Security Program Management (SCPM-201)
This is a closed class. It requires a contract. On-site for 22 people.
Days: 5 Days Labs: Yes –Local Cyber Range
Type of Course: Advanced Security / Managerial
Prerequisite skills: Introduction to Cybersecurity (CYBR-INT-MAN or CYBR-INT-TECH)
About this course: Maps to the NICE Oversight and Development specialty areas providing leadership, management, direction, and/or development and advocacy so that all individuals and the organization may effectively conduct cybersecurity work backed up by industry-standard and organizationally accepted analysis principles and methods.
Goals: Managing information security implications within the organization, specific program, or other area of responsibility, including strategic, personnel, infrastructure, policy enforcement, emergency planning, security awareness, and other resources (e.g., CISO).
Topics: Program management principles and techniques, applicable business processes and technology integration process knowledge, principles and knowledge of applicable laws, technical processes executed by staff including: incident response, network attacks and penetration testing principles, tools, and techniques.
Methods of instruction: There are 8 different possible exercises that can be used in a module. Some examples include: threats and controls, case studies, risk analysis practice, and reading review. Technical labs will require basic skills in operating systems and virtualization. As soon as students become too comfortable, the instructor will switch methods.
Students are expected to have basic experience in the areas of networking and DoD Cybersecurity as well as knowledge of related Cybersecurity policies and procedures. Course support DISA responsibilities in DoD Cybersecurity Discipline Implementation Plan, DoD I 8551.01, the STIG’s and NIST SP800-53. The course covers topics in NICCS / NICE and ARTEP.