UTSA cybersecurity center collaborates on $800K FEMA grant to create consortium

logo

Share this Story

(April 10, 2014) -- The University of Texas at San Antonio Center for Infrastructure Assurance and Security (CIAS), the University of Arkansas System Criminal Justice Institute and the University of Memphis Center for Information Assurance have received a three-year, $800,000 grant from the Federal Emergency Management Agency (FEMA) to help states and communities prepare for, detect and respond to cyberattacks in a consistent manner.

The funding will support the development of one new training course and the updating of five existing training courses. The courses will address cybersecurity awareness, policy, monitoring and incident response, disaster recovery, business continuity and risk/vulnerability management.

The grant formally establishes the National Cybersecurity Preparedness Consortium (NCPC), which includes the Texas A&M Engineering Extension Service (TEEX) and the Norwich University Applied Research Institutes (NUARI).

"The five universities in this consortium are very skilled at developing and delivering cybersecurity preparedness training or exercise support," said Greg White, director of the UTSA Center for Infrastructure Assurance and Security. "Many times, the communities we train have a great start, but they are missing some of the strategies necessary to implement successful and sustainable cybersecurity preparedness and response programs. Among communities with a plan, we commonly see inconsistencies that would prevent multiple entities from working together to respond to a cyberattack."

The Community Cyber Security Maturity Model (CCSMM), developed by the UTSA Center for Infrastructure Assurance and Security, offers a framework around which the consortium's activities revolve. Each of the members of the consortium addresses a different, necessary piece of the model. This results in a more coordinated multi-university program and helps states and communities better prepare for inevitable cybersecurity incidents.

As part of this grant, the Developing a Community Cybersecurity Program course will be created. This course will provide community leaders, network/security technical personnel and individual users an understanding of what it takes to develop a coordinated approach to securing networks and computers in their communities. The course will explore each person's role and responsibility within the community and how each fits into a coordinated program to establish a culture of security within the community. Additionally, the course will introduce trainees to the various courses offered by the consortium partners and the Department of Homeland Security.

Since technology becomes outdated quickly, the consortium also will update five existing cybersecurity preparedness courses with support from the FEMA grant.

In 2006, the University of Memphis developed its ACT Online training program, a series of 10 cybersecurity preparedness courses, which have been hosted online by the Texas A&M Engineering Extension Service at Texas A&M University since 2009. Since they were originally offered, nearly 22,000 students have taken the courses. With funding from the FEMA grant, the University of Memphis will update three of its training courses: Cyber Incident Analysis and Response, Business Information Continuity and Information Risk Management. New technology and security issues will be incorporated into the courses to keep them current.

Additionally, the University of Arkansas System Criminal Justice Institute will update two courses: Comprehensive Cyberterrorism Defense and Cyberterrorism First Responder. The courses, each delivered in a blended format over a four-and-a-half-day period, are designed for technical individuals who have the responsibility of actually defending computer systems and networks. Classroom lectures will provide participants with general instruction in cybersecurity principles and policies. The hands-on lab applications will simulate cyber-based attacks, introduce participants to tools to use in their prevention and response efforts, and provide participants with an opportunity to apply what they learn in a real world environment.

Since 2004, NCPC members have developed and delivered cybersecurity and cyberterrorism training and exercise support nationwide to a targeted audience of community leaders and critical infrastructure technical personnel. Their programs have reached individuals in all 50 states, garnering consortium members widespread recognition among state and local government leaders and information technology departments, federal and law enforcement agencies, colleges and universities, training academies and other related organizations throughout the United States.