Department of Health and Human Services – Role-Based IT Training for Administrators
3.2 3.2.1 3.2.2 Awareness and Training
https://www.hhs.gov/sites/default/files/hhs-etc/rbt-it-training/index.html
This security training from the HHS is an example of requirements and guidance to provide appropriate role-based security training.
EC-Council Security Awareness Training: 6 Important Training Practices
3.2 3.2.1 3.2.2 Awareness and Training
https://aware.eccouncil.org/security-awareness-training-6-important-training-practices.html
This blog discusses security awareness best practices and references other awareness training topics
Environmental Protection Agency Information Security – Awareness and Training Procedures
3.2 3.2.1 3.2.2 Awareness and Training
https://19january2017snapshot.epa.gov/sites/production/files/2016-01/documents/cio_2150-p-02.2.pdf
The purpose of this example procedure from the EPA is to help with implementing the security control requirements for the Awareness and Training (AT) control family.
https://www.knowbe4.com
KnowBe4 is a large security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.
NIST SP 800-50 Rev 1: Building a Cybersecurity Privacy Learning Program
3.2 3.2.1 3.2.2 Awareness and Training
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-50r1.pdf
This publication provides guidance for federal agencies and organizations to develop and manage a life cycle approach to building a Cybersecurity and Privacy Learning Program (CPLP).
PCI Security Standards Council Whitepaper – Best Practices for Implementing a Security Awareness Training Program
3.2 3.2.1 3.2.2 Awareness and Training
https://listings.pcisecuritystandards.org/documents/PCI_DSS_V1.0_Best_Practices_for_Implementing_Security_Awareness_Program.pdf
This guide focuses on organizational security awareness, security awareness content, and it provides a security awareness training checklist.
https://go.proofpoint.com/Phishing-Awareness-Kit.html
Proofpoint Security Awareness Training is offering a free Phishing Awareness Kit. This kit gives you the tools you need to engage your users and turn them into a strong line of defense against phishing attacks and other cyber threats.
SANS Whitepaper – Developing an Integrated Security Training, Awareness, and Education Program
3.2 3.2.1 3.2.2 Awareness and Training
https://www.sans.org/white-papers/1160/
This SANS whitepaper describes how to successfully implement a comprehensive Security Training, Awareness, and Education program.
https://securityawareness.usalearning.gov/cybersecurity/index.htm
This course introduces the threats and vulnerabilities faced when working within the government or defense industrial systems.
The National Initiative for Cybersecurity Careers and Studies (NICCS) Catalog
3.2 3.2.1 3.2.2 Awareness and Training
https://niccs.cisa.gov/education-training/catalog
The NICCS Education and Training Catalog is a central location where cybersecurity professionals across the nation can find over 3,000 cybersecurity-related courses.
