West Mercia and Warwickshire Police tackled Cyber Management Alliance’s (CMA) GCHQ-Certified Cyber Incident Planning and Response (CIPR) training, held at Warwickshire Police Headquarters on 12th December 2016, where delegates learned how to plan and respond to cyber threats and security breaches.
With only 10% of UK companies having an Incident Response Plan and 90% of large organisations experiencing a security breach to their critical data, businesses continuing to experience external and internal cyberattacks. CMA’s CIPR course, which was recently awarded GCHQ Certification, is the ideal training ground to learn how to prepare a managed and defined approach in response to a cyberattack or security threat.
Wayne Parks, Head of ICT at Warwickshire Police, was impressed with the CIPR course:
“A really good session. The trainer was really knowledgeable and presented the course in a really understandable format that the participants enjoyed. Quite a difficult subject to get over sometimes but I think it was presented really well. A nice mixture of technical knowledge and practical examples. Good for a very mixed audience, it wasn’t too technical, and I highly recommend it in terms of bringing a mixed group up to speed with the importance about responding to a cyber incident, what the essentials are, and how to deal with it from the forensic side and the whole publicity side. A really good event and from an IT perspective, what I wanted to get out of it was engagement from the organisation. Everyone went away buzzing and keen to go to the next stage, and build on this training. From my perspective, a really good event. Highly recommend it.”
Simon Neville from West Mercia Police, said of the CIPR course:
“What I enjoyed about the course was the balance between the technical and informal – just about right. At the beginning of the course, we were asked by the trainer what we wanted out of the course, and it was then tailored to fit those needs, which was really appreciated. I think the most important thing to take away, as an alliance between the two police forces, is the ability now to maintain momentum of what we have learnt. We have now gone from having a few people who are expertly informed to a roomful and we fully intend to start a quarterly meeting to keep that momentum going, to increase awareness and to increase possible learning opportunities. I’d just like to say thank you very much for that.”
Further comments on the CIPR training included:
“Really useful way to understand what structures were already in place and importantly, the need to start planning to test vulnerabilities, responses, etc.”
“The trainer was incredibly engaging, gave real life examples and had a sense of humour! That all helped to make what could have been very dry into inclusive and interesting learning. Thank you.”
“The trainer presented an excellent course to a group of mixed levels in an appropriate and friendly way that enhanced the learning process.”
“I have very limited technical skills and knowledge but I was still able to understand the course and felt engaged. I enjoyed these two days more than I thought I would. Thank you.”
“Really enjoyed this and found the trainer very easy to listen to, and absorb his delivery. Participants within the room were from various backgrounds with different levels of expertise and knowledge in all things ICT. The trainer did well to explain certain aspects. I found this very thought-provoking and certainly did not fully understand and appreciate the threats out there.”
Why Cyber Incident Planning & Response (CIPR) Training?
For non-techies as much as techies, CMA’s CIPR course has been designed for senior management and business executives that want to learn and understand more about incident response, helping them to prepare and plan for potential cyber threats.
The GCHQ certified incident management course focuses on several topics including providing and understanding of the basic concepts of cyberattacks, data breaches, threat intelligence and intelligence-led testing. It also:
- Shares the key ingredients to designing and implementing an effective cyberattack response framework.
- Helps build a good understanding on how executives can plan for the various stages of an attack and build an effective cyber response team
- Dives into the various business components and considerations to ensure a business is on the right side of the law and the upcoming GDPR regulations.
The Course Topics
Delivered by a FTSE 100 CISO with over 15 years’ experience in cyber security and using the latest methods in preparing and responding to cyberattacks, delegates learnt a wide range of cyber security measures including:
- The latest techniques and insights on incident response.
- Threat intelligence-led testing and response frameworks that have been adopted by governments and institutions.
- Planning and preparation of attack components; infiltration and post-infiltration entrenchment.
- Exfiltration versus manipulation; pre-attack research, reconnaissance and target selection.
- Designing an early warning system to lower discovery time; create actionable plans and checklists to use today.
- The ‘golden hour’ and why it’s critical to managing an incident.
- The basic application of incident triage, OODA and the Diamond Methodology.