Workforce Development
& Training
Innovative training to meet emerging threats
Training Areas
CyberStrike Training
In today’s technologically advanced environment, the substations, generation centers, compressor stations, pumping sites, and control rooms that are responsible for our nation’s critical infrastructure systems may be connected to the internet…
Industrial Cybersecurity Community of Practice (ICSCOP)
The community of practice (COP) brings together professionals focused on industrial cybersecurity (ICS) education, training and workforce development…
Cyber Summer Camps
Cyber Summer Camps are a summer program designed in collaboration with Idaho National Laboratory’s Cybercore Integration Center and STEM K-12 program, University of Idaho, College of Eastern Idaho, Idaho Falls District 91…
Who We Help













ICS Community of Practice
The community of practice brings together professionals focused on industrial cybersecurity education, training and workforce development efforts throughout government, academia, and industry. The foundation of the group will leverage some of INL’s existing research to align training frameworks and assessment frameworks, currently expressed in our CYBER-CHAMP© maturity model and other recent analysis and industry pilots.
Follow-up activities and workshops will:
- integrate stakeholders and practitioners with similar interest in a consolidated framework,
- develop common views on career pathways in OT cyber security, and
- map foundational pedagogical paradigms to educate and train our workforce.

Cyber-CHAMP Framework
Cybersecurity Competency Health and Maturity Progression Model

Education & Training Workshops
Establishing standards and impacting economic and workforce development.

ICS Workforce Manager's Guide
This is the first in a series of guidebooks dedicated to developing an industrial cybersecurity workforce.
Capabilities
NHS Workforce Development and Training Capabilities
N&HS training and exercises emphasize multi-agency collaboration, partnering and sharing of experts and research facilities. This approach accelerates the maturation of technologies and methodologies from the conceptual to deployment stages; optimizes the benefits of leveraging investments in expertise, research programs and technical infrastructure; and creates effective environments for immediate information sharing of discoveries and emerging threats.

Industrial Control Systems
N&HS develops and deploys training and exercises to enhance critical infrastructure security for industrial control systems. The following trainings are developed and conducted with support from the U.S. Department of Homeland Security and aligned with Cybersecurity and Infrastructure Security Agency certifications. INL offers training development virtually, in the classroom, and on location for a broad range of control systems cybersecurity topics, including:
- Operational Security (OPSEC) for Control Systems
- Differences in Deployments of ICS
- Influence of Common IT Components
- Common ICS Components
- Cybersecurity within IT and ICS Domains
- Cybersecurity Risks, Threats, and Vulnerabilities
- Determining the Impacts of a Cybersecurity Incident
- Attack Methodologies in IT and ICS
- Mapping IT Defense-in-Depth Security Solutions to ICS

INL’s extensive critical infrastructure site and integrated laboratories also offer hands-on classroom training on the basics of industrial control systems security. We offer foundational courses open to everyone and intermediate to advanced customizable courses for industry and government.
Radiological Response
We develop and deploy required, advanced and customized individual and team training and exercises for National Guard Bureau’s Civil Support Team (CST) program. The exercise template developed by INL will build off of the ARDT and CST Team Training efforts and annual requirements. Templates can be used at RRTR or at the CST’s home state.

INL can provide sources, SMEs and RadCon support. Capabilities also include:
- Advanced Radiation Detection (ARDT-CST) – required for all down range entry team members from each of the 57 CST teams and covers basic concepts review, responder math, PRND search and sweep tactics, DOE triage, react to post-RDD detonation, RDD review, equipment, and gamma spectrum field collection.
- CST Team Training – training customized to commander’s objectives, which expands on the ARDT course by training the entire team to conduct PRND and Response to RDD missions. Emphasis is on command and control via MFK, decontamination, predictive modeling via HPAC, data packaging for DOE RAP/DHS via DOE Triage and RadResponder, and basic ARDT for non-survey team members.
For more information on Radiological Response Training, contact: Bryon.Marsh@inl.gov
Nuclear Nonproliferation
PINS Operator – training in the basic physics, radiation safety, and operation and maintenance of the various PINS systems. The training is geared to the particular variant that the students possess.
Contact: Edward.Seabury@inl.gov
Pyroprocessing for the Analyst – Discuss pyroprocessing purpose, methods, and proliferation concerns with nuclear materials security analysts.
Contact: Jeff.Sanders@inl.gov
IAEA PDDT Training – detection of plutonium diversion using IAEA techniques and approaches.
Contact: Amanda.Rynes@inl.gov
Instrumentation and Data Collection Methods – Instrumentation and Data Collections Methods for International Atomic Energy Agency (IAEA).
Contact: Amanda.Rynes@inl.gov
Nuclear Infrastructure, Assessment and Disablement Course (NIAD) – Provide US Army 20th CBRNE Command training on nuclear infrastructure, assessment and disablement (NIAD).
Contact: Troy.Garn@inl.gov

INL National Security Course Catalog
Training Title or Topic | Short Description | Host or Sponsor | Who is this training for? | Location | Register or Contact Info | Phone |
---|---|---|---|---|---|---|
CISA Virtual Learning Portal | We offer several online training courses via the CISA Training Virtual Learning Portal (VLP). | DHS | Public | Virtual | https://ics-training.inl.gov/learn | |
Cyber Strike | This workshop enhances the ability of energy sector owners and operators in the U.S to prepare for a cyber incident impacting industrial control systems. | DOE | Public, Industry | On Customer Site, INL Campus | mailto:daniel.noyes@inl.gov | Daniel Noyes: 208 526-0516 |
Cyber Fire | Cyber Fire Foundry guides you through creating custom solutions for investigating cybersecurity incidents. | DOE | Industry | On Customer Site, INL Campus | https://cyberfire.training/foundry/ | |
Army or Navy Cyber | This is a short description providing detail about this training | DOD | DOD | Virtual, INL Campus | http://linktoregister.com | |
aCCElerate | Course will provide participants with a fundamental knowledge of the CCE methodology focused on securing the nation’s critical infrastructure systems. Participants should be critical infrastructure owners, operators, vendors, and manufacturers. | INL | Public, Industry | Virtual, INL Campus | mailto:cce@inl.gov | |
Intermediate Cybersecurity for Industrial Control Systems (201) Part 1 | This course builds on the concepts learned in the Introduction to ICS Cybersecurity (101) course. This course provides technical instruction on the protection of Industrial Control Systems using offensive and defensive methods | DHS | Industry | Various locations per DHS | mailto:mark.permann@inl.gov | Mark Permann: 208-526-8133 |
Intermediate Cybersecurity for Industrial Control Systems (202) Part 2 | This hands-on course is structured to help students recognize how attacks against Process Control Systems can be launched, why they work, and provides mitigation strategies to increase the cyber security posture of their Control Systems networks. | DHS | Industry | Various locations per DHS | mailto:mark.permann@inl.gov | Mark Permann: 208-526-8133 |
Industrial Control Systems Cybersecurity (301) | This course provides extensive hands-on training on understanding, protecting, and securing Industrial Control Systems (ICS) from cyber attacks and includes a Red Team/Blue Team exercise conducted within an actual Control Systems environment | DHS | Industry | Virtual, INL Campus | https://us-cert.cisa.gov/ics/Calendar | |
Industrial Control Systems Evaluation (401) | This instructor-led 5-day course provides hands-on training on how to analyze, evaluate, and document the cybersecurity posture of an organization’s Industrial Control Systems (ICS) for the purpose of identifying recommended changes. | DHS | Industry | Virtual, INL Campus | https://us-cert.cisa.gov/ics/Calendar |