FEMA, the people we think of when disaster strikes in the US, has a lot of good emergency preparedness training resources- which you would expect. Check out their Emergency Management Institute for the course catalog of on-site and self-study courses for disaster prep; you can find general purpose training for individuals here.
What you might not expect is that FEMA would offer Cyber Security training- but they do, and it is good. Information is at the Act Online site, including schedules for on-site training and the list of self-study courses. From the site:
"ACT Online is an evolution of the Information Assurance program offered by the University of Memphis Center for Information Assurance. A partnership with Vanderbilt University and SPARTA, Inc. expands the proven classroom instruction into a fully capable web based method of instruction.
ACT Online provides a unique combination of expertise and capabilities and we leverage the background of a successful academic program in information assurance uniquely recognized by US Department of Homeland Security. Our nationwide program uses a comprehensive approach to prepare professionals in identifying assets, recognizing vulnerabilities, prioritizing assets and implementing protection measures in cyber infrastructure."
They currently have four courses up and five more are in various stages of development. The course catalog lists courses for general/non-technical, IT technical/professional and business professionals- from basics to ethics and forensics.
OK, I need to pause here- yes, it is the same FEMA that underwhelmed us in the aftermath of Hurricane Katrina. And yes, they are under DHS, the same folks who oversee TSA- the folks who run airport "security" in the US. Don't hold that against them, FEMA is really trying to do some good work, and this is only one example of the new face of FEMA. It is good stuff, and they are good people.
There is real content in these courses, and the testing isn't simple- the "Information Security Basics" pre-qualifying test made me think about things I haven't considered since taking my CISSP exam. You can actually learn valuable things, and you can even turn trainable end-users (if there is such a thing) loose on the "Information Security for Everyone" course and raise their awareness. The courses can also be used for running your own formal training sessions with the available training coordinator and reporting functions.
Note: You must be a US citizen to take advantage of this training. I suppose you could lie about your citizenship, but if you do- I suggest you to skip the Cyber Ethics course.
Jack
2 comments:
"We're sorry but due to your citizenship you are not able to view our courses.
Please visit: this link for more information."
Which brings up:
You must be a US citizen to participate in ACT Online. ACT Online requires registration. Training is provided for (but not limited to):
Federal, state and local workers
DoD and contractors
Utility companies
Transportation and shipping companies
First responders
IT firms, law firms, consulting firms
Manufacturing management
Health care or administration of health care
Universities or schools of higher learning
Those in fuel, food or necessities distribution
Financial institutions or services
You may also be referred to the course by someone from Infragard, law enforcement, DHS, Government, a university or known to staff of ACT-Online
What a load of crap...
Excellent point, Andrew. I can't come up with a good argument for restricting the content. It clearly doesn't require a clearance of any sort (or they wouldn't let me near it). Sharing security info is key to solving the problems, I think the restriction just serves to frustrate people who are trying to learn.
Post a Comment