Divisions » Information Security Office (KISO)

Kansas Plains Cyber Guardian

PCG LOGO 7 Flipped

Kansas Plains Cyber Guardian 2025

Hosted by the Kansas Information Security Office (KISO) and Office of Information Technology Services (OITS).

 

Event at a Glance

  • Dates: Aug 18–22 & Aug 25–29, 2025
  • Format: Week 1 – In-person in Topeka & Wichita, Week 2 – Online “live-fire” simulation
  • Audience: Public-sector cybersecurity and IT staff
  • Cost: Free to eligible participants
  • Registration: Closed

 

Overview

Kansas Plains Cyber Guardian (KPCG) is a specialized, two-week cybersecurity training and cyber range exercise under the Kansas Information Security Office’s (KISO) CyberSecurity Collaboration & Preparedness (CSCP) program. It blends expert-led instruction with immersive, real-world simulations, ensuring participants gain the skills to detect, analyze, respond to, and recover from sophisticated cyber threats.

KPCG brings together cybersecurity professionals from state and local agencies, industry partners, educational institutions, and federal organizations to strengthen Kansas’ cyber resilience through shared expertise and coordinated defense.

 

Leadership Perspective

State leadership shares why Kansas Plains Cyber Guardian is a critical investment in our cyber future.

 

“Kansas Plains Cyber Guardian is more than a training event — it’s a coordinated effort to strengthen the digital backbone of our state. By investing in the skills of our public-sector professionals, we’re ensuring that Kansas can anticipate, withstand, and recover from the cyber threats of today and tomorrow.”
— Jeff Maxon, Chief Information Technology Officer (CITO), State of Kansas

 

“This program is a cornerstone of our statewide CyberSecurity Collaboration & Preparedness initiative. By bringing together IT and security professionals from across Kansas in a real-world, hands-on environment, we’re building a united defense that protects our agencies, our communities, and our citizens.”
— John Godfrey, Chief Information Security Officer (CISO), State of Kansas

 

Why Participate?

  • Hands-On Experience: Learn in practical labs and simulated “live-fire” events using OffSec’s enterprise training and range platform.
  • Expert Instruction: Train with Applied Technology Academy (ATA) instructors, leveraging their industry experience and OffSec methodologies.
  • Enhanced Resiliency: Improve your organization’s readiness to defend against advanced threats.
  • Certification Opportunity: Eligible participants completing Week 1 can earn the OffSec Defense Analyst (OSDA) certification.
  • Networking & Collaboration: Build lasting connections with cybersecurity professionals from across agencies, disciplines, and sectors.

 

Agenda at a Glance

Date

Format / Location

Focus

Pre-Event

Self-paced, online

SOC-100 foundational modules: Linux Basics 1 & 2, Windows Basics 1 & 2, Networking Basics

Aug 18–22

In-person – Topeka & Wichita

SOC-200: Security Operations & Defensive Analysis (OSDA) – incident detection, SIEM use, attacker methodologies, lab-based defensive skills

Aug 25–29

Online “live-fire” cyber range exercise

Red Team vs. Blue Team engagements, enterprise defense, coordinated incident response, recovery planning

 

 

Pre-Event Preparation

SOC-100 Self-Paced Training - For those new to cybersecurity or in need of a refresher, participants complete self-paced online modules covering:

  • Linux Basics 1 & 2
  • Windows Basics 1 & 2
  • Networking Basics

 

Week 1 – In-Person Training (Aug 18–22)

Course: SOC-200: Security Operations & Defensive Analysis (OSDA)
Locations: Topeka and Wichita
Focus Areas:

  • Incident detection and response fundamentals
  • Guided audits of compromised systems (Windows & Linux)
  • Attacker methodologies (MITRE ATT&CK®, Kill Chain)
  • SIEM use for real-time attack assessment
  • Credential abuse, web application attacks, privilege escalation, lateral movement, and persistence detection.

 

Week 2 – Cyber Range Exercise (Aug 25–29)

Format: Online / Distributed Teams
Focus Areas:

  • Red Team vs. Blue Team engagements
  • Defending enterprise-scale network architectures
  • Coordinated incident response under simulated attack
  • Recovery planning and lessons learned

 

Week one in the books!

Week one started with a kickoff with all locations across Kansas. Then down to the serious business, ninety students participated in the Security Operations Center 200 Training. Kansas hosted students from hospitals, school districts, cities, counties and the Kansas Army and Air National Guard.  Students learned about threat actors and common attack vectors and what to look for when it comes to different types of cyber events.

Jeff M Kickoff

Jeff Maxon, Chief Information Technology Officer, State of Kansas launches the Kansas Plains Cyber Guardian Training.

John G KickoffJohn Godfrey, Chief Information Security Officer, State of Kansas explains the importance of resiliency and the ability to detect and respond quickly to cyber incidents.

Distinguished Visitor Day

On Wednesday August 27, 2025, the Kansas Information Security Office (KISO) and Office of Information Technology (OITS) hosted distinguished visitors from the State and Federal Legislature, the Governors Cabinet, and other elected officials to visit the Kansas Plains Cyber Guardian Exercise and see firsthand what cybersecurity exercises encompass. This event was covered by the local media.  (See links below)

WIBW

https://www.wibw.com/2025/08/27/kansas-plains-cyber-guardian-hosts-officials-cybersecurity-training/

KSNT

https://www.ksnt.com/video/cybersecurity-event-trains-state-employees-against-threats/11023075/

Resources

  • For questions about registration, eligibility, or logistics, email KISO@ks.gov or call 785-221-5041.

kiso-seal-3