RESOURCES PAGE

One place for you to find all you may need

Cyber Incident Response Plan Template
Cyber Incident Response Plan Template
Easy to understand guidance on Cyber Incident Planning & Response

One of the key artefacts you need to produce as part of your planning for responding to a cyber attack is a Cyber Incident Response Plan. A document that guides you on what actions to take and how to take those actions. 

30 Tabletop Scenarios
Top Cyber Tabletop Exercise Scenarios, Assets & Threat Actors
Created at our flagship Wisdom of Crowds events.

This list contains the top Cyber Security Tabletop Exercise Scenarios that you must rehearse in 2023. It also contains crowdsourced knowldge on the top Asset Categories that you must prioritise and the biggest Threat Actors to watch out for. 

Ransomware  Checklist - Preparation Readiness
Ransomware Readiness Checklist
Free 9-step ransomware prevention checklist

Download our ransomware prevention checklist to boost your ransomware readiness.

CMA-10-Steps-Reduce-Cyber-Ins
10-Step Checklist to Reduce Your Cyber Insurance Premium
Improve the Likelihood of Better Cyber Insurance Premiums

Cyber attacks are unbelievably costly to indemnify and the costs obviously get translated into higher cyber insurance premiums. 

But there are steps that you can adopt today to improve your chances of negotiating a better cyber insurance premium on your policy. 

Ransomware Response
Ransomware Attack Response Workflow
Free Ransomware Response Guide

Free, no-nonsense ransomware response guide on what to do when you’ve been hit by a ransomware attack.

Cyber Essentials Checklist
Cyber Essentials Checklist
A Simple, Non-Technical Checklist To Help You Prepare For Cyber Essentials

Why Cyber Essentials & How Do I Prepare for Cyber Essentials? This Checklist answers both these fundamental cybersecurity questions.

CMA Insurance Services Brochure
10 CM-Alliance Services To Help Lower Cyber Insurance Premiums
How we can help you negotiate better Cybersecurity Insurance Premiums

This document contains a list of 10 specific services rendered by Cyber Management Alliance which can not only help you achieve greater cyber resilience but also improve your chances of lowering your cyber insurance premiums.

Ransomware Response Checklist Golden Hour
Ransomware Response Checklist
Download our FREE Ransomware Incident Response Checklist.

Easy, non-technical ransomware incident response checklist on how to respond to a ransomware attack

Solarwinds Timeline Summary
Cyber-attack Timeline: SolarWinds
An informational visual timeline of the attack.

An informational visual timeline of the the Solarwinds cyberattack, we have created a visual timeline and an accompanying detailed report.  

CMA-easyJet-Summary-170321
Easyjet Cyber-attack timeline
An informational visual timeline of the attack.

Another informational visual timeline of an attack. For the Easyjet cyberattack, we have created a visual timeline and an accompanying detailed report.  

Timeline Small Image
Travelex Cyber Attack Timeline
An informational visual timeline of the attack.

Incident Response is our passion and we study and analyse cyber-attacks to create an informational visual timeline of attacks. For the Travelex cyberattack we have created a visual timeline and an accompanying detailed report.  

Cyber Crisis Tabletop Exercises Checklist
Cyber Crisis Tabletop Exercise Checklist
Are you thinking of running a cyber scenario tabletop exercise to test your existing incident response plans and procedures?

Download our Cyber Crisis Tabletop Exercise (CCTE) checklist and ensure you have thought about all the different aspects of running a successful tabletop exercise.

Remote Working Cybersecurity Checklist
Remote Working Cybersecurity Checklist
An easy to understand, to-the-point checklist covering various aspects of working remotely.

In this PDF, we cover guidelines on topics including:

  1. Cybersecurity 
  2. Privileged Users
  3. Online meetings
  4. GDPR & Privacy
  5. Backups and more
BARRACUDA SUMMARY
Barracuda Email Security Gateway
An informational visual timeline of the attack.

For the Barracuda Email Security Gateway Hack, we have created a visual timeline and an accompanying detailed report.  Download it now. 

Royal Mail Timeline
Royal Mail Attack Timeline
An informational visual timeline of the attack.

We study and analyse cyber and ransomware attacks to create informational visual timelines.

For the Royal Mail Ransomware Attack, we have created a visual timeline and an accompanying detailed report.  Download it now. 

create-playbook
Creating A Playbook
Review our detailed workflow on creating a cyber incident response playbook

This workflow, taken from our  NCSC-Certified Cyber Incident Planning and Response  course, shares the basics you need to know to create a cyber incident response playbook.  

 

Preparing for a Crisis Checklist
Preparing for a Crisis Checklist
Your Checklist on Ensuring You are Ready for a Cyber Crisis

Download our Preparing for a Crisis checklist and ensure you have thought about all the different aspects of managing a cyber crisis. 

define-breach-1
Defining A Data Breach
The Need for Common Taxonomy During a Cyber Attack

How do you communicate during the Golden Hour of a Cyber Attack? Download our Data Breach Definition document to find out.  

This workflow, taken from our  NCSC-Certified Cyber Incident Planning and Response  course discusses the concepts of taxonomy and the need to standardise communication channels during a cyber attack

threat-1
Selecting Threat Actors
Learn how to Identify Cyber Threat Actors who are out to harm your business

Learn how to Identify Cyber Threat Actors out to harm your business

This workflow, taken from our  NCSC-Certified Cyber Incident Planning and Response  course shares ideas on how to identify cyber threat actors or cyber adversaries that you can use to create your own Threat Actor Library.

WD SUMMARY
Western Digital Cyber Attack Timeline
An informational visual timeline of the attack.

For the Western Digital Cyber Attack, we have created a visual timeline and an accompanying detailed report.  Download it now. 

AIIMS Timeline Image
AIIMS Ransomware Attack Timeline
An informational visual timeline of the attack.

For the AIIMS Ransomware Attack, we have created a visual timeline and an accompanying detailed report.  Download it now. 

create-a-scenario-1
Before Creating A Scenario
Review this mind map before you create your attack scenarios

Having a cyber incident response plan without an attack scenario is like getting into a car and driving aimlessly.  You need to know your final destination. 

This mind map, taken from our  NCSC-Certified Cyber Incident Planning and Response course, points out the various components you need ready before you build your attack scenario.

Incident Plan
Top 5 Things For An Incident Response Plan

Before you do tear up your current incident response plan, take a look at our simple 5 points to consider and get right when creating a response plan.

This workflow, taken from our  NCSC-Certified Cyber Incident Planning and Response course. 

under-cyber
Under A Cyber-Attack?
10 point checklist!

There is no time during a cyber-attack. Use our 60 Second 10 points checklist to cover all your bases. 

This workflow, taken from our  NCSC-Certified Cyber Incident Planning and Response course. 

Document Security
Document Security
Protecting Documents and Data

If you want to understand more about the concepts, benefits, stages of implementation and services available surrounding document security technologies, download our document security mind map. 

GDPR Summary
GDPR Summary Sheet Personal Information
GDPR Checklist

In episode two of our General Data Protection Regulation (GDPR) mini-webinar series we discussed the collection of personal information and how it is guided by the six core principles.

Cloud Security
Cloud Security Checklists
Wisdom of Crowds

Crowd-Sourced PDF contains a number of checklists including:

  • Physical Security
  • Governance & Compliance
  • Incident Response and Availability
r-img.jpg
GDPR Checklists and Mind Map
Wisdom of Crowds

Checklists covering various topics including

  • Data Controller Checklist
  • CISO Checklist
  • DPO Checklist
  • GDPR Mind Map
GDPR Summary
GDPR Summary Sheet Applicability
GDPR Checklist
In episode one of our General Data Protection Regulation (GDPR) mini-webinar series we discussed the application of the regulation and some of the exemptions.
GDPR Templates
GDPR Preparation Kit
Multiple Documents and Checklists

A free GDPR preparation kit containing items such as: 

  • GDPR template emails and letters
  • Breach registers
  • FREE GDPR Training course
r-img.jpg
Data Breach Incident Response Plan
Mind Map

This mind map, taken from our  NCSC-Certified Cyber Incident Planning and Response course, outlines several areas that an organisation must focus on to be GDPR breach ready. 

Free CISSP Training
CISSP Mind Map
Mind Map

A CISSP resource and study aid to help you keep track of domains. An essential resources for all CISSP aspirants.

Download your copy today. 

GDPR Checklist
GDPR Summary Sheet Data Subject's Rights
GDPR Checklist
In episode three of our General Data Protection Regulation (GDPR) mini-webinar series, we discussed the rights of data subjects such as withdrawal of consent and the right to be forgotten under the GDPR.
GDPR Checklist
GDPR Summary Sheet Security by Design
GDPR Checklist
In episode four of our GDPR mini-webinar series, we discussed the principle of security by design in personal data processing systems and how to conduct a DPIA (Data Privacy Impact Assessment).
GDPR Summary
GDPR Summary Sheet Fines & Penalties
GDPR Checklist

In episode five of our General Data Protection Regulation (GDPR) mini-webinar series we discussed the fines and penalties which can be applied to various types of breaches.

GDPR Checklist
GDPR Summary Sheet The Data Protection Officer
GDPR Checklist

In episode six of our General Data Protection Regulation (GDPR) mini-webinar series we discuss the roles and responsibilities of the Data Protection Officer.

GDPR Checklist
GDPR Summary Sheet Incident Response
GDPR Checklist

In episode seven of our General Data Protection Regulation (GDPR) mini-webinar series we discussed the process of incident response in the event of a regulatory breach.

GDPR Summary
GDPR Summary Sheet Third Parties
GDPR Checklist
In episode eight of our General Data Protection Regulation (GDPR) mini-webinar series we discuss working with third-parties and cross-border processing.
Data Protection by Design
Data Protection by Design
Wisdom of Crowds
Checklist to ask your Third Parties and record-keeping requirements (Controllers and Processors). Over 60 Contributors from organisations including the European Data Protection Supervisor, ING, BAE Systems, Verizon and many others. 
Maximising SoC Effectiveness With Advanced Threat Intelligence
Maximising SoC Effectiveness With Advanced Threat Intelligence
Resource Subtitle
Actionable contextual threat intelligence is key when it comes to ensuring early detection of attacks. 

Learn about the key pillars of threat intelligence and how to make them work in any SoC environment.
CIPR Checklist
Cyber Incident Planning & Response Checklist
For A Defined Response To Cyber Attack/Data Breach.

Our Data Breach or Cyber Incident Action checklist will help you prepare and plan a defined response to a cyber attack or data breach. 

r-img.jpg
Privilege Access Management Vendor Evaluation Report
Analysis of prominent providers of Privileged Access Management (PAM) solutions.

This report has researched and analyzed prominent providers of Privileged Access Management (PAM) solutions based on select criteria and discussions with customers and product distributors.

r-img.jpg
Data Protection & Incident Response - Interactive
Improve And Build A More Resilient Business

The CIPR workshop will deconstruct the prevailing approach to planning, incident response and the wider field of incident management and identify where and how you can improve and build a more resilient business. 

How to Protect You and Your Business from Ransomware Attack
Ransomware Wins! User Awareness Doesn’t Work.
What Do you Do?

If you reckon that users are the first line of defence against ransomware,you are WRONG!

We are all humans and we make mistakes and ransomware creators know that. Learn what you can do to protect your business. 

incident investigator duties
A Day In The Life Of An Incident Investigator
Real incident response play-books in action

Learn how to:

* How to design play-books (aka run-books) for different attack scenarios.
* How to align your incident response to official standards.
* Learn more about a day in the life of an investigator.
* How to create an effective triage process that works for every type of attack.
* Discover the various types of data enrichment attributes to apply to every incident.

Designing the Foundations of a Secure Organisation
Designing the Foundations of a Secure Organisation
Most Essential Controls

There are almost 300 controls you could review and select for this year or you can view this webinar and hear what the experts have to say about the most essential controls and how to use them to lay the foundations of a secure resilient business. Let's design a more secure 2017 together.

how you can expertly manage your privileged users?
Taming The "God" User
How To Expertly Manage Your Privileged Users.?

Businesses may be aware of the scale of the privileged insider threat but efficiently managing these users often remains an aspiration. Join Amar Singh in this interactive webinar as he talks to privileged management expert Joseph Carson and discusses how you can expertly manage your privileged users.

Most 2FA Solutions are Insecure
Most 2FA Solutions are Insecure
Is Yours One of them?

Everyone knows two-factor authentication right? or do you just know how to use it? Something you know and something you own is a phrase we can all recite but very few actually understand two-factor authentication and its true benefits. 

Incident Response Automation and Orchestration
Dario Forte CEO of DFLabs Explains Incident Response Automation And Orchestration
Effective SOC Utilising Incident Response Automation And Orchestration

DFLabs, Founder and CEO, Dario Forte shared his insights on how to build an effective SOC utilising incident response automation and orchestration.

Learn where the attacks came from? who was behind them? what they mean for the cyber security industry?
Petya, notPetya or Goldeneye
The Lies, the Truth and What's Coming Next

Tune into this session to get the lowdown on where the attacks came from; who was behind them; what they mean for the cyber security industry and how you can improve the protection for your business the next time something similar rolls along.

UAE Threat Intelligence Case Study Report
UAE Threat Intelligence report
Actionable Threat Intelligence

One of UAE’s leading banks is spearheading the drive to deliver world-class digital customer engagement. Download this exclusive case study and understand why Tushar focuses on threat intelligence and the key decisions the bank made when selecting their threat intelligence feed. 

DNS Mind Map
DNS - Domain Name Service
Download The Mind Map

The ideal guide to understand all things DNS. The ever-exciting Mind Map helps you understand everything from DNS and its cybersecurity benefits to DNS based cyber attacks etc.

Free GDPR Book
Free GDPR E-Book
Everything you wanted to know about GDPR but was afraid to ask

Practitioners, specialists, thought leaders and experts in cybersecurity and data privacy have worked together to co-author a book on GDPR. We present Wisdom of Crowds's first collaborative e-book.  

Wannacry Ransomware Crowd Source Intelligence
Wannacry Ransomware
Crowd Source Intelligence

Get the intelligence and knowledge about this Wannacry Ransomware. Crowdsourced contributions by many who wanted the make the Cyber a better place, the guide is all about life-impacting cyber attacks.

the importance of training and passion, knowledge and training for CISOs
Insights with Cyber Leaders - Dhiraj Sasidharan
Importance of Training & Passion

Dhiraj Sasidharan, the former Director of information security at Dubai Holdings, which Jumairah Group is also a part of, talked about his formative years, the importance of training and passion, knowledge and training for CISOs and why it’s not just about technical skills in the ever-challenging cybersecurity sector.

Top 5 Things to Do When Creating Your Incident Response Plan
Tear Up Your Incident Plan - Now
Top 5 Things to Do When Creating Your Incident Response Plan

Before you do tear up your current incident response plan, take a look at our simple 5 points to consider and get right when creating a response plan. 

Quite simply, the confusion, the pressure during a cyber-attack can overwhelm even the most seasoned professional. An effective, easy to follow plan can mean the difference between a successful outcome or a long-lasting damaging aftermath. 

r-img.jpg
Creating Actionable Incident Response Playbooks + CIPR
Create Actionable Incident Response Playbooks

W review how the UK-GCHQ Certified Training course, Cyber Incident Planning & Response or CIPR has helped organisations like the NHS and BMJ and discuss how you too can create actionable playbooks. 

This webinar will cover topics such as:
- CIPR review - how it has helped organisations
- How to create actionable incident response playbooks,
- The flow and logic behind creating playbooks that work.
- Example playbooks around GDPR and Malware

Implementing a Cloud Ready Software Defined WAN
Implementing a Cloud Ready Software Defined WAN
Problem & Opportunities

In this webinar, Amar Singh and Steve Vickers explore the problems typically faced by organisations based on the latest research and show how organisations can create a seamless and secure SD-WAN infrastructure without having to manage multiple products.

5 Absolute Must-Haves for AWS, Azure, Google Cloud & Others
5 Absolute Must-Haves for AWS, Azure, Google Cloud & Others
Absolute Security Must-haves For Cloud Adoption

In this webinar, several experts discuss their absolute security must-haves for cloud adoption

Topics covered:
- Secure configuration management and benchmarking.
- File storage and data transfer.
- Alerting and incident response.
- Authentication and identity management.

How to break a PCI Compliant Application
How To Break A PCI Compliant Application?
Latest Techniques Cyber Criminals Use To Break Web Apps

The Payment Card Industry Data Security Standard applies to any organisation accepting credit card details in some way or the other. This webinar is going to share some of the latest techniques cyber criminals are using to break web applications. 

Saving Money and Stopping Cyber Attacks
Saving Money and Stopping Cyber Attacks
3 Simple Steps for the Small Business

A non-technical discussion, we layout step by step guidance on what you can do: 

- To save money on your current IT and security investments
- To ensure your third party is delivering the right level of security and service
- Increase your operational efficiency and lower total cost of operations.

Architecting a Sophisticated DDoS Attack in 5 steps
Architecting A Sophisticated DDoS Attack in 5 steps
Create A Complex DDoS Attack

Following on from our successful webinar, Breaking PCI-DSS Applications, we bring you our next instalment - How to Create a Complex DDoS attack in 5 steps.  Watch:

- The details, step-by-step, on planning a DDoS attack
- The prerequisites for this plan to succeed
- The different tools that can be used to launch such an attack. 

dmarc
DMARC Mind Map
Learn about DMARC and its Benefits.

Understand more about the concepts, benefits, stages of implementation and services available surrounding DMARC technologies. Created together with our technology and solutions partners, Advanced Cyber Solutions, download your free copy.

New PAM cover Small
Cloud-based PAM Analyst Report
A Special Report From Cyber Management Alliance

The challenge for the security leader is straightforward yet  highly challenging. You must allow the business to embrace and expand into the cloud and at the same time manage access to
privileged credentials that does not hinder productivity.

Read more in this report...

Rapid Incident Response Webinar Summary Image
Rapid Incident Response for Inbox Attacks
Executive Summary for the Busy Executive

Download our executive summary that summarises the technologies & capabilities a business like yours needs to be truly resilient!

truth
Responding to Cybersecurity’s Biggest Lie
Stopping the Cyber Criminal in Their Tracks

Download this executive summary that separates the wheat from the chaff and tells you how you can truly protect your business from cyber threats.

rewire-brain
Rewiring the Brain
For Cyber Awareness Behaviour Change

Download this executive summary on how cyber awareness training programmes can actually yield results & bring about habit change!

Information Security Awareness Training
Rebooting Security Awareness
From hygiene to resilience

Download this executive summary to know how you can bring about real security behaviour change in your organisation!