A common understanding and lexicon for CyberSecurity work (NICE)

CyberSecurity-free-resources-animation

The National Initiative for CyberSecurity Education (NICE) is a nationally coordinated effort focused on CyberSecurity awareness, education, training, and professional development. Its goals are to encourage and help increase CyberSecurity awareness and competence across the nation and to build an agile, highly skilled CyberSecurity workforce capable of responding to a dynamic and rapidly evolving array of threats.

NICE has published the National CyberSecurity Workforce Framework (“the Framework”) to provide a common understanding and lexicon for CyberSecurity work that is to be used to describe all CyberSecurity work and workers irrespective of where or for whom the work is performed. The Framework is intended to be applied in the public, private, and academic sectors.

The New Horizons CyberSecurity portfolio of courses is designed to provide security training no matter your level of experience or requisite need. New Horizons also offers industry CyberSecurity certification training options to build your workforce’s knowledge, skills, and abilities, and that correspond to the NIST CyberSecurity Framework Core areas, as well as courses and certifications that align to the seven high-level categories of the NICE CyberSecurity Workforce Framework.

The interactive New Horizons NICE Framework below shows where CyberSecurity training offerings and certifications align to the seven high-level categories of the NICE CyberSecurity Workforce Framework.

Analyze

Specialty areas responsible for highly specialized review and evaluation of incoming CyberSecurity information to determine its usefulness for intelligence.

Job Areas include:

  • Threat Analysis
  • All Source Intelligence
  • Exploitation Analysis
  • Targets 

EC-Council Certified Ethical Hacker (CEH)

Who Should Attend
The Certified Ethical Hacking course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

What Is This Course About?
In 18 comprehensive modules, the course covers 270 attack technologies, commonly used by hackers. Throughout the CEH course, you will be immersed in a hacker's mindset, evaluating not just logical, but physical security.

View course outline and dates

CompTIA CyberSecurity Analyst (CSA+)

Who Should Attend
IT professionals with (or seeking) job roles such as IT Security Analyst, Security Operations Center (SOC) Analyst, Vulnerability Analyst, CyberSecurity Specialist, Threat Intelligence Analyst, and Security Engineer. 

What Is This Course About?
CompTIA’s CyberSecurity Analyst (CSA+) training from New Horizons teaches students to apply behavioral analytics to improve the overall state of IT security, providing critical knowledge and skills that are required to prevent, detect and combat CyberSecurity threats.

View course outline and dates

CSX Specialist: Identify and Protect

Who Should Attend
The Identify and Protect course is ideal for experienced individuals in the field of cyber security who are interested in gaining hands-on technical skills. 

What Is This Course About?
This week-long course will help students gain an intermediate-level understanding of the concepts, skills and tools required to identify threats and weaknesses and protect an organization from cyber attacks.  They will learn how to analyze and assess cyber threats against multiple levels of infrastructure, from host to system-level, using industry accepted methods and tools as governed by the NIST and ISO publication guidelines.  In addition, students will learn to establish, maintain, and develop a holistic protection policy for the networks under their responsibility – including network protection techniques, such as Intrusion Detection System (IDS) implementation and firewall rule configuration – and how to use specific tools in protecting a network. 

Coming Soon

CSX Specialist:  Respond and Recover

Who Should Attend:
The Respond and Recover course is ideal for experienced individuals in the field of cyber security who are interested in gaining hands-on technical skills. 

What Is This Course About?
This week-long course will help students gain an intermediate-level understanding of the concepts, skills and tools required to maintain, enact and develop organizationally unique incident response plans. They will learn response techniques, such as malware removal, account deletion, and access revocation. In addition, they will understand how to utilize specialized malware identification and removal tools. In addition, students will learn how to execute tasks identified in organizational Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP). They will learn to utilize recovery techniques, such as data integrity evaluation, alternative site maintenance and post event restoration. In addition, they will learn how to use specialized integrity evaluation and backup dispersion tools.

Coming Soon

CyberSec First Responder: Threat Detection and Response

Who Should Attend:
This course is designed for IT professionals who perform job functions related to the development, operation, management, and enforcement of security capabilities for systems and networks. 

What Is This Course About?
In this course, students develop, operate, manage, and enforce security capabilities for systems and networks, including assessing information security risk in computing and network environments, designing and operating secure computing and network environments, and collecting CyberSecurity intelligence information.

View course outline and dates

Firewall: Advanced Threat Management (PAN-231)

Who Should Attend:
This course is suited for firewall administrators, network security administrators, and other technical professionals who have completed PAN-201 and have an understanding of network concepts, including routing, switching, and IP addressing. They also will need in-depth knowledge of port-based security and security technologies such as IPS, proxy, and content filtering. 

What Is This Course About?
This two-day, instructor-led course teaches strategies in defense against cyberthreats. Successful completion of this course enables administrators to better understand the threat landscape. Students will learn the use of Palo Alto Networks next-generation firewalls, including the WildFire product. 

View course outline and dates

EC-Council Certified Security Analyst (ECSA)

Who Should Attend:
Ethical Hackers, Penetration Testers, Network Server Administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment Professionals. 

What Is This Course About?
In this course will provide students will conduct a penetration test on a company that has various departments, subnets and servers, and multiple operating systems with defense mechanisms architecture that has both militarized and non-militarized zones. 

View course outline and dates

Collect and Operate

Specialty areas responsible for specialized denial and deception operations and collection of CyberSecurity information that may be used to develop intelligence.

Job Areas include:

  • Collection Operations
  • Cyber Operations
  • Cyber Operations Planning 

CSX Practitioner: Identification and Protection

Who Should Attend
The Identification and Protection course is ideal for individuals in the field of cyber security who are interested in gaining hands-on technical skills. 

What Is This Course About?
The first course in the CSX Practitioner series focuses on key cyber security skills and includes foundational, real world instruction in the Identify and Protect domains. Topics range from preliminary network scanning to security control implementation. Through the completion of multiple lab-reinforced modules, students will learn how to apply industry-developed, experience-based methods to the identification of key networks and learn to develop appropriate protection mechanisms. 

Coming Soon

CSX Practitioner: Detection

Who Should Attend
The Detection course is ideal for individuals in the field of CyberSecurity who are interested in gaining hands-on technical skills. 

What Is This Course About?
The second course in the CSX Practitioner series goes deeper into skills focused in the Detect domain. Students will learn the basic concepts, methods and tools used to leverage CyberSecurity controls in order to identify system events and non-event level incidents. By completing multiple lab-reinforced modules, students will gain the skills necessary to detect potential network events and incidents. Topics range from incident packet analysis to Incident Response (IR) report drafting and generation. 

Coming Soon

CSX Practitioner: Respond and Recover

Who Should Attend:
The Respond and Recover course is ideal for individuals in the field of CyberSecurity who are interested in gaining hands-on technical skills. 

What Is This Course About?
The final course in the CSX Practitioner series provides hands-on instruction in the Respond and Recover domains. With course lecture backed up by lab sequences, students will learn how to apply professional methodology to respond and recover from network incidents or disasters. Students will discover how to contain an event and protect assets and infrastructure, and learn the components and procedures required for a comprehensive incident response plan. 

The Respond domain shows students the basic concepts, methods and tools required to draft and execute comprehensive incident response plans, provide proper isolation response documentation, and how to document and maintain information related to Incident Response. 

In the Recover domain, students will master the basic concepts, methods and tools required to recuperate a system or network, as well as learn how to implement continuity and contingency plans. 

Coming Soon

CSX Specialist: Respond and Recover

Who Should Attend:
The Respond and Recover course is ideal for experienced individuals in the field of cyber security who are interested in gaining hands-on technical skills. 

What Is This Course About?
This week-long course will help students gain an intermediate-level understanding of the concepts, skills and tools required to maintain, enact and develop organizationally unique incident response plans. They will learn response techniques, such as malware removal, account deletion, and access revocation. In addition, they will understand how to utilize specialized malware identification and removal tools. In addition, students will learn how to execute tasks identified in organizational Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP). They will learn to utilize recovery techniques, such as data integrity evaluation, alternative site maintenance and post event restoration. In addition, they will learn how to use specialized integrity evaluation and backup dispersion tools. 

Coming Soon

Certified Information System Security Professional (CISSP)

Who Should Attend:
This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all 10 CISSP CBK domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. The CISSP exam is intentionally difficult and should not be taken lightly. Even students with years of security experience should assume that they will have additional study time after class. Because the domains are so varied, it is unlikely that any one student will have experience in all 10 domains. 

What Is This Course About?
In this course, students will analyze a wide range of information systems security subjects that are organized into 10 domains for CISSP exam certification. 

View course outline and dates

Investigate

Specialty areas responsible for the investigation of cyber events and/or crimes of IT systems, networks, and digital evidence.

Job Areas include:

  • Digital Forensics
  • Investigation 

Certified Information Systems Auditor (CISA)

Who Should Attend
The intended audience for this course is information systems security professionals, internal review auditors, and other individuals who have an interest in aspects of information systems audit, controls, and security. 

What Is This Course About?
In this course, students will evaluate organizational policies, procedures, and processes to ensure that an organizations information systems align with its overall business goals and objectives.

View course outline and dates

Certified Information Security Manager (CISM)

Who Should Attend
The intended audience for this course is information systems security professionals, and other individuals who have an interest in aspects of information security management and oversight. 

What Is This Course About?
In this course, students will establish processes to ensure that information security measures align with established business needs. 

View course outline and dates

EC-Council Computer Hacking Forensics Investigator (CHFI)

Who Should Attend:
The CHFI course will benefit police and other laws enforcement personnel, defense and military personnel, e-Business security professionals, systems administrators, legal professionals, banking, insurance and other professionals, and those who work for or with government agencies. 

What Is This Course About?
This course will provide participants the necessary skills to identify an intruders footprints and to properly gather the necessary evidence to prosecute in the court of law. 

View course outline and dates

CSX Practitioner: Identification and Protection

Who Should Attend:
The Identification and Protection course is ideal for individuals in the field of cyber security who are interested in gaining hands-on technical skills. 

What Is This Course About?
The first course in the CSX Practitioner series focuses on key cyber security skills and includes foundational, real world instruction in the Identify and Protect domains. Topics range from preliminary network scanning to security control implementation. Through the completion of multiple lab-reinforced modules, students will learn how to apply industry-developed, experience-based methods to the identification of key networks and learn to develop appropriate protection mechanisms. 

Coming Soon

CSX Practitioner: Detection

Who Should Attend:
The Detection course is ideal for individuals in the field of CyberSecurity who are interested in gaining hands-on technical skills. 

What Is This Course About?
The second course in the CSX Practitioner series goes deeper into skills focused in the Detect domain. Students will learn the basic concepts, methods and tools used to leverage CyberSecurity controls in order to identify system events and non-event level incidents. By completing multiple lab-reinforced modules, students will gain the skills necessary to detect potential network events and incidents. Topics range from incident packet analysis to Incident Response (IR) report drafting and generation. 

Coming Soon

CSX Practitioner: Respond and Recover

Who Should Attend:
The Respond and Recover course is ideal for individuals in the field of CyberSecurity who are interested in gaining hands-on technical skills. 

What Is This Course About?
The final course in the CSX Practitioner series provides hands-on instruction in the Respond and Recover domains. With course lecture backed up by lab sequences, students will learn how to apply professional methodology to respond and recover from network incidents or disasters. Students will discover how to contain an event and protect assets and infrastructure, and learn the components and procedures required for a comprehensive incident response plan. 

The Respond domain shows students the basic concepts, methods and tools required to draft and execute comprehensive incident response plans, provide proper isolation response documentation, and how to document and maintain information related to Incident Response. 

In the Recover domain, students will master the basic concepts, methods and tools required to recuperate a system or network, as well as learn how to implement continuity and contingency plans. 

Coming Soon

CyberSec First Responder: Threat Detection and Response

Who Should Attend:
The Identify and Protect course is ideal for experienced individuals in the field of cyber security who are interested in gaining hands-on technical skills. 

What Is This Course About?
This week-long course will help students gain an intermediate-level understanding of the concepts, skills and tools required to identify threats and weaknesses and protect an organization from cyber attacks. They will learn how to analyze and assess cyber threats against multiple levels of infrastructure, from host to system-level, using industry accepted methods and tools as governed by the NIST and ISO publication guidelines. In addition, students will learn to establish, maintain, and develop a holistic protection policy for the networks under their responsibility – including network protection techniques, such as Intrusion Detection System (IDS) implementation and firewall rule configuration – and how to use specific tools in protecting a network. 

View course outline and dates

Oversight and Development

Specialty areas providing leadership, management, direction, and/or development and advocacy so that all individuals and the organization may effectively conduct CyberSecurity work.

Job Areas include:

  • Legal Advice and Advocacy
  • Education and Training
  • Information Systems Security Operations/Officer
  • Strategic Planning and Policy Development
  • Security Program Management/CISO