Application Deadline: May 27, 2022

Academy Dates: August 3 September 30, 2022

What Is ISLA?

The Information Security Leadership Academy (ISLA) is a unique and rigorous 9-week program aimed at preparing the state’s security workforce for the critical roles of Information Security Officer (ISO), Agency Information Security Officer (AISO), or an expanded role within their department’s security office. The academy incorporates security best practices, National Institute of Standards and Technology (NIST) risk and security control frameworks, California-specific policy, standards, and compliance, and Information Security program management skills. Participants will have the opportunity to interact with the state’s security leaders and take part in a dynamic simulation experience, as well as complete the Certified Information Security Manager (CISM) training and exam in preparation for the CISM certification.

ISLA registration is open to the public sector Information Security personnel (e.g. state, county, and city agencies), tech-savvy IT, and aspiring ISOs passionate about security. Ideal candidates are currently working in an IT security management or supervisory position.

Cost

The total program cost is $4,800 per participant.

 This cost does not include a 17% cost distribution fee charged by the Department of Technology (CDT) which is our standard practice and will be included in the direct billing. For more information, please see CDT’s Service Rates webpage.

How It Works

ISLA participants will develop and enhance their security skills through both formal training and the Certified Information Security Manager (CISM) exam at the end of their program experience. Students will receive advanced training on state-specific security requirements and compliance as well as expand their leadership skills in a variety of areas. Program participants learn from security experts, participate in practical workshops, and complete a cyber-response simulation and exercise. To ensure their experience within the academy is meaningful and valuable, the ISLA Program Coach(es), and Program Advisor(s) mentor participants throughout the program.

Remote training sessions will be conducted online using Zoom as the remote delivery platform. Therefore, students are expected to have a functioning camera and microphone to fully participate in all remote class sessions. If feasible and depending on instructor availability and student interest, some class sessions will be delivered in-person.

Professional Development

Participants will complete the Certified Information Security Manager (CISM) training and exam in preparation for certification. Participants will acquire formal training on FIPS 199/200 and the Risk Management Framework (RMF). The state-of-the-art training program also includes critical coursework for the state’s security workforce, including Information Security Leadership Foundations, Emotional Intelligence, Cyber First Responder, Threat Hunting, Conflict and Negotiation, Communication and Effective Presentations, and How to Be a Trusted Advisor, to name a few.

Throughout the academy, participants will network with their peers, Program Coaches, Program Advisors, security professionals, and other executives who are at the forefront of the state’s security efforts.

How To Apply

The ISLA application period is now open and closes at 5:00 p.m. on May 27, 2022. The following documents must be submitted for your application to be considered complete and scored:

For further information and/or to address questions, please contact the Office of Professional Development (OPD) at OPD@state.ca.gov.

Frequently Asked Questions

What is the cost for ISLA?

The cost for the 2022 academy is $4,800 per participant and is paid for by the student’s department/agency.

This cost does not include a 17% cost distribution fee charged by the Department of Technology (CDT) which is our standard practice and will be included in the direct billing. For more information, please see CDT’s Service Rates webpage.

When does ISLA start and end?

The 2022 ISLA will take place from August 3 – September 30, 2022.

What are the core hours for the training? 

Core hours for ISLA are 9 a.m. – 4:00 p.m., whether remotely or in-person. To verify connectivity, remote class sessions will be open at 8:30 a.m. Students are encouraged to log in to sessions early to network and chat with one another.

What is the time commitment required for this academy?

While the training schedule varies depending on the week, participants can generally expect to be engaged in training an average of 3-5 days a week. This does not include time needed outside of class to study for and complete the CISM Exam, which is intended to serve as the culminating experience for the academy.  Before applying, candidates should ensure they are able to commit to both completing a rigorous course schedule as well as prepare for and complete their CISM Exam.  

 A program schedule which outlines all scheduled courses and dates will be provided by the Office of Professional Development (OPD) staff upon acceptance into the academy.

How will class sessions be conducted, and what are the technical requirements for attending?

Remote training sessions will be conducted online using Zoom as the remote delivery platform. Therefore, students are expected to have a functioning camera and microphone to fully participate in all remote class sessions. If feasible and depending on instructor availability and student interest, some class sessions will be delivered in-person.

ISLA will be using Microsoft Teams to house all program-related documents and Zoom will be the primary delivery medium for all remote class sessions. Students must be able to access these platforms.

What specific topics are covered in the 2022 curriculum?

The course topics have been carefully selected by the Executive Sponsor, Program Coaches, Program Advisors, and OPD management to provide a combination of both technical and leadership skills critical for the state’s Information Security workforce. Below is a tentative course listing for the 2022 program. Please note that course topics may be subject to change and that circumstances beyond our control may require adjustments to the program schedule. In addition, it is important to note that refunds will not be provided after the onset of the program (see below for further details on our refund policy).

  • Certified Information Security Manager (CISM) training and exam
  • FIPS 199/200 and Risk Management Framework
  • Threat Hunting
  • Creating a Ransomware Response Plan
  • Communication and Effective Presentation Skills
  • Information Security Leadership Foundations with AISO and AIO Panel
  • Emotional Intelligence
  • Organizational Change Management
  • How to Be a Trusted Advisor
  • Cyber First Responder
  • Transformation Through Conflict and Negotiation
  • California Department of Technology Security Operation Center (SOC) Overview
  • California Cyber Security Integration Center (Cal-CSIC) Deep Dive & Threat Brief
  • Diversity and Inclusion
  • Executive Speaker Day

What level of expertise and experience are you seeking from a candidate?

The ISLA welcomes applications from Information Security personnel, tech-savvy IT, and aspiring Information Security Officers (ISOs) who are passionate about security. Ideal candidates are currently working in an IT security management or supervisory position. Participants in the academy are selected from the public sector e.g., state, county, and city agencies and departments.

How are candidates selected?

With a limited number of spots in the academy, the application process is highly competitive. Participants are selected based on the quality and thoughtfulness of their application responses.

Do I have to attend all the training sessions to remain in the academy?

ISLA covers a great deal of curriculum in its 9-week period. While some absences are unavoidable (e.g., illness), the maximum allowable absences is three (3). There are no make-up sessions for courses missed, and students who exceed this limit will be withdrawn from the academy. Therefore, if you have vacation or other planned time off during the academy that will significantly interfere with your participation, you are encouraged to apply for a future cohort that will not have conflicting dates.

While ISLA is extremely rewarding, it is also a rigorous academy effort which requires students attend class sessions 3-5 days per week in addition to preparing for and completing the CISM Exam. Therefore, before applying, it is strongly recommended that interested candidates have a frank conversation with their immediate supervisor about the commitment level associated with this academy and the possibility that their workload may need to be redistributed if accepted.

Interested candidates who do not have the time to commit to this program or need a more economical alternative for training are strongly encouraged to consider registering for our Cybersecurity Boot Camp. This program is also geared for senior or managerial Information Security professionals who wish to expand or refresh their foundational skills in cybersecurity methodology and best practices but is only four weeks long and does not include the CISM certification component. To learn more, please visit our Cybersecurity Boot Camp webpage, which describes the program in greater detail.

If I drop out of the academy after it starts or if I am withdrawn due to excessive absences, will my department receive a refund?

Students who wish to drop out must do so no later than ten business days before the academy’s start date or your department will be charged the full program amount. Those who drop from the academy less than ten days from the program start date, or who are withdrawn due to excessive absences, will also incur charges to their department for the full amount of the program.

Where do I direct my questions?

Please contact the Office of Professional Development for questions and further information at OPD@state.ca.gov.