CT Cubed Inc.

Cybersecurity Maturation Methodology Course

Where Product Security meets Cybersecurity

Only publicly available course developed by The BOEING Company using proprietary processes focusing on the nexus of cybersecurity and product securityDelivered by CT Cubed Inc.

Upcoming Course: 17-21 October

Venue: Live Online

Sold out classes: 26-30 Sep & 7-11 Nov


The Boeing Company’s Cybersecurity Maturation Methodology (CMM) course was created in close coordination between Boeing Phantom Works and CT Cubed Inc. to fill a void in the professional education and training of Product Security Engineers, Systems Engineers, and Mission System Software Developers. CT Cubed Inc. leveraged experience gained from instructing at the US Air Force Weapons School’s Cyber Warfare Operations course to make the CMM course the success it is today.

Who Should Attend (Open to non-Boeing employees)
Recent engineering college graduates
Product Security Engineers
Systems Security Engineers
Mission Systems Software Developers
Boeing supplier and customer Engineers

vMOUSE in Action

What Students Will Learn

By taking the CMM course, students will learn realistic threats to embedded systems, current adversary tactics, and the appropriate selection of security controls within a financially constrained environment. Students will also gain hands-on experience with the CMM using Boeing Proprietary processes and documentation.
Students will be exposed to the entire production cycle from Request for Proposal to competitive demonstration. Students will learn to secure the platform each day as they work through challenging lab scenarios from attack tree development through risk analysis and security control tailoring. During the course capstone event, students will employ the lessons learned throughout the week against a thinking adversary and they will receive immediate feedback about their decisions.

5-DAY COURSE
Students Will Be Able To
Identify the unique challenges of embedded systems
Understand the strengths & weakness of common data buses
Recognize the unique defense-in-depth aspects of platform systems
Develop platform attack surface diagrams
Think like the adversary & develop attack tree diagrams
Conduct risk assessments & develop first and second pass risk cubes
Identify residual risk
Identify the necessary security controls for a given platform
Translate security controls into requirements to pass to suppliers
Balance platform performance & security requirements
Understand the “so what” behind compliance requirements
Make future-proof security design decisions and stop the “prisoner of legacy” condition
Apply Boeing’s proprietary CMM processes to give your company a competitive advantage


Syllabus

Academics

Boeing Defense, Space & Security (BDS) Cybersecurity Maturation Process (CMM) Overview
Security Architectures
Embedded Systems
Data Buses
System Integrity
Software Assurance
Defense-In-Depth

Labs

Attack Surface
Attack Trees
Risk Assessment: 1st Pass Risk Cubes
Security Controls Tailoring Part 1
Security Controls Tailoring Part 2
Residual Risk: 2nd Pass Risk Cubes

Capstone

Live gamification play as students take on the role of the operator
Multi-round competitive down-selection between student teams

vMOUSE

The vMOUSE links all lessons and labs together. It is an unclassified, strictly academic, virtual, online learning environment. It supports other course material such as the vMOUSE concept of operations (CONOPS), attack surface, and information system boundary. The vMOUSE itself is a system-of-systems that includes communications, navigation, identification (CNI), system storage, sensors, vehicle management, and mission computer subsystems.


Reviews

Press

As featured on Boeing News Now article: Not Just Any Game of Cat and Mouse Boeing-developed cybersecurity course offers interactive hands-on training to engineers, suppliers and customers.

Student Experiences

It is a course that largely covers what would normally encompass skills gained over the course of years. I think ALL product security folks, no matter time in company, should take this class.”

– Boeing Senior Product Security Engineer

I think you packed a lot of information and thought process in a short period of time, and delivered it in a fun, engaging way! I really enjoyed your knowledge, organization, and delivery of the material.’

– Boeing Senior Software Security Engineer

I really enjoyed your course! This training has definitely set a solid framework that I can use moving forward into this Industry.’

– Boeing Systems Security Engineer

Training and Pricing

After successfully completing the course, students will receive memo certifying the completion of the 40-hour CMM course. This memo can be used by students to server as proof when logging continuing education unit requirements for industry certifications.

Contact us for questions, scheduling, and pricing.

1-888-638-6814 | [email protected]

Colorado Springs
Las Vegas
Milwaukee