MAP IT Accelerator Presentation - 2023 05 02

Download as pdf or txt
Download as pdf or txt
You are on page 1of 26

APPRENTICESHIP PARTNERSHIP IN

INFORMATION TECHNOLOGY

Cybersecurity Training for Employers


WHY THIS IS IMPORTANT TO ALL ORGANIZATIONS

Security breaches can break a company

The average
The average lifecycle of
Average cost of a data The average time to Personal data was ransomware payment
a breach is 280 days
breach is $3.86 million identify a breach in 2020 involved in 58% of rose 33% in 2020 over
from identification to
as of 2020 (IBM) was 207 days (IBM) breaches in 2020 (IBM) 2019, to $111,605
containment (IBM)
(FinTech News)

In 2018, an average of The average cost of a


94% of malware is 48% of malicious email
10,573 malicious mobile ransomware attack on a
delivered by email attachments are office
apps were blocked per business is $133,000
(CSO online) files (Symantec)
day (Symantec) (SafeAtLast)
PROGRAM OVERVIEW
FOR APPRENTICES
Focuses on IT-related industries
Develops apprenticeship programs specifically
within cybersecurity
Generates paths to industry certifications,
career/technical certificates, college-credit
certificates, and degree programs focused on
workforce training
For high-wage, high-growth fields to upskill
incumbent workers’ technological skills and/or
skill gaps
Online, self-paced independent study
Each course is eight weeks
Skilled workforce Recruit and develop a highly skilled
workforce that grows your business

Positive impact to your Improve productivity, profitability, and


bottom line your bottom line

Reduce turnover Minimize cost with reduced turnover and


liability

Customizable on-the-job Create flexible training options that


(OJT) training ensure workers develop the right skills

Retain workers 94% of apprentices continue


HOW CAN AN employment after completing an
APPRENTICESHIP apprenticeship

PROGRAM BENEFIT YOU? Diversity Foster a diverse and inclusive culture


APPRENTICESHIPS OFFERED BY
POLK STATE COLLEGE
• Pre-Apprentice Program (Pre)
• Unregistered Apprenticeship (URAP) *
• Registered Apprentice Program (RAP) *
• *Florida Department of Labor and Education Sponsored
ELEMENTS OF
UNREGISTERED
APPRENTICESHIP

Employer Involvement
Customized OJT – Hands On
Related Instruction
Learn and Earn
Graduates receive nationally
recognized credential signaling
to employers that apprentices
are fully qualified
UNREGISTERED APPRENTICESHIP PROGRAM
• Completion Requirements
• 1 course
• 3 credits
• 64 hours of related instruction
• Customized OJT Course Optional Certification Eligible after Training
CIS2772C CCNA Cybersecurity Operations Certification: 200-201CBROPS / Vendor: CISCO

CTS2126C Cybersecurity Analyst Certification: PCNSA, PCCET / Vendor: CompTIA

CGS2135C Computer Forensics Certification: Certified Hacking Forensic Investigator


(CHFI) / Vendor: EC-Council
CET2688C System Security Certified Practitioner Certification: SSCP / Vendor: ISC2

CIS2352C Ethical Hacking Certification: CEH / Vendor: EC-Council


CTS2376C Firewall Services and Cybersecurity Certification: PCNSA or PCCET / Vendor: Palo Alto
Essential
CTS2312C Certified Cloud Security Engineer Certification: CCSP / Vendor: ISC2
ELEMENTS OF REGISTERED
ELEMENTS APPRENTICESHIP
OF REGISTERED PROGRAM
APPRENTICESHIP

• Related Instruction
• CCNA Cybersecurity Operations
• Computer Forensics
• Cybersecurity Analyst
• System Security Certified Practitioner
• Ethical Hacking
 Business Involvement
 Structured OJT – Hands On • Completion Requirements
 Related Instruction
 Learn and Earn – Reward for Skills Gained • 5 courses – within 12-month period
 Graduates receive nationally recognized credential and FLDOE • 15 credits
Certification signaling to employers that apprentices are fully
qualified meeting State of Florida requirements • 320 hours (64 per class)
• 2000 hours structured OJT
RELATED INSTRUCTION

CCNA Cybersecurity Operations


This course provides enhanced training and skillsets
required for the Certified Cisco Entry Networking
Technician (CCENT) designation for network security
professionals. The curriculum provides an introduction
to core security concepts and skills needed for
installation, troubleshooting, and monitoring of
network devices to maintain the integrity,
confidentiality, and availability of data and devices.
Certification: 200-201 CBROPS
Vendor: CISCO
RELATED INSTRUCTION

Computer Forensics

This course surveys the principles and practices required to obtain


and preserve evidence in a computer forensics investigation
including computer forensic tools, incident and crime-scene
processing, digital evidence control, and reporting.

Certification: EC-Council’s Certified Hacking Forensic Investigator


(CHFI)
RELATED INSTRUCTION

Cybersecurity Analyst (CySA+)

This course covers the information and skillsets necessary for


responding to cybersecurity threats and attacks, including the
application of environmental reconnaissance techniques such as OS
fingerprinting, e-mail harvesting, and social media profiling using
various tools (e.g., Nmap, netstat, and Syslog). Training enables the
participant to analyze the results of network reconnaissance,
recommend or implement countermeasures, and secure a corporate
environment by scanning for vulnerabilities. The course incorporates
response strategies for cyber incidents such as using a forensics
toolkit, maintaining the chain of custody, and analyzing the severity
of an incident.

Certification: PCNSA, PCCET Vendor: CompTIA


RELATED INSTRUCTION

System Security Certified Practitioner

This course provides an overview of internationally accepted


guidelines and protocols related to seven security domains: access
controls; security operations and administration; risk identification,
monitoring, and analysis; incident response and recovery;
cryptography; network and communications security; and systems
and application security.

Certification: SSCP Vendor: ISC2


RELATED INSTRUCTION

Ethical Hacking

This course emphasizes the techniques and methodologies applied for


security-penetration testing. It includes hands-on instruction in various
tools and methods used to analyze an information system to discover
vulnerabilities and protect against information loss, cyber terrorism,
and corporate espionage. The course provides an overview of
fundamental security testing concepts, practical skillsets related to
computer programming, and techniques to properly document a
security test. In addition to exploring the legal and ethical
ramifications of penetration testing, the student develops the ability
to apply appropriate countermeasures that reduce the risk to an
organization.

Certification: CEH Vendor: EC-Council


RELATED INSTRUCTION

Firewall Services and Cybersecurity Essentials (unregistered only)

This course surveys the fundamental tenants of cybersecurity and the general
security concepts involved in maintaining a secure network computing
environment. The student explores the nature and scope of today’s
cybersecurity challenges and applies various network-defense strategies.
Detailed information about next-generation cybersecurity solutions is included,
allowing the student to deploy a variety of security methodologies,
technologies, and concepts involved in implementing a secure network
environment. The curriculum focuses on the information and skillsets required to
install, configure, and manage firewalls for defense of enterprise network
architecture. The student applies the theory and configuration steps for setting
up the security, networking, threat-prevention, logging, and reporting features
of next-generation firewall technologies.

Certification: PCNSA, PCCET Vendor: Palo Alto


RELATED INSTRUCTION

Certified Cloud Security Engineer (unregistered only)

This course covers topics such as cloud concepts, architecture and


design, cloud-data security, cloud-platform and infrastructure
security, cloud-application security, cloud security operations. The
student gains technical skills including the ability to design,
manage, and secure cloud data, applications, and infrastructure.

Certification: CCSP Vendor: ISC2


UNREGISTERED OJT TRAINING SNAPSHOT
RELATED TECHNICAL
INSTRUCTION
APPRENTICES EMPLOYED UNDER THESE STANDARDS SHALL
COMPLETE A MINIMUM OF 64 HOURS TOTAL OF SUPPLEMENTAL
HOURS INSTRUCTION IN TECHNICAL SUBJECTS RELATED TO THE
OCCUPATION. MUST COMPLETE A MIMINUM OF 40 HOURS ON-THE-
MINIMUM TERM OF 40 JOB TRAINING ON COMPETENCIES.
HOURS

TRAINING
APPROACH
COMPETENCY-BASED

LENGTH OF TIME
ALLOWED
AT THE DISCRETION OF
THE EMPLOYER
RAP OJT TRAINING SNAPSHOT
HOURS RELATED TECHNICAL INSTRUCTION
TERM OF 2,000 HOURS
APPRENTICES EMPLOYED
UNDER THESE STANDARDS
SHALL COMPLETE A
TRAINING MINIMUM OF 144 HOURS
TOTAL OF SUPPLEMENTAL
APPROACH INSTRUCTION IN TECHNICAL
SUBJECTS RELATED TO THE
COMPETENCY-BASED
OCCUPATION IN A 12 MONTH
PERIOD AND COMPLETE A
MINIMUM OF 2000 (1 YEAR ON
LENGTH OF TIME JOB) OF ON-THE-JOB
TRAINING HOURS
12 MONTHS
CONTINUOUS ON-THE-
JOB EMPLOYMENT
INCLUDING
PROBATIONARY PERIOD
EXAMPLE COMPETENCIES AFTER TRAINING

• Network Monitoring - Understand


the concepts of Network Security
• Securing networks using Cisco
Monitoring (NSM)
hardware and software
• Incident Lifecycle: Monitoring
events across devices on a
• Secure information systems through
network
monitoring, assessing, investigating,
• Foundation of security and deploy • The Role of Threat Intelligence -
analyzing, and responding to a secured wireless network understand the value a strong
security events for the purpose of
• Configure firewalls to prevent threat intelligence feed brings to
protecting systems from
common attacks while maintaining an organization
cybersecurity risks, threats, and proper usability of devices and
applications • Successfully introduce a threat
vulnerabilities
platform and threat intelligence
• Securing technologies establishing a into the SOC
consistent patch cycle for updates
• Implement a vulnerability scanning
program to proactively discovery
vulnerable technologies
EXAMPLE COMPETENCIES AFTER TRAINING (CONTINUED)

• Digital Investigations
• Understand the role forensics plays with incident response and threat hunting • Certified Cloud Security Professional can Identity and
• Describe the different types of investigations (law enforcement, administrative, and Access Management (IAM): Manage users and their roles
regulatory) according to a least-privilege model
• Digital Forensics • Securely manage keys, access credentials, and application
• Capture data and metadata of different file types; Understand popular file types secrets
and their formats
• Know the role Hardware Security Modules (HSM) plays for
• Acquisition of Evidence cloud environments
• Acquire forensic data from devices (computers, laptops, servers, mobile phones) • Platform-as-a-Service (PaaS) and Infrastructure-as-a-
• Acquire forensic data from virtual machines (virtualized computers) Service (IaaS): Understand the security responsibilities of
• Analysis of Evidence organizations for PaaS and laas environments
• Understanding how tools perform data carving and recovery • Network Security Monitoring (NSM) - policy violations and
• Identify common forensic tools for specific forensic acquisitions
misconfigurations and understand how to respond/mitigate
incidents originating in the cloud and when to contact cloud
• Reporting providers
• Understand the legal requirements for permissible court-related evidence •
• Demonstrate proficiency in maintaining the proper "Chain of Custody"
• Document the legal processes for securing evidence
• Understand the purpose of organization policies and consent
• Understand court processes, technical vs expert witnesses, and how to testify
EXAMPLE COMPETENCIES AFTER TRAINING (CONTINUED)

Systems Security Certified


Practitioner
• Understanding authorization and what constitutes a
• Network Defenses: The ability to Computer Fraud and Abuse Act (CFAA) federal crime
architect a secure network • Types of Pentest and Red Team Engagements
• Mitigate an attack against a • Understand the scope of a pentest
network device • Reconnaissance: Use passive and active open-source
• Networking and Protocols: Explain intelligence (OSINT) to perform reconnaissance against an
layer 3 and 4 protocols along with organization
their use-cases (IP/ICMP/TCP/UDP) • Vulnerability Scan: Execute a successful vulnerability scan
• Network Traffic Monitoring & against the perimeter of a network and it's applications
Security: Deploy a network device • Exploitation: Leverage the vulnerabilities to gain access to
on the perimeter that can networks, devices, or applications
withstand attacks • Reporting: Document the vulnerabilities and
recommendations in a way that demonstrates risk to an
organization

COST ANALYSIS AND BREAKDOWNS

Unregistered (URAP) =Training, Labs, & Books:


Average for Single Training Option = $586.35
• Average with a certification exam $870.86

Registered (RAP)= Training, Labs, & Books:


Total Costs for Program = $3,082.58
• Total with all optional certification exams =
$4,338.11

Safal Partners agrees to reimburse each sponsoring employer $500


toward the training of Registered Apprentices
Course Training
Total Optional Industry
*FLORIDA Apprenticeship Certification Certification Exam With
Course Resident Lab Book Costs Program Exam Fee (Optional) Certification Attached Total Program
CIS2772C CCNA Cybersecurity $336.66 $60.00 $0.00 $396.66 $300.00 Certification: 200-201CBROPS / Vendor: CISCO $696.66
Operations (RAP or URAP)

CTS2126C Cybersecurity Analyst $336.66 $60.00 $155.99 $552.65 $254.00


Certification: Cybersecurity Analyst $806.65
(RAP or URAP)
(CySA+) Certification-CSO-002 / Vendor:
CompTIA
CGS2135C Computer Forensics (RAP $336.66 $60.00 $369.45 $766.11 $230.00 Certification: Certified Hacking Forensic $996.11
or URAP) Investigator (CHFI) / Vendor: EC-Council
CET2688C System Security Certified $336.66 $60.00 $228.56 $625.22 $241.53 Certification: SSCP / Vendor: ISC2 $866.75
Practitioner (RAP or URAP)

CIS2352C Ethical Hacking (RAP or $336.66 $60.00 $345.28 $741.94 $230.00 Certification: CEH / Vendor: EC-Council $971.94
URAP)

CTS2376C Firewall Services and $336.66 $60.00 $0.00 $396.66 $155.00 Certification: PCNSA or PCCET / Vendor: Palo Alto $551.66
Cybersecurity Essentials (URAP
only)

CTS2312C Certified Cloud Security $336.66 $60.00 228.56 $625.22 $581.03 Certification: CCSP / Vendor: ISC2 $1,206.25
Engineer (URAP only)
SPONSORING EMPLOYER PARTNERS

Kegel LLC
Alternative Choice Wireless
Quintanilla Consulting City of Fort Lauderdale
IT Protectorate City of Haines City
Polk State City of Sarasota
Badcock Hillsborough County BOCC
A-C-T Environmental & Sarasota Sheriffs
Infrastructure Zoom Video
City of Auburndale Communications Inc
City of Lakeland Dundee Tech Solutions
Alachua County BOCC I-Tech Support
Lake County Sheriff's Office Highlands County Clerk of
Martin County BOCC Courts
Sixth Judicial Court Publix Federal Credit Union
Air Force - Security
Operations
Alternative Choice Wireless
Florida Baptist Church of
Lake Wales
AgAmerica Lending
PROGRAM INVESTMENT:
APPRENTICESHIP
PROGRAM

• With more than 2,200 cyberattacks


taking place each day and the average
cost of a data breach reaching $4.24
million, the need for highly skilled “CYBERSECURITY SUPPORT TECHNICIAN
cybersecurity professionals is greater R E G I S T E R E D D O L O C C U PAT I O N :
R E G I S T E R E D D E N OT E S T H I S
than ever. Polk State College is offering O C C U PAT I O N H A S B E E N V E T T E D B Y
the Cybersecurity Technician I N D U S T RY A N D A P P R OV E D B Y T H E U. S.
Apprenticeship Program to provide D E PA R T M E N T O F L A B O R F O R U S E I N A
REGISTERED APPRENTICESHIP
businesses with an affordable, quality P R O G R A M .”
solution to upskill their employees through
related technical training. W W W. A P P R E N T I C E S H I P. G OV
CONTACT US
Contact: Howard Drake, Director of Corporate College
Phone No: 863.669.2321
Email: [email protected]

Contact: Christy Canady, Project Support Specialist


Phone No: 863.297.1010 x4664
Email: [email protected]

[email protected]

You might also like