The threat of cyberattacks, especially from nation-state hackers, has grown exponentially over the last decade. As the number of data breaches in 2021 has surpassed that of 2020, Cybersecurity Ventures analysis predicts that there will be a new attack every 2 seconds as ransomware perpetrators progressively refine their malware payloads and related extortion activities.
We should not only be concerned about the number of attacks, but also that hackers are becoming more systematic in their targeting. These attacks, directed at all levels of government and businesses, across countless industries, are resulting in data and property destruction, and theft of proprietary data, intellectual property, and sensitive financial information. The bottom line is that no individual or organization should think they are immune from cyberthreats.
Consider the 2019 cyberattack of SolarWinds, a major U.S. technology firm. According to the Foundation for Defense of Democracies, the attack on SolarWinds was dramatic and extensive because when Russian hackers penetrated the firm’s software development environment, they installed malware that the company inadvertently pushed out to its customers via security patch downloads. The company estimates that approximately 18,000 of its customers were infected with the Russian malware. Extrication of this malware took more than a year to complete and cost the U.S. government hundreds of millions of dollars.
Cybersecurity awareness and prevention is the responsibility of everyone.
We can all play a part in the defense of our personal data and our employers’ network and digital assets. Polls indicate that about two-thirds of Americans say they are very or extremely concerned about cyberthreats. We must learn to turn that concern into action.
Our courses, developed and taught by industry experts, engage participants in hands-on activities and provide one-on-one instructor guidance.
The El Camino College Solution to Cybersecurity Risk Assessment, Planning and Awareness
To help government agencies, private businesses and individuals assess and manage their cybersecurity risk, El Camino College has developed a range of training programs — from 25-hour workshops geared toward IT professionals in any industry, and DOD contractors and suppliers, to 10-hour workshops for executives and managers. We also offer 4- to 8-hour Cybersecurity Awareness training programs for every level of employee.
Our courses, developed and taught by industry experts, engage participants in hands-on activities and provide one-on-one instructor guidance. All of our cybersecurity courses are eligible for Employment Training Panel (ETP) funding that offsets the cost of the training. Learn more about ETP funding.
Cybersecurity Awareness for All Employees
A 4- to 8-hour cybersecurity training program on the various types of cyberthreats, how to recognize them and the steps employees in any industry can take to help protect their organization. Course topics include:
- Introduction to cybersecurity awareness and corporate threats
- Understanding cybercrime and internet risk
- Types of cyberattacks, including mobile threats
- Cybersecurity ethics
- Phishing and vishing
- Situational awareness and physical security
- Hacker tactics and countermeasures
- Working from home and company compliance
Managing Cybersecurity Risk
A 10-hour course that helps executives and managers in any industry understand and manage the cybersecurity risk to their company. Course topics include:
- Creating a National Institute of Standards and Technology (NIST)–compliant system security plan (SSP)
- Introduction to cybersecurity risk management
- Fundamentals of incident response
- Documenting and implementing an SSP and plan of action and milestones (POA&M)
- Insider threat fundamentals
A 25-hour hands-on course geared for IT practitioners in any industry who are charged with putting together a cybersecurity plan for their organization. Topics include:
- Creating a National Institute of Standards and Technology (NIST) compliant System Security Plan (SSP)
- Essential controls for protecting an organization’s networks and systems
- Important concepts for cybersecurity such as risk management, configuration management, incident response and insider threats
- Resources, reference materials and tools to assist participants to develop a Systems Security Plan (SSP) and Plan of Action and Milestones (POA&M) for their organizations
Cyber Labs for DOD Contractors
A 25-hour hands-on course is geared for small-to-medium-sized DOD contractors. This workshop supplements the core Cyber Labs curriculum with learning objectives specific to DOD cybersecurity requirements and policies including the following:
- Introduce participants to NIST 800-171 and variants, and the Cyber Maturity Model Certification (CMMC) 2.0.
- Introduce participants to essential controls for protecting their organization’s networks and systems, and how to map which potential CMMC level they can achieve
- Fundamentals of creating a Defense Federal Acquisition Regulation Supplement (DFARS 7012)
Tony Lopez, Ph.D., is a vice president and chief information security officer at INDUS Technology, Inc., and is responsible for the development and implementation of both INDUS’ NIST 800-171 and internal threat programs. He has firsthand knowledge of the NIST 800-171, DFARS 7012 and Cyber Maturity Model Certification requirements and what it takes to meet these requirements. Dr. Lopez has over 25 years’ experience working in the defense industry and for federal agencies, 16 of these as director of information systems for INDUS Technology and today as vice president of operations and CISO. Dr. Lopez’s education includes a bachelor’s degree from Cal State San Luis Obispo in mechanical engineering, a master’s degree in business administration from the University of Phoenix and a Ph.D. from California Southern University in business administration with a concentration in computer science.
Larissa Breton is president of FullCircle Communications. Her company provides cybersecurity and engineering support services to the DOD, City of Los Angeles, City of San Francisco and other entities. She has been a leading subject matter expert to small businesses on DFARS 7012 regulations and a policy advisor to the DOD. Breton sits on the NIST NICE Workforce Management and K-12 committees and participates in the DOD/DHS/MITRE Software Supply Chain Risk Management working group. She is an adjunct faculty member at the University of Alaska Southeast, where she holds a Digital Faculty Fellowship. Breton earned her master’s degree in safety and security leadership from The George Washington University.