly sophisticated and prevalent. These deceptive tactics target individuals and organizations alike, aiming to compromise sensitive information, financial resources, and even the reputation of companies. It is imperative that we equip ourselves with the knowledge and tools necessary to identify and work to prevent these threats.  Our goal is that you leave the session with a heightened awareness and the ability to confidently navigate through potential phishing and other email threats.

Wednesday, January 29, 2025 - 10:00 (EST)
January 28
Introduction to Log Management (IR210)

The Cybersecurity and Infrastructure Security Agency (CISA) is proud to present the Introduction to Log Management (IR210) Cyber Range Training event. The 200-level training events are open to government employees and contractors across federal, state, local, tribal, and territorial government, educational partners, and critical infrastructure partners. Please use your organization email address when registering.

This course is ideal for those working in cybersecurity roles who are interested in learning technical incident response skills and requires active engagement from all participants. The course assumes a mixed audience (e.g., from disparate teams and organizations) of mixed capability.

Log files provide the data that are the bread and butter of incident response, enabling network analysts and incident responders to investigate and diagnose issues and suspicious activity from network perimeter to epicenter. Participants will be introduced to basic principles of log management and configuration. Federal compliance regulations of log configuration and management including OMB Memo M-21-31 will also be introduced.

Experience these benefits and more: 

  • Common attack methods: Understand the importance of the configuration, management, and analysis of logs for incident response and identify key processes of log management. 
  • Practice in a realistic environment: Investigate and analyze log data for suspicious activity. Detect and correlate possible IOCs or malicious activity with threat intel. Exercises include configuring a DNS server, network device firewall, an operating system and more for propper logging.  
  • Expert facilitation and peer discussion: Throughout the course, expert cybersecurity engineers will moderate discussions and conduct a recovery debrief for the exercises. Participants are also encouraged to help one another and offer relevant input to address peers' questions.

This exercise is a step-by-step, facilitated experience that uses a keyboard approach to understand these topics in a realistic technical environment.

Approved registrants must attend a mandatory student technical check the day before the training to establish a connection to the course content and lab environment.

Tuesday, January 28, 2025 - 09:00 (EST)