Cybersecurity Awareness for Operation Warp Speed Partners
Cyber Security Awareness, CS130.16
This 30-minute course provides a working knowledge of cyber intrusion methods and cybersecurity countermeasures to assist employees in preventing cyber attacks and protecting their systems and information.
Mission Assurance for Senior Leaders, DS-IA113.16
This course, developed by Defense Information Systems Agency, will improve senior leaders' awareness about the seriousness of cybersecurity as it relates to their actions, as well as the implications of those actions on national security, the organization's mission, and the senior leader's various social networks (e.g., family, organization, and subordinates).
Phishing Awareness, DS-IA103.06
This DISA-developed course provides an explanation of what phishing is, as well as examples of the different types of phishing. It also provides guidelines to help individuals recognize phishing attempts so that appropriate actions can be taken to avoid these attacks and their consequences.
This DISA-developed course familiarizes students with information assurance security terminology, concepts, and policy. In this course, students learn about defensive security tools that are judiciously deployed on a simulated network. The student faces a spectrum of security threats and must make practical decisions for allocating resources. Students are given specific budgets by quarter and must plan, allocate, and implement information system security on a simulated network.
Health Industry Cybersecurity Protection of Innovation Capital, May 2020 Guide
The Healthcare and Public Health Sector Coordinating Council (HSCC) is a coalition of private-sector, critical healthcare infrastructure entities organized under Presidential Policy Directive 21 and the National Infrastructure Protection Plan to partner with government in the identification and mitigation of strategic threats and vulnerabilities facing the sector’s ability to deliver services and assets to the public. The HSCC Joint Cybersecurity Working Group (JCWG) (a standing working group of the HSCC, composed of more than 200 industry and government organizations working together to develop strategies to address emerging and ongoing cybersecurity challenges to the health sector) put together this May 2020 guide to identify recommendations for the protection of innovation capital.
Health Industry Cybersecurity Information Sharing Best Practices
Information sharing programs, when done properly, produce significant benefit at low risk for the organizations that participate. This document provides Healthcare and Public Health Sector (HPH) organizations with a set of guidelines and best practices for efficient and effective information sharing.
Health Industry Cybersecurity Supply Chain Risk Management Guide (HIC-SCRiM), v2.0, September, 2020
The Healthcare and Public Health Sector Coordinating Council (HSCC) Joint Cybersecurity Working Group (JCWG) Supply Chain Cybersecurity Task Group developed this supply chain cybersecurity risk management guide to provide structure and aid as a tool targeted at smaller to mid-sized health organizations. The suggested best practices herein directly address recommendations made in the 2017 Health Care Industry Cybersecurity Task Force "Report on Improving Cybersecurity in the Healthcare Industry."
Cyber Essentials Guide
This guide developed by CISA is for leaders of small businesses as well as leaders of small and local government agencies to enable them to develop an actionable understanding of where to start implementing organizational cybersecurity practices.
Mobile Device Safety
This job aid from the Office of the Director of National Intelligence (ODNI) provides basic tips for mobile device safety in the current environment.
Spearfishing and Common Cyber Attacks
This job aid from the Office of the Director of National Intelligence provides information about spearfishing and current cyber attack methods.
Top 10 Routinely Exploited Vulnerabilities
This job aid provides details on vulnerabilities routinely exploited by foreign cyber actors—primarily Common Vulnerabilities and Exposures (CVEs)—to help organizations reduce the risk of these foreign threats.
Joint Cyber Intelligence Tool Suite (JCITS)
In partnership with industry, JCITS uses mapping of cleared contractor public infrastructure and fuses those maps with known cyber-attack patterns of foreign adversaries.
JCITS Malware Intelligence Triage Tool (JMITT)
JCITS Malware Intelligence Triage Tool (JMITT) is an evolved platform that conducts real time analysis of emails with suspicious attachments.
JMITT Email Submission Procedures
This job aid details the email submission procedures used to submit an email with a suspicious attachment to the JMITT.
CISA Regional Offices
This job aid provides a map with CISA Regional Office contact information.
HSCC Joint Cybersecurity Working Group Q2 2020 Progress Report
The Healthcare and Public Health Sector Coordinating Council (HSCC) is a coalition of private-sector, critical healthcare infrastructure entities organized under Presidential Policy Directive 21 and the National Infrastructure Protection Plan to partner with government in the identification and mitigation of strategic threats and vulnerabilities facing the sector’s ability to deliver services and assets to the public. The HSCC Joint Cybersecurity Working Group (JCWG) (a standing working group of the HSCC, composed of more than 200 industry and government organizations working together to develop strategies to address emerging and ongoing cybersecurity challenges to the health sector) put together this 2nd Quarter 2020 progress report to address the JCWG’s progress to date in addressing the Health Care Industry Cybersecurity Task Force recommendations.
NIST Framework for Improving Critical Infrastructure Cybersecurity
Executive Order 13636 directed NIST to work with stakeholders to develop a voluntary framework - based on existing standards, guidelines, and practices - for reducing cyber risks to critical infrastructure. Created through collaboration between industry and government, the voluntary framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk.
Cyber Essentials Toolkit
The Cyber Essentials Toolkit is a set of modules designed to break down the CISA Cyber Essentials into bite-sized actions for IT and C-suite leadership to work toward full implementation of each Cyber Essential. Each chapter focuses on recommended actions to build cyber readiness into the interrelated aspects of an organizational culture of cyber readiness.
NSA Cybersecurity Advisories and Technical Guidance
This site provides advisories and mitigations on evolving cybersecurity threats. Some resources on this site have access requirements.
This Federal Trade Commission website contains general information and tips to protect information and devices online.
NCSC Awareness Materials
The materials in this toolkit will enable personnel to better understand existing threats to and provide guidance and tips for protecting the sensitive information, assets, technologies, and networks to which employees have access.
Watch & Learn
Cybersecurity Attacks - The Insider Threat
This 15-minute video teaches the viewer to recognize and mitigate the attacks performed by witting and unwitting entities that comprise the cybersecurity environment.
NCSC Cyber Training Series
This is a series of three courses designed for professionals new to the cyber realm. It introduces users to the computer's component layers and associated functions, virtualization concepts, and security methods.
Protect Your Computer from Malware
Malware is short for “malicious software." It includes viruses and spyware that get installed on your computer or mobile device without your consent. Learn more about how to avoid, detect, and get rid of malware.
Creating a Workplace Culture of Cybersecurity
This CDSE webcast is designed for those with responsibility for ensuring a secure cybersecurity environment in the workplace and will give practical tips for how to develop a culture that promotes good cybersecurity practices.
The Case of the Cyber Criminal
A techie spy and his cunning crew are out to get your personal information. Stop them cold by proving you're ready to protect yourself online. This game provides information for your home computing safety.
Phishers are looking to lure you with bogus emails and pop-ups that seem safe. Will you take the bait or live to swim another day? This game provides basic phishing awareness information.
Cybersecurity: Tomorrow’s Internet
Test your knowledge of cybersecurity and earn badges as you go.
Cybersecurity Magic 8 Ball
Can you correctly predict how the Magic 8 Ball will answer these cybersecurity questions?
Cybersecurity Trivia Twirl
This game features a wheel with six segments, each representing a different Cybersecurity category. Spin the wheel and correctly answer the question to “collect” that category segment. Play continues until you successfully collect all six category segments.
National Cybersecurity Policy for Operation Warp Speed Partners
Social Media Considerations for Operation Warp Speed Partners
Social Media Safety
This job aid from ODNI provides best practices for navigating social media safely.
Social Media: Leveraging Value while Mitigating Risk
The slides from a presentation by David Etue, Vice President of Corporate Development Strategy at SafeNet, discuss the importance, impact and risk of social media in protection health information, and discuss some best practices in mitigation of those risks.
Facebook Smartcard (Configuration Guide)
This is a quick configuration guide for Facebook.
Facebook Smartcard (Trifold)
This trifold brochure is an easy way to provide employees with the basics of configuring their Facebook profile to mitigate their risk.
LinkedIn Smartcard (Trifold)
This trifold brochure is an easy way to provide employees with the basics of configuring their LinkedIn profile to mitigate their risk.
Twitter Smartcard (Configuration Guide)
This is a quick configuration guide for Twitter.
Twitter Smartcard (Trifold)
This trifold brochure is an easy way to provide employees with the basics of configuring their Twitter account to mitigate their risk.
Internet Social Networking Risks
This ODNI report provides definitions of terms associated with internet and social networking risks and provides practical tips and best practices for mitigating the risk.
Watch & Learn
Social Media Video Lesson
This video lesson explores the risks associated with social media and why you should be concerned.
Toolkit feedback/suggestions? Email firstname.lastname@example.org.