Sustainable, Hands-on, Community-driven and Multi-disciplinary Cybersecurity Skills Training to Meet Workforce Needs of Critical Infrastructure Sectors in Florida
A NIST RAMPS project executed by Cyber Florida
In Spring 2024, Cyber Florida was awarded a two-year, $200,000 grant from National Institute of Standards and Technology and renewed for an additional two years starting fall 2025 for their project, “Sustainable, Hands-on, Communitydriven and Multi-disciplinary Cybersecurity Skills Training to Meet Workforce Needs of Critical Infrastructure Sectors in Florida,” as part of their Regional Alliances and Multistakeholder Partnerships to Stimulate (RAMPS) Cybersecurity Education and Workforce Development (RAMPS Program).
The overall goals of the project are to
1. Build a strong community of CI entities, closely engaging within the RAMPS community.
2. Solicit and analyze core cybersecurity workforce needs across critical infrastructure (CI) sectors in Florida;
3. Design a semester-level and practical/hands-on cybersecurity training program for students that is to meet entry-level CI workforce needs;
4. Connect the cohort of trained students to critical infrastructure sectors via interns and full-time positions;
5. Evaluate outcomes across multiple metrics including student self-assessment, industry expert assessment, program sustainability and scalability across institutions and CI sectors in Florida.
Multiple critical infrastructure entities in Florida are in our RAMPS community. These are Tampa Airport, Tampa General Hospital, Talquin Coop, Seminole Electric and City of Tampa. Based on engagement with CI entities, we identified tangible
gaps in entry- level workforce needs across CI sectors in Florida in a broad sense and started designing a 14-week, hands-on training program for students. The program was also designed keeping in mind the components of the Workforce Framework for Cybersecurity (NICE Framework) published on March 5, 2024 by NIST. The framework is publicly available at and contains Task, Knowledge, and Skill (TKS) Statements; Work Role Categories and Work Roles; and Competency Areas in the realm of cybersecurity workforce. The framework is available at https://www.nist.gov/itl/ applied-cybersecurity/nice/nice-framework-resource-center/niceframework-current-versions.
Training Courses: Overview
We recruited our first cohort of five students in spring 2025 from the newly formed Bellini College of AI, Cybersecurity and Computing at the University of South Florida. The five students went through our 14week program, centered on three foundational pillars
1. Basic Security Blue Team Level 1 (BTL1) Training;
2. Industrial Control Systems Foundational Course via the Aligned Realistic Cyberattack Simulation (ARCS) range;
3. ICS/SCADA Security Essentials course offered by the SANS institute.
Students are eligible for a BTL1 certificate, and a Global Industrial Cyber Security Professional Certification (GICSP) in Industrial Control Systems upon completing 1) and 3). In addition, throughout the program, students are exposed to backdoors and breaches exercises, participate in mock security operations center (SOC) intelligence briefs, and also read state of the art research papers and trends in cyber centered critical infrastructure protection.
We have our next cohort of students starting in fall 2025, and you are welcome to engage with Cyber Florida/ our students in the program. Post training, we expect our students to meet internship and entrylevel workforce requirements in cybersecurity for critical infrastructure sectors in Florida.
SECURITY BLUE TEAM LEVEL 1 COURSE
This course helps professionals develop the foundational and practical skills required for technical defenders to monitor, analyze, and respond to cybersecurity threats, leveraging industry-standard tools and methodologies across digital forensics, threat intelligence, phishing analysis, SIEM operations, and incident response.
SANS/ICS SCADA SECURITY ESSENTIALS
This course empowers professionals who interact with Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems to understand, defend, and secure these environments against evolving cybersecurity threats. It builds cybersecurity awareness, operational understanding, and hands-on technical skills for protecting critical infrastructure.
To bring these courses to your critical infrastructure organization, contact: bjlangley@cyberflorida.org