SANS Institute 2024 Cybersecurity Training Program User Guide

2024 Cybersecurity Training Program

Product Specifications

• Product Name: 2024 Training Guide

• Target Audience: Higher Education & K-12

• Content: Exclusive content on 4 Major Threats to the Public
  Sector & Education in 2024

• Provider: SANS Institute

• Training Type: Comprehensive Cybersecurity Training

• Discount Offer: 50% off select cybersecurity training during
  Winter (December 1 – January 31) and Summer (June 1 – July 31)
  buying windows

Product Usage Instructions

1. Understanding the Threats

Read through the exclusive content provided in the training
guide to familiarize yourself with the 4 major threats to the
public sector and education in 2024.

2. Cybersecurity Training Registration

Contact the SANS Institute to register for cybersecurity
training. Educational organizations can avail a 50% discount on
select training during the specified buying windows.

3. Participating in Training Programs

Attend the training sessions to enhance your security awareness
and cybersecurity skills. Ensure that your staff members receive
the necessary training to prevent, defend, and protect against
cyber threats.

4. Accessing Additional Resources

Scan the provided QR code to access the Program Guide for
pricing and terms related to the cybersecurity training programs
offered by SANS Institute.

Frequently Asked Questions (FAQ)

Q: How can educational organizations benefit from the

cybersecurity training offered by SANS Institute?

A: Educational organizations can benefit by
improving their security posture, upskilling their staff, and
gaining access to specialized programs and resources to protect
against cyber threats.

Q: When are the buying windows for availing the 50% discount on

select training?

A: The buying windows are during Winter
(December 1 – January 31) and Summer (June 1 – July 31).

2024 Training Guide
Higher Education & K-12
EXCLUSIVE CONTENT
4 Major Threats to the Public Sector & Education in 2024

Serving the Public Good
Cyber attacks on education are multiplying.

No target is too big or small for today’s cyber criminal.
From attacks on community colleges to small private schools, threats are getting more sophisticated and unpredictable.
Every institution is at risk.
The education sector now must add cyber defender to its list of duties.
It’s our collective responsibility to level up security awareness and cybersecurity skills to protect the public good.

The SANS Institute is making it our mission to make every main street safer from cyber threats.
We want to make sure that those who keep our education system running have what they need to do so. That’s why we offer a specialized program to strengthen the security posture of higher education and K-12 institutions.
In addition to our comprehensive catalog of training and certifications, we invite educational organizations to become part of our community. This includes participating in summits, networking events, webinars, and access to our research and experts.
We hope that you will join us on this mission to make our communities safe.
Sincerely,
Brian Hendrickson Chief Mission Officer SANS Institute

Comprehensive Cybersecurity Training
The SANS Institute has been training the public sector in cybersecurity since 1989. We’ve seen threats to education skyrocket in the past three years.
We also have seen budgets and resources stretched. This is making it harder for organizations to invest in proactive cybersecurity strategy.
SANS offers educational organizations the world’s best cybersecurity training at a discounted price. Qualifying organizations get 50% off select cybersecurity training when purchased during two program buying windows.
Our program ensures that your staff will get the training needed to prevent, defend, and protect against cyber threats at a price your budget can afford.

Get 50% off select training during two annual buying windows
Winter December 1 – January 31
Summer June 1 – July 31

Scan to access the Program Guide for pricing & terms

PUBLIC SECTOR
4 Major Threats to Watch
Anywhere there is data, there is a threat actor trying to steal it. Even the smallest entities serving the public good are at risk.
As a monitor of threats across the globe, SANS has seen the threats against the public sector and education multiply. The more our systems connect online, the greater the risk becomes.
The best way to arm against a cyber threat is to make sure you know what to look for.
Providing security awareness training for all staff can reduce the number of vulnerable entry points. Upskilling your IT and cyber professionals can rectify issues faster, lower the damage that an attack may cause, and increase organizational capacity to prevent future attacks and lower future risk.
There are always new threats on the horizon. We believe these are the top threats that every municipal, educational, or public service organization need to be ready for this year.
And of course, the training you need to keep ahead of them.
Nearly one-third of U.S. local governments would be unable to tell if they were under attack in cyberspace.1
Forno, 2022

Cloud Insecurity
Movement to the cloud accelerates internal operations – making process more efficient, effective, and vulnerable to new threats.
Connection, automation, and nearly limitless advancements make utilizing the cloud attractive for the public sector.
As the technology matures and organizations shift to multi-cloud environments, organizations need to amp up specialized cloud expertise. Infrastructure and architecture must be maintained with precision.
While many on-premise attacks are known, threat actors are finding new methods to attack the cloud. In 2023, Cloudflare, Google and Amazon Web Services (AWS) faced the largest attack on cloud. The 2-minute denial-of-service attack relied on a previously undisclosed vulnerability in a key piece of internet architecture. 2
Cloud attacks at such a high level compromise the integrity of millions of connected systems. It means that your organization needs to have additional controls in place to safeguard your systems.

In October 2023, The SANS Institute hosted the CloudSecNext summit.
Phil Venable, Chief Information Security Officer at Google gave his thoughts on the next cloud mega trends.
Access the presentation at sans.org.

Cloud & IT Mega Trends 2024
· Artificial Intelligence · Economies of Scale · Shared Fate · Healthy Competition · Cloud as Digital Immune System · Software Defined Infrastructure · Increasing Deployment Velocity · Simplicity · Sovereignty Meets Sustainability

Security or resilience-related concerns with public cloud providers were cited by 74% of public sector executives in a 2022 report.3
Zosel, 2022
Commonsense changes such as secure design, proper configuration by cloud provider, enforcing secure API access, and up-to-date detection engineering can start to deflect threats. Training your infosec team on how to configure your architecture can reduce vulnerabilities. Properly configured and secured systems can level and maintain cost while reducing risk.
Not keeping systems current against emerging threats is an attack waiting to happen. The public sector must make cloud a focus for 2024.

Recommended Training
SEC488: Cloud Security Essentials Learn the foundation of cloud security GCLD Certification
SEC540: Cloud Security & Dev Ops Automation Secure the DevOps toolchain. GCSA Certification

SEC510: Attack-Driven Cloud Security Controls & Mitigations Prevent cloud security breaches with proper configuration. GPCS Certification
LDR520: Cloud Security for Leaders What every manager needs to know about the cloud.

Phantom Phishing
From fake LinkedIn accounts posing as recruiters to robocalling and ‘smishing,’ there are more ways for threat actors to enter your systems. Just one slip can take down your entire network.
Phishing attacks are costing our communities.
Nevada was the state most affected by phishing scams, while Kansas was the lowest.
The District of Columbia reported the most phishing attacks of any municipality, at 25.42 attacks per 100K residents.
Victims in New Hampshire had significant financial losses per phish at $47,477.4
Forbes, 2023
Every InfoSec professional is on alert for that one false click.
Threat actors are getting more sophisticated in how they lure victims. Emails that once were obviously scams, now mimic professional corporate communications. Job boards are filled with false postings that gain access to personal data and credentials. Texts come in that appear to be real while it’s become harder to recognize whether a phone call from an unknown number is legit.

In the 2023 SANS Security Awareness Report, social engineering tactics are the top risk to network security.
It’s not just employees who put networks at risk, contractors, vendors, students, and guests open up access. One school district experienced a cyber attack that cost over $10M in expenses to recover after a contractor accidentally clicked a phishing link.5 One city had it’s systems frozen including their 911 call center.6
The constant influx of phishing threats can overwhelm an already stressed information security team. The most effective ways to reduce the burden is through prevention:
1. Security Awareness training for all who access your network. 2. Continuous reinforcement of awareness techniques through interactive measures. 3. Upskilling all IT professionals with role-based security standards.
SANS expects to see more phishing threats to the public sector in 2024. It’s imperative to make sure that anyone with access to your network stays safe.
Recommended Training
SANS Security Awareness offers interactive training for your entire workforce and rolebased modules for IT professionals.
· End User: Comprehensive security awareness training for all computer users · Phishing: Test your employees through real-world phishing simulations · Developer: Train your developers in secure coding techniques and how to recognize
current threat vectors in web applications · ICS Engineer: Rigorous computer- based training for industrial control systems · IT Administrator: Level up your technical staff with advanced training · NERC CIP: Relevant training addresses NERC CIP reliability standards for the utility
industry

Ransomware Everywhere
Ransomware is a threat to public safety.
Once threat actors find a way into your system, Ransomware can cause mass disruption of thousands or even millions of people’s lives. The rate of ransomware attacks is alarming. Six in 10 local governments faced a ransomware attack or were breached. While a 2023 study by Sophos revealed that the rate of ransomware attacks in state and local government has increased from 58% to 69% year over year.7 It’s not only major metro areas, a small city in Ohio faced a Ransomware attack in late 2023. It took down multiple government systems and functions while releasing 65,000 records.8

The term “Ransomware” no longer refers to a simple encryption that locks down resources. Human-Operated Ransomware (HumOR) along with the evolution of Ransomware-as-aService (RaaS) have created an entire ecosystem that thrives on hands-on-keyboard attacks. Some cyber extortion actors carry out the full attack life cycle and skip the encryption phase.

Ransomware cases increased by 73% in 2023.9
Threat Risk & Intelligence Services
Extortion is especially a threat for public officials and law enforcement. One moment of weakness can disrupt the delicate balance of public safety.

Recommended Training
SEC401: Network, Endpoint & Cloud Implement a winning defensive strategy. GSEC certification
SEC504: Hacker Tools, Techniques, and Incident Handling Get into the mindset of attackers. GCIH Certification

Police log-in credentials and personal information fetch a high price on the dark market.
In a 2021 attack on a major metropolitan police department, cyber criminals released the personal information of police officers, witnesses, and victims when a $4M ransom was denied.10
Public Preparation

FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics Hunt, identify, counter, & recover from threats. GCFA Certification
FOR528: Ransomware and Cyber Extortion Hands-on training for ransomware response
LDR553: Cyber Incident Management Leaders learn to handle and recover from an attack.

The public sector must be prepared to respond. This includes training your information security team and the leaders of your organization.
One false move can compromise the security of your community and cost millions to rectify.

Executive Cybersecurity Exercises
Organizational leaders practice cyber crisis management incident response with an expert facilitator to speed response and reduce risk.

Control System Threats

Industrial control systems (ICS) are targets of threat actors seeking to disrupt our critical infrastucture, supply chain, and the utilities we depend on.

A municipal water authority serving rural counties was attacked in late 2023. The attack targeted a vulnerability in their industrial control system at their booster station.11 Luckily, there was no impact on the drinking water — this time.
Anything networked can be weaponized. The SANS Institute expects to see more industrial control system (ICS) ransomware attacks in the coming year. State- sponsored, organized threats will increase as geopolitical conflicts heighten. Small rural colleges can be as attractive a target as maritime ports.

No asset owner and operator is safe from state-sponsored threats.
The commoditization of IIOT has opened a new vulnerability. With more providers competiing to sell their devices, the barrier for attacking vulnerabilities gets lower. Hacking toolkits for IIOT are on the horizon.
The recent evolution of ICS targeted attacks sends a clear message: proactive control system cyber defense requires engineering knowledge to preserve the safety of industrial control system (ICS) and operational technology (OT) operations.

In late 2023, The SANS Institute released our report The ICS/OT Cybersecurity Survey in 2023 on the state of industrial control security.
Respondents to SANS’ survey ranked deploying trained OT security defenders to leverage ICS-specific network visibility as the number one must-have capability.

As attacks on critical infrastructure and industrial control systems become brazen, ICS defenses must go beyond just preventative security.

Operators need to take the offensive: physical upgrades to equipment, precise security controls, and targeted training for every individual who operates or works with IIOT. This includes having an ICS specific incident response plan. Of the operators surveyed by SANS, only 52% of ICS facilities had an ICS/IOT response plan and 17% were unsure if they had one.12

Public organizations must not leave ICS/OT cybersecurity up to chance.

Recommended Training
ICS410: ICS/SCADA Security Essentials Learn how to keep the operational environment safe against cyber threats. GICSP Certification

ICS456: Essentials for NERC Critical Infrastructure Protection Understand & implement 5/6/7 standards. GCIP Certification

ICS515: ICS Visibility, Detection, and Response Gain visibility and control over your industrial systems. GRID Certification

SEC503: Network Monitoring and Threat Detection In-Depth GCIA Certification

SLED Program Partners
Qualifying Entities include but are not limited to: – State, Local, Territorial & Tribal Governments – K-12 School Districts – Higher Education, Colleges & Universities – Law Enforcement, Justice & Public Safety – Transportation, Maritime, Rail, Aviation & Highway – Municipal Utilities & Public Infrastructure

Accessing Programs for State, Local & Municipal Organizations
The SANS Institute has a dedicated program for public organizations to make accessing the leading cybersecurity training easier.
Qualifying public organizations can participate in SANS aggregate buying program. SANS is able to offer 50% off select training when purchased during two program buying windows.
This aggregrate purchase program makes it easy to get the training you need for your entire organization: from your general workforce to advanced cybersecurity practitioners. Courses are available to take at your own pace via SANS OnDemand platform or Live Online.
Our program also includes the opportunity to purchase GIAC certifications, NetWars Continuous, and Security Awareness training.
We understand the complexities of operating a public organization, that’s why we have dedicated support to help you register, select, and track your training. SANS will walk you through the process step by step.
To get started or answer questions, contact our experts at partnership@sans.org today.

SLED Program Partners
Qualifying Entities include but are not limited to: – State, Local, Territorial & Tribal Governments – K-12 School Districts – Public Colleges & Universities – Law Enforcement, Justice & Public Safety – Transportation, Maritime, Rail, Aviation & Highway – Municipal Utilities & Public Infrastructure

Accessing Programs for Educational Institutions
The SANS Institute has a dedicated program to make accessing the leading cybersecurity training easier.
Qualifying organizations can participate in SANS aggregate buying program. SANS is able to offer 50% off select training when purchased during two program buying windows.
This aggregrate purchase program makes it easy to get the training you need for your entire organization: from your general workforce to advanced cybersecurity practitioners. Courses are available to take at your own pace via SANS OnDemand platform or Live Online.
Our program also includes the opportunity to purchase GIAC certifications, NetWars Continuous, and Security Awareness training.
We understand the complexities of operating a public organization, that’s why we have dedicated support to help you register, select, and track your training. SANS will walk you through the process step by step.
To get started or answer questions, contact our experts at partnership@sans.org today.

Training Expertise
SANS has a wide variety of training from entry-level to expert. Select courses are available at up to 50% off for qualifying organizations.
The instructor made this course worthwhile. I truly appreciated his teaching style and his excellent knowledge of the subject matter.” – City Employee

Secure your entire organization with hands-on training on security awareness. Interactive learning reinforces key cybersecurity concepts while simulations keep your team alert.
SANS’ security awareness platform enables access to both enterprise wide and role-based training to level up your workforce.

74% of breaches involved the human element, which includes social engineering attacks, errors or misuse.13
Verizon DBIR, 2023
Discounted pricing on SSA is available for eligible public organizations during the program buying windows.

Practice & Master Cyber Skills
GIAC Certifications are the world’s most recognized assurance of cybersecurity mastery.
GIAC credentials have been shown to increase cybersecurity confidence, employee retention, and ability to apply new skills.
Public organizations may add GIAC certifications to their program. Learn more at www.giac.org

Interactive simulations put your cybersecurity skills to practice. NetWars continuous is offered as a standalone purchase during the two program buying windows.

Frequently Asked Questions
The SANS Institute welcomes public, non-federal entities to access the benefits of the program.
What are the eligibility requirements to participate in the SLTT governments program? The program is open to state, provincial, local, municipal, county, tribal and territorial government agencies and government or community related non-profit organizations geographically located in North America.
What are the eligibility requirements to participate in the Educational Institutions program? The Educational Institutions program is open to accredited colleges, universities, research institutions, technical training institutions, K-12 schools, or university affiliate health systems or hospitals geographically located in the US or Canada.
Do the training credits purchased through this program expire? Training credits purchased through this program expire 12 months after we receive payment for your order. However, a future purchase of additional training credits through this program, will extend the expiration of any unredeemed training credits that remain in the account at the time of deposit.
Can the training credits purchased through this program be shared by multiple people in my organization? Yes, training credits may be used by any staff member of your organization with the approval of the voucher account administrator specified by your organization at the time of purchase.
When can I purchase and receive the program discounts? The best pricing is available for purchases placed during the two specified purchase program windows: Winter Dec 1 ­ Jan 31 and Summer Jun 1- Jul 31. Lesser discounts are available on voucher purchases between the two annual purchase windows.
What courses may be taken with the course credits purchased? Course credits purchase through the program may each be redeemed for one seat in any single SANS Long course (24+ CPE) taken in either SANS OnDemand or Live Online modalities.

Stop breaches before they start by training your staff to identify risk.
Who creates SANS’ awareness training modules? How often are they updated? The same SANS experts that teach our world-renowned technical courses work with content experts and adult learning scientists to create short-form content specifically intended to inform, empower, and change behavior. Courses are fully updated every 3 years.
Is the training licensed per module or “category”? Training is offered on a “library” basis ­ there are no “tiers” within the libraries. A purchase of our End User training provides access to the entirety of the library, including all updates and additions.
Are there resources we could use to “promote” awareness outside of required training videos? “Engagement Materials” are offered for every topic area in our End User library and available for many of our shortform technical training topic areas as well. Co-brandable posters, newsletters, digital signage, and much more are available to help organizations promote cybersecurity awareness throughout the year.
Is there training available for technical roles that goes deeper than general awareness training? In addition to End User training, SANS offers shortform technical trainings for roles like Developer, IT Admins, and Business Leaders and Managers. These libraries help bridge the gap between general cybersecurity awareness training and a SANS technical course to ensure key technical roles are aware of the unique risks associated with their elevated levels of privileged access.
For more information visit sans.org/partnerships/sltt
End Notes
1. Forno, R. (2022, March 28) Local governments are attractive targets for hackers and are ill-prepared. Stanford.edu; Center for Internet and Society. 2. Starks, T., & DiMolfetta, D. (2023, October 11). The largest cyberattack of its kind recently happened. Here’s how. Washington Post; The Washington Post. 3. Zosel, S. (2022, July 11). Governments and the public sector lead the cloud sovereignty debate | Capgemini. Capgemini. 4. Main, K. (2023, July 17). Phishing Statistics By State In 2024. Forbes. 5. Barr, L. (2023, January 25). Baltimore schools cyber attack cost nearly $10M: State IG. ABC News; ABC News. 6. Calif. city officials restore 911 dispatching after cyberattack. (2023, July 28). EMS1 7. Sophos (2023, August) The State of Ransomware in State and Local Government 2023. 8. Hancock, A. (2024, January 5). Area city’s cyber attack: Functions restored, $350,000 spent, personal data issue in limbo. 9. Chapman, R. (2024, January 16) Ransomware Cases Increased Greatly in 2023 | Sans.org. 10. Brewster, T. (2021, May 14). Ransomware Hackers Claim To Leak 250GB Of Washington, D.C., Police Data After Cops Don’t Pay $4 Million Ransom. Forbes. 11. Kovacs, E. (2023, November 27). Hackers Hijack Industrial Control System at US Water Utility.SecurityWeek. 12. Lee, R. & Conway, T. (2022, November 7). The Five ICS Cybersecurity Critical Controls. Sans.org. 13. Verizon, (2023, June 6) Data Breach Investigations Report: frequency and cost of social engineering attacks skyrocket.

Launched in 1989 as a cooperative for information security thought leadership, it is SANS’ ongoing mission to empower cyber security professionals with the practical skills and knowledge they need to make our world a safer place.
We fuel this effort with high quality training, certifications, scholarship academies, degree programs, cyber ranges, and resources to meet the needs of every cyber professional. Our data, research, and the top minds in cybersecurity collectively ensure that individuals and organizations have the actionable education and support they need.
The SANS Institute 11200 Rockville Pike, Suite 200 North Bethesda, MD 20852 +1 301-654-SANS partnership@sans.org www.sans.org

References

• Cyber Security Training, Degrees & Resources | SANS Institute
• UK Cybersecurity Courses & Training: Online & In-Person | SANS Institute

Read User Manual Online (PDF format)

Download This Manual (PDF format)

Download this manual  >>