OVERVIEW
Cyber breaches can cost an organisation millions of dollars in repairs and recovery, and it is unsure if the organisation can even fully recover back to its pre-incident state. No one can predict or pick when an organization will face a major cyber incident, but one can choose the level of preparedness when incident takes place. While there are broad technical aspects to cyber incidents, there is also a myriad of other activities that generally falls to executives, managers, legal, press, and human relations staff. These include communicating both internally and externally, considering the battle rhythm and taking a look at methodologies for tracking information gathered and released to the public.
Cyberattacks: It’s Not The Matter Of If, But When...
The cybersecurity response process begins with the initial incident assessment, where incidents are detected, reported, and triaged. Once an incident is identified, the investigation moves on to evidence preservation, emphasizing the importance of maintaining the integrity and chain of custody of potential evidence. Response methodology plays a crucial role in gathering information and conducting forensic analysis. This involves collecting and analysing data, examining network traffic and logs, and interviewing witnesses and involved parties. The goal is to identify attack vectors, entry points, and potential sources of compromise. Having a cybersecurity incident response process is crucial for organizations to effectively respond to cyber threats. By following a structured response process, organizations can uncover critical information about the incident, apply appropriate remediation measures, and prevent future occurrences. A robust cybersecurity response process is a cornerstone of an organization's overall cybersecurity strategy.
This 2 days training endeavours to help those whose roles may require them to respond to a cyber-attack or breach. Participants will gain the knowledge and skills necessary to establish a prompt and effective response to cybersecurity incidents. This response aims to minimize the damage caused by the attack by swiftly identifying and containing the incident during the investigation phase. Through these proactive measures, organizations can prevent the escalation of the incident, including further compromise of systems, data theft, financial losses, and reputational damage. This course empowers you to become an effective incident management team member or leader and ensure a clear understanding of the different issues facing incident commanders. As well as becoming comfortable with terminology, you will understand what preparatory work you can undertake at different stages to help you get ahead of the situation.
HIGHLIGHT: Case scenarios, group discussions, team-based exercises on designing & implementing a response framework and building an effective cyber response team.
LEARNING OBJECTIVES
- IDENTIFY the types of cyber threats, where and how to track the incident
- UNDERSTAND the issues and challenges in handling security incidents
- ESTABLISH security incident processes, policies, and procedures
- DEFINE the incident management team's objectives
- RECOGNISE the importance of managing team under pressure
- GUIDE on Knowledge in the communication and coordination issues
- PROVIDE information to Cyber Security Incident Response Team (CSIRT)
- PLAN and control communication with stakeholders when managing incident
- ANALYSE and assess the impact of computer security incidents
- BUILD and test responses for various types of computer security incidents
CLICK HERE to see more
Other Workshops:
