Past Events

The Cybersecurity and Infrastructure Security Agency (CISA) is proud to offer Incident Response Training event, Defend Against Ransomware Attacks Cyber Range Training (IR209) on Thursday, December 7, 2023, from 9 a.m. to 1 p.m. EDT. The 200-level training events are open to government employees and contractors across federal, state, local, tribal, and territorial government, educational partners, and critical infrastructure partners. Please use your organization email address when registering. 

This course is ideal for those working in cybersecurity roles who are interested in learning technical incident response skills and requires active engagement from all participants. The course assumes a mixed audience (e.g., from disparate teams and organizations) of mixed capability.   

Ransomware is the fastest growing malware threat targeting home, business, and government networks. Anyone with a computer connected to the internet is a target. Ransomware infection is one computer, one person, one click away from penetrating a network’s defense. If just one computer becomes infected with ransomware it could quickly spread all over the network, which is why ransomware protection is critical. Ransomware incidents have become increasingly prevalent and pose an enormous risk to you and your organization’s critical infrastructure. In this training, participants will be introduced to common applications and process that harden network defenses, as well as key terms to be aware of in the prevention of ransomware attacks. 

Experience these benefits and more: 

• Common attack methods: Define ransomware and identify best practices and preventive measures to mitigate the impact of ransomware attacks. 

• Practice in a realistic environment: Learn how to apply specific tools to configure and backup active directory policies, reset KRBTGT account passwords and create application allowlisting policies. 

• Identify and mitigate vulnerabilities in real time: Students will identify malicious domains and mitigate them by establishing a sinkhole and by blocking the malicious domain.  

• Expert facilitation and peer discussion: Throughout the course, expert cybersecurity engineers will moderate discussions and conduct a recovery debrief for the exercises. Participants are also encouraged to help one another and offer relevant input to address peers' questions. 

This exercise is a step-by-step, facilitated experience that uses a keyboard approach to understand these topics in a realistic technical environment.  

Approved registrants must attend a mandatory student technical check the day before the training to establish a connection to the course content and lab environment.  

EVENT LOGISTICS 

• Date: Thursday, December 7, 2023 

• Time: 9 a.m. to 1 p.m. EDT 

• Location: Online via WebEx 

• CPE Credit: Participants can earn 4 CPE credits for attending this course. 

• Attendee Requirements: This course requires active participation. Attendees can use government-issued computers or personal computers. A second monitor is recommended. 

• Note: Audio is through WebEx; there is no external dial-in. 

• Closed captioning (English only) will be available during this training event. Previously recorded webinars are available on the CISA YouTube Channel for playback in other languages, if required. 

Due to participation requirements, please register no later than 48 hours before the course starts. Cyber Insights will not accept registrations made less than 48 hours before the course start. 

The foundation for any security plan is Access Control.

The course covers the fundamentals for meeting the CMMC Level 1 requirements for protecting Federal Contract Information (FCI).
1. Level 1, Media Protection (MP) Domain a. Media Disposal
2. Level 1, Physical Protection (PE) Domain a. Limit Physical Access b. Escort Visitors c. Physical Access Logs d. Manage Physical Access 3. Level 1, System Communications Protections (SC) Domain; Topics: a. Boundary Protection a. Public-Access System Separation
4. Level 1, System Information Integrity (SI) Domain a. Flaw Remediation b. Malicious Code Protection c. Update Malicious Code Protection d. System and File Scanning
5. Review Level 1, Questions and Answers

Learn specific threats to look out for this holiday season & how to keep you and your small business protected.

Speaker: Quiana Gainey, Virginia SBDC Cyber Industry Expert

Learn About:

• Protecting Sensitive Data
• Preserving Intellectual Property
• Presenting Cyber Attacks

and more!

This month's presentation will focus on Social Media & Cyberspace, specifically protecting your data and reputation. We have all read about companies running into issues because their systems are "hacked" What should you do before that happens? It can be very costly in terms of your business liability and consumer trust. Learn what you need to do now for protection.

In this FREE seminar sponsored by Legal Aid Center of Southern Nevada and SCORE and hosted by the Las Vegas-Clark County Library District - West Charleston Library, you will learn how to protect your business in this new world of technology.

After the presentation, you will have the opportunity to meet with an attorney or SCORE Las Vegas mentor FREE of charge for a one-on-one consultation.

Learn specific threats to look out for this holiday season & how to keep you and your small business protected.

Speaker: Quiana Gainey, Virginia SBDC Cyber Industry Expert

The Cybersecurity and Infrastructure Security Agency’s (CISA) Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force presents its latest product, “Empowering SMBs: A Resource Guide for Developing a Resilient Supply Chain Risk Management Plan.” The Resource Guide was created to provide a valuable starting point for small and medium-sized businesses to develop and tailor an ICT SCRM plan that meets the needs of their business and serves as a supportive tool that can be leveraged to establish an actionable SCRM plan that will support the mitigation of risks and disruptions to their supply chains.

DAF CISO's Blue Cyber "Keep Safe!  Ransomware Protection Strategies! Let's get you the information and training you need to protect your U.S. Small Business from ransomware! 

With a Keynote from HBCU Leader: Dr. Tim Akers! 

Tuesday November 14 “Can you spot a Phish?”  Information you need to protect your U.S. Small Business from social engineering! A kickoff from co-host the Cattaraugus (NY) APEX Accelerator

Hear from NIST about how to keep your U.S. Small Business on the forefront of social engineering protections. Learn the methods/resources for your small business to manage this key risk to U.S. Small Business. CISA and other source help for your small business so you can have confidence that you have established robust defenses against falling victim to Phishing attacks. Phishing is the #1 way that you are targeted by cyber criminals and is vital you protect your U.S. Small Business. Walk away understanding how social engineering works, where to get training for your employees and what defenses constitute best practices for your defense. Free Open to the Public.  

While the internet has made the process of reaching out to customers increasingly easy for businesses, it has exposed business sensitive data and systems to hackers seeking to exploit loopholes.  

There is a common mindset among small and medium sized businesses that "I really shouldn't worry, I'm such a small target."  This mindset as well as the ease of automation has made it increasingly easy for hackers to target small and medium-sized businesses because of poor security practices.  Hackers consider these businesses as "easy pickings" because they are more easily compromised and are less likely to be discovered.  

Cyber breaches can be devastating in that they can result in financial losses, reputation damage, legal liability, loss of customer and stakeholder trust, productivity losses, and even the potential for going out of business.

This webinar will discuss some of the critical steps that must be taken to safeguard your business' cyber security and the ways to implement these steps.