Workforce Development
& Training

Innovative training to meet emerging threats

N&HS workforce development and training are a result of evolving collaboration, partnering and sharing of experts and research facilities. This approach matures technologies and methodologies from conceptual to deployment; leverages investments in expertise, research programs and technical infrastructure; and accelerates information sharing of discoveries and emerging threats.

Training Areas

CyberStrike Training

In today’s technologically advanced environment, the substations, generation centers, compressor stations, pumping sites, and control rooms that are responsible for our nation’s critical infrastructure systems may be connected to the internet…

Industrial Cybersecurity Community of Practice (ICSCOP)

The community of practice (COP) brings together professionals focused on industrial cybersecurity (ICS) education, training and workforce development…

Cyber Summer Camps

Cyber Summer Camps are a summer program designed in collaboration with Idaho National Laboratory’s Cybercore Integration Center and STEM K-12 program, University of Idaho, College of Eastern Idaho, Idaho Falls District 91…

Who We Help

This is a representation of INL’s 2019 participants in the DHS Industrial Control Systems Cybersecurity (301) course.
Image Slide 2
Training Participants - Energy Sector
Training Participants - Government Facilities
Training Participants - Chemical Sector
Water and Wastewater
Training Participants - Water and Wastewater
Transportation Systems
Training Participants - Transportation Systems
Training Participants - Nuclear Reactors, Materials, Waste
Multiple Sectors
Training Participants - Multiple Sectors
Critical Manufacturing
Training Participants - Critical Manufacturing
Information Technology
Training Participants - Information Technology
Training Participants - Defense Industrial Base
Training Participants - Dams
Training Participants - Chemical
previous arrowprevious arrow
next arrownext arrow

ICS Community of Practice

The community of practice brings together professionals focused on industrial cybersecurity education, training and workforce development efforts throughout government, academia, and industry. The foundation of the group will leverage some of INL’s existing research to align training frameworks and assessment frameworks, currently expressed in our CYBER-CHAMP© maturity model and other recent analysis and industry pilots.

Follow-up activities and workshops will:

  • integrate stakeholders and practitioners with similar interest in a consolidated framework,
  • develop common views on career pathways in OT cyber security, and
  • map foundational pedagogical paradigms to educate and train our workforce.

Cyber-CHAMP Framework

Cybersecurity Competency Health and Maturity Progression Model

ics community of practice

Education & Training Workshops

Establishing standards and impacting economic and workforce development.

national and homeland security, homeland security, national security, nhs, n&hs, critical infrastructure, security research

ICS Workforce Manager's Guide

This is the first in a series of guidebooks dedicated to developing an industrial cybersecurity workforce.


NHS Workforce Development and Training Capabilities

N&HS training and exercises emphasize multi-agency collaboration, partnering and sharing of experts and research facilities. This approach accelerates the maturation of technologies and methodologies from the conceptual to deployment stages; optimizes the benefits of leveraging investments in expertise, research programs and technical infrastructure; and creates effective environments for immediate information sharing of discoveries and emerging threats.

Industrial Control Systems

N&HS develops and deploys training and exercises to enhance critical infrastructure security for industrial control systems. The following trainings are developed and conducted with support from the U.S. Department of Homeland Security and aligned with Cybersecurity and Infrastructure Security Agency certifications. INL offers training development virtually, in the classroom, and on location for a broad range of control systems cybersecurity topics, including:

  • Operational Security (OPSEC) for Control Systems
  • Differences in Deployments of ICS
  • Influence of Common IT Components
  • Common ICS Components
  • Cybersecurity within IT and ICS Domains
  • Cybersecurity Risks, Threats, and Vulnerabilities
  • Determining the Impacts of a Cybersecurity Incident
  • Attack Methodologies in IT and ICS
  • Mapping IT Defense-in-Depth Security Solutions to ICS

INL’s extensive critical infrastructure site and integrated laboratories also offer hands-on classroom training on the basics of industrial control systems security. We offer foundational courses open to everyone and intermediate to advanced customizable courses for industry and government.

Radiological Response

We develop and deploy required, advanced and customized individual and team training and exercises for National Guard Bureau’s Civil Support Team (CST) program. The exercise template developed by INL will build off of the ARDT and CST Team Training efforts and annual requirements. Templates can be used at RRTR or at the CST’s home state.


INL can provide sources, SMEs and RadCon support. Capabilities also include:

  • Advanced Radiation Detection (ARDT-CST) – required for all down range entry team members from each of the 57 CST teams and covers basic concepts review, responder math, PRND search and sweep tactics, DOE triage, react to post-RDD detonation, RDD review, equipment, and gamma spectrum field collection.
  • CST Team Training – training customized to commander’s objectives, which expands on the ARDT course by training the entire team to conduct PRND and Response to RDD missions. Emphasis is on command and control via MFK, decontamination, predictive modeling via HPAC, data packaging for DOE RAP/DHS via DOE Triage and RadResponder, and basic ARDT for non-survey team members.

For more information on Radiological Response Training, contact:

Nuclear Nonproliferation

PINS Operator – training in the basic physics, radiation safety, and operation and maintenance of the various PINS systems. The training is geared to the particular variant that the students possess.

Pyroprocessing for the Analyst – Discuss pyroprocessing purpose, methods, and proliferation concerns with nuclear materials security analysts.

IAEA PDDT Training – detection of plutonium diversion using IAEA techniques and approaches.

Instrumentation and Data Collection Methods – Instrumentation and Data Collections Methods for International Atomic Energy Agency (IAEA).

Nuclear Infrastructure, Assessment and Disablement Course (NIAD) – Provide US Army 20th CBRNE Command training on nuclear infrastructure, assessment and disablement (NIAD).


INL National Security Course Catalog

Training Title or TopicShort DescriptionHost or SponsorWho is this training for?LocationRegister or Contact InfoPhone
CISA Virtual Learning PortalWe offer several online training courses via the CISA Training Virtual Learning Portal (VLP).DHSPublicVirtual
Cyber StrikeThis workshop enhances the ability of energy sector owners and operators in the U.S to prepare for a cyber incident impacting industrial control systems.DOEPublic, IndustryOn Customer Site, INL Campusmailto:daniel.noyes@inl.govDaniel Noyes: 208 526-0516
Cyber FireCyber Fire Foundry guides you through creating custom solutions for investigating cybersecurity incidents.DOEIndustryOn Customer Site, INL Campus
Army or Navy CyberThis is a short description providing detail about this trainingDODDODVirtual, INL Campus
aCCElerateCourse will provide participants with a fundamental knowledge of the CCE methodology focused on securing the nation’s critical infrastructure systems. Participants should be critical infrastructure owners, operators, vendors, and manufacturers.INLPublic, IndustryVirtual, INL
Intermediate Cybersecurity for Industrial Control Systems (201) Part 1This course builds on the concepts learned in the Introduction to ICS Cybersecurity (101) course. This course provides technical instruction on the protection of Industrial Control Systems using offensive and defensive methodsDHSIndustryVarious locations per DHSmailto:mark.permann@inl.govMark Permann: 208-526-8133
Intermediate Cybersecurity for Industrial Control Systems (202) Part 2This hands-on course is structured to help students recognize how attacks against Process Control Systems can be launched, why they work, and provides mitigation strategies to increase the cyber security posture of their Control Systems networks.DHSIndustryVarious locations per DHSmailto:mark.permann@inl.govMark Permann: 208-526-8133
Industrial Control Systems Cybersecurity (301)This course provides extensive hands-on training on understanding, protecting, and securing Industrial Control Systems (ICS) from cyber attacks and includes a Red Team/Blue Team exercise conducted within an actual Control Systems environmentDHSIndustryVirtual, INL Campus
Industrial Control Systems Evaluation (401)This instructor-led 5-day course provides hands-on training on how to analyze, evaluate, and document the cybersecurity posture of an organization’s Industrial Control Systems (ICS) for the purpose of identifying recommended changes.DHSIndustryVirtual, INL Campus

Contact Information

Michelle Farrell

Contact Information

Idaho National Laboratory