Past Events

Making your business cyber ready doesn’t just make good sense, it can also prevent financial losses and solidify your credibility in the eyes of your customers. In this webinar we’ll look at the real financial and time costs of putting basic cybersecurity measures in place. We’ll also consider what percentage of your assets could be at risk if you do not establish basic cybersecurity readiness practices in your business.

Speakers: Cybersecurity Program Manager Paul Johnson and Program Assistants Marree Reed, Izzy Carbert, Ian Moon, and Kaeden Adams

Empower your small business with a deep dive into cybersecurity basics at our upcoming Introduction to Cybersecurity event. Discover practical strategies to protect your business online. Join us for insights tailored to small businesses, ensuring your digital assets are secure. Do not miss out on the chance to boost your digital security knowledge.

This event will cover cybersecurity basics including:

1. The importance of cybersecurity for your business and personal online presence.
2. Common cybersecurity threats and how to protect yourself from them.
3. Planning for incidents and recovery.
4. Recovering from an incident.
5. Cybersecurity resources for you.

Small businesses are prime targets for online threats. Secure your sensitive data from being compromised before it's too late.

As cybersecurity regulations tighten and compliance expectations rise, small businesses are facing increasing pressure to secure their data and systems. 

This webinar will break down the evolving landscape of cybersecurity compliance, why governance, not just technology, is the missing piece in most security programs, and how businesses can implement systematic and predictable security practices. We’ll also cover cyber insurance requirements, basic cybersecurity hygiene, and why most IT providers aren’t equipped to systemize security programs for compliance. Join us to learn how to stay ahead of regulatory demands and protect your business.

Presenter: Mark Jackolski, Director of Risk and Compliance, (ShellProof Security)

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. Attacks on information systems is an issue for companies of all sizes as well as individuals. In this workshop, the presenter will cover how to secure your data and what should be put in place to better protect the company and client’s information. He will also cover a description of the types of cybersecurity attacks and different approaches to protect against them as well as how to be better prepared and informed in case of a possible breach or attack.

CISA is proud to offer the cybersecurity awareness webinar, Introduction to Network Diagramming (IR107).  We are excited to share this information with stakeholders across the federal enterprise and nationally. 

The target audience for this webinar are non-technical and beginning incident responders.

To protect the confidentiality, integrity, and availability of an agency’s network and the data contained therein, cybersecurity professionals must be able to identify their network enterprise accurately and completely. Network diagrams are essential and serve to help visualize what is on the network, how the overall network is structured, and how all the devices on the network are connected. Every organization should build and maintain current and accurate network diagrams to help manage their network architecture and ultimately determine how to best mitigate potential or realized risks and vulnerabilities.

This webinar includes the following information and more: 

• Importance of network diagrams: Students will learn the importance of creating and maintaining network topology diagrams. Students will also understand the importance of identifying data flows and storage, identifying remote access points and external connections, and network segmentation for security. 

• Key Guidance for organizations: CISA provides guidance on what to include in network diagrams.  

• Knowledge check: The course concludes with a brief knowledge check section to reinforce key concepts and takeaways.

Discover essential tools & strategies for keeping your small business cyber-safe!

You don’t need a massive IT budget to protect your business from cyber threats. This webinar will highlight affordable and effective cybersecurity tools, risk management strategies, and best practices tailored for small business owners.

To address the ever-evolving cybersecurity landscape and equip organizations with information and resources to more quickly and effectively manage cybersecurity risk and improve their cybersecurity posture, NIST published a significant update to the NIST Cybersecurity Framework in 2024—CSF 2.0—the first major update to the framework in 10 years. Throughout the last year, organizations of all sizes and sectors have spent time familiarizing themselves with the CSF 2.0 and many are in the process of upgrading their cybersecurity security posture informed by CSF 2.0. 

In the first episode of NIST’s new multi-part CSF 2.0 webinar series, we will provide an overview focused on implementing CSF 2.0, including:

• Why organizations would want to upgrade and how to foster bidirectional cybersecurity risk communications between leadership and practitioners. 
• Practical actions organizations can take to implement the CSF 2.0. 
• What resources are available to assist with implementation.

Time will be reserved at the end for audience questions. 

Speaker: Stephen Quinn, Senior Computer Scientist and CSF Project Lead, NIST

The Cybersecurity and Infrastructure Security Agency (CISA) is proud to offer the Incident Response Training event, Defending Internet Accessible Systems Cyber Range Training (SS204). The 200-level training events are open to government employees and contractors across federal, state, local, tribal, and territorial government, educational partners, and critical infrastructure partners. Please use your organization email address when registering.

This course is ideal for those working in cybersecurity roles who are interested in learning technical incident response skills and requires active engagement from all participants. The course assumes a mixed audience (e.g., from disparate teams and organizations) of mixed capability.

Participants will be introduced to tactics and strategies that enable them to protect their organizations from attacks against internet accessible system(s) (i.e., Internet Accessible System Attacks or IAS), through awareness of individual and organizational points of vulnerability.

Experience these benefits and more: 

• Practice in a realistic environment: Define IAS Vulnerabilities and their indicators. 

• Learn how to implement CISA guidance: Course exercises include implementation of the recommendations in BOD 19-02. 

• Identify and mitigate vulnerabilities in real time: Students will identify common methods of scanning for vulnerabilities, analyzing event logs, and modifying firewall rules.  

• Expert facilitation and peer discussion: Throughout the course, expert cybersecurity engineers will moderate discussion and conduct a recovery debrief for the exercises. Participants are also encouraged to help one another and offer relevant input to address peers' questions.

This exercise is a step-by-step, facilitated experience that uses a keyboard approach to understand these topics in a realistic technical environment.

Approved registrants must attend a mandatory student technical check the day before the training to establish a connection to the course content and lab environment.