Cyber Incident Planning & Response — NCSC Certified Training

Course 1120

  • Duration: 1 day
  • Language: English
  • Level: Foundation

Organisations continue to suffer from external and internal attacks, yet Cyber Incident Management is an afterthought in most companies. This course will enable you to prepare a defined and managed approach when responding to a data breach or attack on an information asset. The content is intended for senior management and business executives who wish to understand incident response better or are responsible for helping organisations plan and prepare for potential cyber threats and effectively deal with actual cyber-attacks. This course is not technical; therefore, there are no prerequisites.

Cyber Incident Planning & Response Delivery Methods

  • Online

  • Private Team Training

Cyber Incident Planning & Response Course Information

This course includes:

  • Threat Intelligence-led testing and response framework adopted by leading governments and institutions.
  • Deep dive into Cyber Kill Chain and design an early warning system to lower discovery time from months to days.
  • Understand, define and baseline “Normal” within your organisation and assess breach readiness.
  • Stop up to 90% of all cyber attackers in their tracks and before they breach your critical data.
  • Design and implement a response framework and build an effective cyber response team.
  • The “golden hour” and why it’s critical to managing an incident.
  • Secrets of managing TV reporters and media journalists.
  • Basic application of incident triage, OODA and the Diamond Methodology.
  • Analyse recent attacks and learn how these attacks avoided detection.
  • Learn about security incident orchestration and how it can help reduce your response time and human error.
  • Learn how to automate critical incident response tasks to increase employee efficiency.
  • Learn how to run effective tabletop exercises with management and your technical teams.
  • Continue learning and face new challenges with after-course one-on-one instructor coaching.

Prerequisites

There are no formal prerequisites for this course.

Cyber Incident Planning & Response Instructor-Led Training Outline

  • Breach notification
  • Before the Incident Mind Map underpin an effective breach ready
  • After the Incident Mind Map organisation.
  • Checklists
  • Crown Jewels
  • Process Workflows
  • The Cyber Kill Chain
  • Go Destroy
  • Log Data Analysis
  • Press Interview Scenarios
  • Crisis Comms Plan
  • Client and PR Communication Templates

In this Module, you will learn about:

  • Threat Actors in Detail
  • Threat Agents' Intent & Attributes
  • Detection and Response Strategies

In this Module, you will learn about:

  • What is incident orchestration?
  • Using incident orchestration to significantly reduce the time to - respond to data breaches
  • How to semi-automate and fully automate incident management
  • Using incident orchestration to empower and upskill existing staff
  • Incident orchestration as Force Multiplier
  • Using orchestration to increase compliance to - Forensic Principles regulations like GDRP - Seizing Evidence

In this Module, you will learn about:

  • Identifying Critical Systems and Assets
  • Understanding and Building the Organisational Baseline
  • Interactive session on applying these principles
  • Strategies for understanding operational weaknesses
  • Defining high-level cyber response process workflows

In this Module, you will learn about:

  • Understanding the technologies that underpin an effective breach ready organisation
  • Analysis of core technology requirements

In this Module, you will learn about:

  • Methods of Attack
  • Analysis of the Cyber Kill Chain
  • Review of Recent High Profile Attacks
  • Strategies to counter the Cyber Kill Chain

In this Module, you will learn about:

  • OODA Loop
  • The Golden Hour
  • Log Management

In this Module, you will learn about:

  • Creating/ adopting the checklist
  • Incident management checklist
  • Using the checklist to beat the hackers!

In this Module, you will learn about:

  • Detailed why and how
  • Actionable Threat intelligence

In this Module, you will learn about:

  • Integrity
  • Forensic Principles
  • Seizing Evidence

In this Module, you will learn about:

  • Crisis Comms Plans Management
  • Social Media & PR Key Steps
  • PR Case Study
  • Breach notification

In this Module, you will learn about:

  • Stakeholders - Who are they?
  • Legal, Compliance and Notifications

Need Help Finding The Right Training Solution?

Our training advisors are here for you.

Cyber Incident Planning & Response FAQs

Yes! We know your busy work schedule may prevent you from getting to one of our classrooms, so we offer convenient online training to meet your needs wherever you want, including online training.