Cyber Crisis & Communications Planning
-
COURSE DATES AND LOCATIONS
DATE
Duration
LOCATION
FEES
Book Now
-
INTRODUCTION
Incident response is the last line of defense, detecting and efficiently responding to incidents requires strong management processes, and managing an incident response team requires special skills and knowledgeو On the other hand the crisis communications plan is a vital part of emergency preparedness and response. An organization’s success in managing a crisis event is dependent, in part, upon its ability to communicate. Such communication plays a fundamental role in maintaining the trust of internal and external stakeholders, So in this course we will discusses how to manage an incident response team, how the first responder act, given the frequency and complexity of today’s cyber attacks, incident response is a critical function for organizations. we will talk about the first responder role, the concept of Incident Response, identify and analyze the incident and basics of Incident handling and management, finally we will Know the Cyber Crisis & Communications Planning.
-
COURSE OBJECTIVES
By the end of the course, you‘ll be able to:
- The specificities of cyber crisis management
- Crisis communication
- Ability to develop, implement, and lead cyber security risk management
- Knowledge applicable laws, regulations, and standards
- Skills to create a unique cybersecurity incident response plan
Practical knowledge of the operational changes - Structuring and mobilizing the crisis unit and key resources
- Understanding the specificities of a cyber crisis
- Managing and deciding in crisis situations
- Communicating effectively in times of crisis
- Manage the return to normal and develop the organization
-
COURSE AUDIENCE
This course is made for :
- IT Developers
- Software Specialists
- Web Application Designers
- Risk Management team
- Compliance officers
-
COURSE OUTLINE
Day One
Talking to or working with, the attackers
- Understanding what results the attackers are trying to achieve
- Choosing a communications medium
- Attacker media and common methods
- Proxies, trusted 3rd parties and attacker reputation
- Trying to control the narrative
- Understanding what the attackers have
- Options and impacts
- The cost of doing nothing
- Is paying the attackers really an option?
Tracking the Incident, tasks, people and progress
- Review of the functions we might want to include in our IM solution
- Incident Trackers and what they can look like
- Evidence management
- Task and work tracking
- Building the right solution for the organisation
- Using Google Docs as an emergency IM Platform
Day Two
Remediation of network and data damage
- Types of Remediation system & data
- Tracking the remediation
- CIMTK: CC Systems and users impacted
- Categorizing exposed assets
- Identifying who owns the data
- Documenting and notifying impacted parties – Counter Compromise Activities
Day Three
Reporting and documenting the case
- When do you start the report?
- Types of reports
- What goes in the report?
- Graphics are great!
- Getting input, support and consensus
- Control and access to the reports
Day Four
Planning the closure of the Incident
- Reviewing the task and key objectives
- What is BAU for the impacted teams?
- What’s the team up to?
- Running a FRCA
- Handing things over to others
- Breaking up the team
Day Five
Developing the wider team
- Why train others?
- Training the wider organization
- Planning enterprise-wide training
- Developing and running Cyber Incident Exercises