Cyber Security Training by Merit Professional Development

U-M IT staff have asked for IT security training, and, to meet this need, Information Assurance (IA) has purchased a limited number of seats in several Merit training courses throughout the 2017-18 academic year. Implementation of the university's new information assurance program, as outlined in the proposed new IT Security Policy, depends on knowledgeable staff throughout the university. Staff members from the UM-Ann Arbor, Michigan Medicine, UM-Dearborn, and UM-Flint campuses are being invited to attend.

Course Information

Certified Cloud Security Professional (CCSP)

  • Audience: By invitation-only. Information Assurance security staff will be asked to complete this training.
  • Total Participants: Four sessions, total of 80 seats.
  • Format: Five-day session.
  • Description: This is a hands-on experience on information security risks and mitigation strategies for emerging cloud computing technologies. This course is appropriate for those well versed in IT and information security, with some experience in cloud computing

Certified Secure Web Application Engineer (CSWAE)

  • Audience: By invitation-only. Web application developers will be invited.
  • Schedule: Two sessions, total of 40 seats.
  • Format: Five-day session.
  • Description: This cyber security course is designed to equip attendees with the knowledge and tools needed to identify and defend against security vulnerabilities in software applications. Students will put theory to practice by completing real world labs that include testing applications for software vulnerabilities, identifying weaknesses in design through architecture risks analysis and threat modeling, conducting secure code reviews and more. On the final day of training, students will complete a real world hacking exercise on a live web application.

Secure Coding Workshop

  • Audience: By invitation-only. Application developers who work on university-wide or unit systems will be invited.
  • Schedule: Three sessions, total of 40 seats.
  • Format: Half-day session
  • Description: This workshop delivers a detailed overview into fundamentals of security and secure coding. It features instructor-led lectures and hands-on exercises, in which students will learn how to identify security flaws early in the development process and how to design and code to eliminate these flaws. All examples and lessons are presented in a variety of programming languages.

The Threat at Your Doorstep: Cyber Security for Executives

  • Audience: By invitation-only. IT leadership in IT Commons, HITS, and ITS will be invited to participate.
  • Total Participants: Two sessions, total of 30 seats.
  • Format: Half-day session
  • Description: Provides information about the current threat landscape, social engineering, critical controls, common attack vectors, and more. Participants walk away with an in-depth overview of various types of hackers, social engineering attacks, and the role of security training programs. Attendees will also participate in a live phishing attack demo.