U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

Resources for Academia

To meet growing technological needs and to protect against evolving cyber threats, DHS is engaging with the academic community to increase cybersecurity awareness, incentivize cybersecurity, encourage the adoption of best practices, and implement a shared sense of responsibility for cybersecurity at universities and colleges. The resources below are available to academia and aligned to the five Cybersecurity Framework Function Areas. Some resources and programs align to more than one Function Area. This page will be updated as additional resources--from DHS, other Federal agencies, and the private sector--are identified.

Engage with the C³ Voluntary Program

In addition to improving cyber risk management across academia, the C³ Voluntary Program also works with academic organizations to extend the reach of the program. If your organization is interested in engaging with the C³ Voluntary Program through activities such as developing a blog post, creating an article for an academic journal, or coordinating a speaking engagement at your institution, please visit the C³ Voluntary Program Events and Media page for more details.

On This Page:
Identify
Protect
Detect
Respond

Resources to Identify

Cyber Resilience Review (CRR)

The CRR is a no-cost, voluntary, non-technical assessment to evaluate an organization’s operational resilience and cybersecurity practices. The CRR may be conducted as a self-assessment or as an on-site assessment facilitated by DHS cybersecurity professionals. The CRR assesses enterprise practices and procedures across a range of ten domains including risk management, incident management, service continuity, and others. The assessment is designed to measure existing organizational resilience as well as provide a gap analysis for improvement based on recognized best practices. For additional information please see http://us-cert.gov/ccubedvp/self-service-crr.

Cybersecurity Evaluation Tool (CSET) and On-Site Cybersecurity Consulting

Industrial control systems security posture assessments, offered through CSET, a self-assessment tool. Features include a mapping to control systems standards based on the sector as well as a network architecture mapping tool. The tool can be downloaded for self-use or organizations can request a facilitated site visit, which could include basic security assessments, network architectural review and verification, network scanning using custom tools to identify malicious activity and indicators of compromise, and penetration testing. More information is available at: http://ics-cert.us-cert.gov/assessments.

Industrial Control Systems Computer Emergency Readiness Team (ICS-CERT) Recommended Practices

A list of recommended practices aimed at helping industry understand and prepare for ongoing and emerging control systems cybersecurity issues, vulnerabilities, and mitigation strategies. ICS-CERT works with control systems manufacturers, service providers, researchers, and end users to ensure that the recommended practices are vetted by industry subject matter experts prior to publication. Recommended practices cover topics such as defense-in-depth strategies, cyber forensics, and incident response and are updated on a routine basis to account for emerging issues and practices. Access to recommended practices is provided through: http://ics-cert.us-cert.gov/introduction-recommended-practices.

National Cyber Awareness System (NCAS)

The National Cybersecurity and Communications Integration Center (NCCIC) produces advisories, alert & situation reports, analysis report, current activity updates, daily summaries, indicator bulletins, periodic newsletters, recommended practices, Weekly Analytic Synopsis Product (WASP), weekly digests, and year in review to alert partners of emerging cyber threats, vulnerabilities, and current activities. Certain products such as alerts, current activity, bulletins, and tips are released through US-CERT’s NCAS. More information on obtaining NCAS products is available at:

U.S. Computer Emergency Readiness Team (US-CERT) and ICS-CERT Alerts, Bulletins, Tips, and Technical Documents

Access to alerts, bulletins, tips, and technical documents published by ICS-CERT and US-CERT. ICS-CERT also offers an extensive bibliography of relevant standards and references. Both sets of documents and references provide a better understanding of relevant control systems vulnerabilities and the measures critical infrastructure owners and operators can take to address them. More information on ICS-CERT and US-CERT alerts, bulletins, tips, and technical documents is available at: http://ics-cert.us-cert.gov and http://us-cert.gov.  

Cyber Security Advisors (CSAs)

CSAs are regionally located DHS personnel who direct coordination, outreach, and regional support to protect cyber components essential to the sustainability, preparedness, and protection of the Nation’s critical infrastructure and State, local, tribal, and territorial (SLTT) governments. CSAs offer immediate and sustained assistance to prepare and protect SLTT and private entities. CSAs bolster the cybersecurity preparedness, risk mitigation, and incident response capabilities of these entities and bring them into closer coordination with the Federal Government. CSAs represent a front line approach and promote resilience of key cyber infrastructures throughout the U.S. and its territories. For more information about CSAs, please email cyberadvisor@hq.dhs.gov.

Protective Security Advisors (PSAs)

PSAs are trained critical infrastructure protection and vulnerability mitigation subject matter experts. Regional Directors are Supervisory PSAs, responsible for the activities of eight or more PSAs and geospatial analysts, who ensure all Office of Infrastructure Protection critical infrastructure protection programs and services are delivered to Federal and SLTT stakeholders and private sector owners and operators. The PSA program focuses on physical site security and resiliency assessments, planning and engagement, incident management assistance, and vulnerability and consequence information sharing. For more information about PSAs, visit: http://dhs.gov/protective-security-advisors.

EDUCAUSE Information Security Guide: Effective Practices and Solutions for Higher Education

The Information Security Guide: Effective Practices and Solutions for Higher Education (referred to as "the Guide") is a compendium of information providing guidance on effective approaches to information security at institutions of higher education. It is a key publication of the Higher Education Information Security Council (formerly the Security Task Force). Its content is actively maintained by a large group of volunteers who are information security practitioners at a variety of colleges and universities.

The content itself is a rich combination of materials written for the Guide, articles written for other publications, presentations from information security conferences, case studies, examples of processes, procedures, and forms used by various institutions, toolkits, hot topics, and references to a wide variety of other materials from EDUCAUSE and other sources. Access the guide at: https://library.educause.edu/resources/2014/5/information-security-guide-effective-practices-and-solutions-for-higher-education.


Back to Top
 

Resources to Protect

ICS-CERT Training

Training in industrial control systems security at the overview, intermediate, and advanced levels, including web-based and instructor-led formats. More information on ICS-CERT training opportunities are available at: http://ics-cert.us-cert.gov/training-available-through-ics-cert.

ICS-CERT Recommended Practices

A list of recommended practices aimed at helping industry understand and prepare for ongoing and emerging control systems cybersecurity issues, vulnerabilities, and mitigation strategies. ICS-CERT works with control systems manufacturers, service providers, researchers, and the end user community to ensure that the recommended practices are vetted by industry subject matter experts prior to publication. Recommended practices cover topics such as defense-in-depth strategies, cyber forensics, and incident response, and are updated on a routine basis to account for emerging issues and practices. Access to recommended practices is provided through: http://ics-cert.us-cert.gov/introduction-recommended-practices.

National Cyber Awareness System (NCAS)

The National Cybersecurity and Communications Integration Center (NCCIC) produces advisories, alert & situation reports, analysis report, current activity updates, daily summaries, indicator bulletins, periodic newsletters, recommended practices, Weekly Analytic Synopsis Product (WASP), weekly digests, and year in review to alert partners of emerging cyber threats, vulnerabilities, and current activities. Certain products such as alerts, current activity, bulletins, and tips are released through US-CERT’s NCAS. More information on obtaining NCAS products is available at:

US-CERT and ICS-CERT Alerts, Bulletins, Tips, and Technical Documents

Access to alerts, bulletins, tips, and technical documents published by ICS-CERT and US-CERT. ICS-CERT also offers an extensive bibliography of relevant standards and references. Both sets of documents and references provide a better understanding of relevant control systems vulnerabilities and suggest measures critical infrastructure owners and operators can take to address them. More information on ICS-CERT and US-CERT alerts, bulletins, tips, and technical documents is available at: http://ics-cert.us-cert.gov and http://us-cert.gov.

Cyber Security Advisors (CSAs)

CSAs are regionally located DHS personnel who direct coordination, outreach, and regional support to protect cyber components essential to the sustainability, preparedness, and protection of the Nation’s critical infrastructure and SLTT governments. CSAs offer immediate and sustained assistance to prepare and protect SLTT and private entities.  CSAs bolster the cybersecurity preparedness, risk mitigation, and incident response capabilities of these entities and bring them into closer coordination with the Federal Government. CSAs represent a front line approach and promote resilience of key cyber infrastructures throughout the U.S. and its territories. For more information about CSAs, please email cyberadvisor@hq.dhs.gov.

Protective Security Advisors (PSAs)

PSAs are trained critical infrastructure protection and vulnerability mitigation subject matter experts. Regional Directors are Supervisory PSAs, responsible for the activities of eight or more PSAs and geospatial analysts, who ensure all Office of Infrastructure Protection critical infrastructure protection programs and services are delivered to Federal and SLTT stakeholders and private sector owners and operators. The PSA program focuses on physical site security and resiliency assessments, planning and engagement, incident management assistance, and vulnerability and consequence information sharing. For more information about PSAs, visit: http://dhs.gov/protective-security-advisors.

Cybersecurity Information Sharing and Collaboration Program (CISCP)

A no-cost information sharing partnership between enterprises and DHS, CISCP creates shared situational awareness across critical infrastructure communities, enhances cybersecurity collaboration between DHS and critical infrastructure owners and operators, and leverages government and industry subject matter expertise to collaboratively respond to cybersecurity incidents. For more information about CISCP, please email ciscp_coordination@hq.dhs.gov and download an overview of CISCP.

Enhanced Cybersecurity Services (ECS)

The Department of Homeland Security’s (DHS) Enhanced Cybersecurity Services (ECS) program is an intrusion prevention capability that helps U.S. based companies protect their computer systems against unauthorized access, exploitation, and data exfiltration. ECS works by sharing sensitive and classified cyber threat information with accredited Commercial Service Providers (CSPs). These CSPs in turn use that information to block certain types of malicious traffic from entering customer networks. ECS is meant to augment, but not replace, existing cybersecurity capabilities. All U.S.-based public and private organizations are eligible to enroll in ECS. Please contact the ECS CSPs for enrollment information:

General ECS information is available at: http://dhs.gov/enhanced-cybersecurity-services.

DHS Academic Engagement

DHS maintains numerous relationships with members of the academic community and directly engages with school administrators, faculty, and students on a range of issues. DHS’s work to support the academic community has resulted in a variety of resources, tools, initiatives, and programs for students, faculty, and academic institutions. To learn more, visit http://dhs.gov/academic-engagement-overview.

Stop.Think.Connect.™ Campaign Academic Alliance

The Stop.Think.Connect.™ Campaign aims to empower Americans to reduce cyber risk online by incorporating safe habits into their online routines. The Stop.Think.Connect.™ Academic Alliance is a nationwide network of non-profit colleges and universities committed to promoting safer online practices. Through the Alliance, universities can connect with DHS and other government, non-profit, and academic partners, use Campaign resources, tools, and subject matter experts, and lead academia in cybersecurity awareness education. For more information on how to get involved with the Academic Alliance, visit http://dhs.gov/stopthinkconnect or email stopthinkconnect@dhs.gov.

National Initiative for Cybersecurity Education (NICE)

NICE comprises various cybersecurity education and awareness initiatives, including the National Initiative for Cybersecurity Careers & Studies (NICCS) website, the premier online resource for cybersecurity training. NICCS connects Government employees, students, educators, and industry with cybersecurity training providers throughout the Nation. To learn more, please visit: https://niccs.us-cert.gov/formal-education

National Initiative for Cybersecurity Careers and Studies (NICCS) Website

The National Initiative for Cybersecurity Careers and Studies (NICCS) is the premier online resource for cybersecurity training. NICCS connects Government employees, students, educators, and industry with cybersecurity training providers throughout the Nation. To learn more, please visit: https://niccs.us-cert.gov.

The National Cybersecurity Workforce Framework

The National Cybersecurity Workforce Framework is a blueprint for categorizing and describing cybersecurity work into specialty areas, tasks, and knowledge, skills and abilities (KSA's).  The National Cybersecurity workforce framework provides a common language for defining and performing cybersecurity work that can be utilized by training providers, employers, educators, employees, and students.  Each Specialty Area detail displays the standard tasks and the knowledge, skills, and abilities needed to successfully complete those tasks. To learn more, please visit: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

National Centers of Academic Excellence (CAE)

The National Security Agency (NSA) and DHS jointly sponsor the National Centers of Academic Excellence in Information Assurance (IA) Education (CAE/IAE), IA 2-year Education (CAE/2Y) and IA Research (CAE/R) programs. The goal of these programs is to reduce vulnerability in our national information infrastructure by promoting higher education and research in IA and producing a growing number of professionals with IA expertise in various disciplines. To learn more, visit http://www.nsa.gov/academia/nat_cae_cyber_ops/index.shtml.

EDUCAUSE Information Security Guide: Effective Practices and Solutions for Higher Education

The Information Security Guide: Effective Practices and Solutions for Higher Education (referred to as "the Guide") is a compendium of information providing guidance on effective approaches to information security at institutions of higher education. It is a key publication of the Higher Education Information Security Council (formerly the Security Task Force). Its content is actively maintained by a large group of volunteers who are information security practitioners at a variety of colleges and universities.

The content itself is a rich combination of materials written for the Guide, articles written for other publications, presentations from information security conferences, case studies, examples of processes, procedures, and forms used by various institutions, toolkits, hot topics, and references to a wide variety of other materials from EDUCAUSE and other sources. Access the guide at: https://library.educause.edu/resources/2014/5/information-security-guide-effective-practices-and-solutions-for-higher-education.

Higher Education Information Security Council (HEISC)

Established by EDUCAUSE and Internet2 in July 2000, the HEISC mission is to improve information security, data protection, and privacy programs across the higher education sector. HEISC executes its mission through working groups of volunteers and professional EDUCAUSE staff that coordinate activities and collaborate with partners from government, industry, and other academic organizations. Through the annual Security Professionals Conference and other EDUCAUSE conferences and websites, HEISC actively develops and promotes leadership; awareness and understanding; effective practices and policies; and solutions for the protection of critical data, IT assets, and infrastructures. For more information visit: http://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-initiative/about.

NIST Cybersecurity Framework Explained

In this video, Rapid7 discusses and gives a brief overview of the NIST Cybersecurity Framework Watch this video at http://www.rapid7.com/resources/videos/nist-cybersecurity-framework-explained.jsp.


Back to Top
 

Resources to Detect

Cybersecurity Information Sharing and Collaboration Program (CISCP)

A no-cost information sharing partnership between enterprises and DHS, CISCP creates shared situational awareness across critical infrastructure communities, enhances cybersecurity collaboration between DHS and critical infrastructure owners and operators, and leverages government and industry subject matter expertise to collaboratively respond to cybersecurity incidents. For more information about CISCP, please email ciscp_coordination@hq.dhs.gov and download an overview of CISCP.

Enhanced Cybersecurity Services (ECS)

The Department of Homeland Security’s (DHS) Enhanced Cybersecurity Services (ECS) program is an intrusion prevention capability that helps U.S. based companies protect their computer systems against unauthorized access, exploitation, and data exfiltration. ECS works by sharing sensitive and classified cyber threat information with accredited Commercial Service Providers (CSPs). These CSPs in turn use that information to block certain types of malicious traffic from entering customer networks. ECS is meant to augment, but not replace, existing cybersecurity capabilities. All U.S.-based public and private organizations are eligible to enroll in ECS. Please contact the ECS CSPs for enrollment information:

General ECS information is available at: http://dhs.gov/enhanced-cybersecurity-services.

EDUCAUSE Information Security Guide: Effective Practices and Solutions for Higher Education

The Information Security Guide: Effective Practices and Solutions for Higher Education (referred to as "the Guide") is a compendium of information providing guidance on effective approaches to information security at institutions of higher education. It is a key publication of the Higher Education Information Security Council (formerly the Security Task Force). Its content is actively maintained by a large group of volunteers who are information security practitioners at a variety of colleges and universities.

The content itself is a rich combination of materials written for the Guide, articles written for other publications, presentations from information security conferences, case studies, examples of processes, procedures, and forms used by various institutions, toolkits, hot topics, and references to a wide variety of other materials from EDUCAUSE and other sources. Access the guide at: https://library.educause.edu/resources/2014/5/information-security-guide-effective-practices-and-solutions-for-higher-education.


Back to Top
 

Resources to Respond

Cybersecurity Information Sharing and Collaboration Program (CISCP)

A no-cost information sharing partnership between enterprises and DHS, CISCP creates shared situational awareness across critical infrastructure communities, enhances cybersecurity collaboration between DHS and critical infrastructure owners and operators, and leverages government and industry subject matter expertise to collaboratively respond to cybersecurity incidents. For more information about CISCP, please email ciscp_coordination@hq.dhs.gov and download an overview of CISCP.

Cyber Security Advisors (CSAs)

CSAs are regionally located DHS personnel who direct coordination, outreach, and regional support to protect cyber components essential to the sustainability, preparedness, and protection of the Nation’s critical infrastructure and SLTT governments. CSAs offer immediate and sustained assistance to prepare and protect SLTT and private entities. CSAs bolster the cybersecurity preparedness, risk mitigation, and incident response capabilities of these entities and bring them into closer coordination with the Federal Government. CSAs represent a front line approach and promote resilience of key cyber infrastructures throughout the U.S. and its territories. For more information about CSAs, please email cyberadvisor@hq.dhs.gov.

Protective Security Advisors (PSAs)

PSAs are trained critical infrastructure protection and vulnerability mitigation subject matter experts. Regional Directors are Supervisory PSAs, responsible for the activities of eight or more PSAs and geospatial analysts, who ensure all Office of Infrastructure Protection critical infrastructure protection programs and services are delivered to Federal and SLTT stakeholders and private sector owners and operators. The PSA program focuses on physical site security and resiliency assessments, planning and engagement, incident management assistance, and vulnerability and consequence information sharing. For more information about PSAs, visit: http://dhs.gov/protective-security-advisors.

Enhanced Cybersecurity Services (ECS)

The Department of Homeland Security’s (DHS) Enhanced Cybersecurity Services (ECS) program is an intrusion prevention capability that helps U.S. based companies protect their computer systems against unauthorized access, exploitation, and data exfiltration. ECS works by sharing sensitive and classified cyber threat information with accredited Commercial Service Providers (CSPs). These CSPs in turn use that information to block certain types of malicious traffic from entering customer networks. ECS is meant to augment, but not replace, existing cybersecurity capabilities. All U.S.-based public and private organizations are eligible to enroll in ECS. Please contact the ECS CSPs for enrollment information:

General ECS information is available at: http://dhs.gov/enhanced-cybersecurity-services.

Cyber Incident Response and Analysis

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) offers incident response services to critical infrastructure asset owners that are experiencing impacts from cyber attacks. Services include digital media and malware analysis, identification of the source of an incident, analyzing the extent of the compromise, and developing strategies for recovery and improving defenses. Incident response teams also provide concepts for improving intrusion detection capabilities and ways to eliminate vulnerabilities and minimize losses from a cyber attack. For more information or to request response services, email: ics-cert@hq.dhs.gov.

National Centers of Academic Excellence (CAE)

The National Security Agency (NSA) and DHS jointly sponsor the National Centers of Academic Excellence in Information Assurance (IA) Education (CAE/IAE), IA 2-year Education (CAE/2Y) and IA Research (CAE/R) programs. The goal of these programs is to reduce vulnerability in our national information infrastructure by promoting higher education and research in IA and producing a growing number of professionals with IA expertise in various disciplines. To learn more, visit http://nsa.gov/academia/nat_cae_cyber_ops/index.shtml.

EDUCAUSE Information Security Guide: Effective Practices and Solutions for Higher Education

The Information Security Guide: Effective Practices and Solutions for Higher Education (referred to as "the Guide") is a compendium of information providing guidance on effective approaches to information security at institutions of higher education. It is a key publication of the Higher Education Information Security Council (formerly the Security Task Force). Its content is actively maintained by a large group of volunteers who are information security practitioners at a variety of colleges and universities.

The content itself is a rich combination of materials written for the Guide, articles written for other publications, presentations from information security conferences, case studies, examples of processes, procedures, and forms used by various institutions, toolkits, hot topics, and references to a wide variety of other materials from EDUCAUSE and other sources. Access the guide at: https://library.educause.edu/resources/2014/5/information-security-guide-effective-practices-and-solutions-for-higher-education.


Back to Top
 
Back to Top