The West Yorkshire Police were joined by South Yorkshire and North Yorkshire Police, and by the Humberside Police Commissioner, on Cyber Management Alliance’s (CMA) GCHQ-Certified Cyber Incident Planning & Response (CIPR) training.
Vanessa Smith, DCI of Yorkshire and Humberside Region Cyber Crime Team said of the CIPR course:
Vanessa Smith: “I have attended the CIPR training course and I have to say I was very impressed with the course and its content. You don’t need to have IT skills or an insight into IT, but what it does do is in layman’s terms is set out the key issues, and also the type of hackers out there, and the means they are using to attack our businesses and infrastructure. The day was packed full of information, examples, and there is plenty of interaction between the group. We found that the trainers themselves were able to respond to additional questions, quite probing questions, very well. I personally would say if you want to have an insight into how cybercrime works, how it affects businesses, but most importantly how you can respond to a cyberattack, whether it’s from an investigative point of view of just plain liaising with your IT department and mitigating that risk, and giving that education and social awareness, this course is very good.”
Held at West Yorkshire Police Headquarters in January, delegates started off with an overview about
- The dire state of cyber readiness (or unreadiness) amongst the majority of businesses and public bodies.
- The business context to the complex nature of cyberspace and cyberattacks.
- The key steps that any organisation can take to be better prepared for the upcoming GDPR regulations.
With businesses continuing to experience external and internal cyberattacks, CMA’s CIPR course, which has recently been awarded GCHQ Certification, is the ideal training, for the non-technical management and executives, to learn how to prepare a managed and defined approach in response to a cyberattack or breach.
The Cyber Incident Planning and Response Course
For non-techies as much as techies, CMA’s CIPR course has been designed for senior management and business executives that want to learn and understand more about incident response, helping them to prepare and plan for potential cyber threats.
The GCHQ certified incident management course focuses on several topics including providing and understanding of the basic concepts of cyberattacks, data breaches, threat intelligence and intelligence-led testing. It also:
- Shares the key ingredients to designing and implementing an effective cyberattack response framework.
- Helps build a good understanding on how executives can plan for the various stages of an attack and build an effective cyber response team
- Dives into the various business components and considerations to ensure a business is on the right side of the law and the upcoming GDPR regulations.
Delivered by a FTSE 100 CISO with over 15 years’ experience in cyber security and using the latest methods in preparing and responding to cyberattacks, the delegates from the various police forces learnt a wide range of cyber security measures including:
- The latest techniques and insights on incident response.
- Threat intelligence-led testing and response frameworks that have been adopted by governments and institutions.
- Planning and preparation of attack components; infiltration and post-infiltration entrenchment.
- Exfiltration versus manipulation; pre-attack research, reconnaissance and target selection.
- Designing an early warning system to lower discovery time; create actionable plans and checklists to use today.
- The ‘golden hour’ and why it’s critical to managing an incident.
- The basic application of incident triage, OODA and the Diamond Methodology.
More Testimonials for our Cyber Incident Planning & Response Workshop:
Information Security Manager at West Yorkshire Police, Robin Smith, was impressed with the course’s content and how it helped them with developing their current practices:
“I attended the Cyber Management Alliance course today and we’ve been reviewing incident response, planning for scenarios, planning for threats. We’ve discussed West Yorkshire’s current approach and where we can improve, and we’ve been led into a whole new array of improvements from CMA. They’ve been directing us towards good practice, they’ve been reviewing our current ideas, and they’ve been adding real value to our cyber security response. I would thoroughly recommend using CMA for the future.”
Steve Leach, Cyber Crime Co-ordinator at South Yorkshire Police added:
“I have been on the cyber side of policing for the last couple of years and in my view, this is one of the most practical, level-headed, non-technical presentations for me. They put it across in a language that is easy to understand and relevant. It’s a credit to them that with the depth of knowledge they have, they are able to put it across in such a simple and convenient way. It will help us respond better to internal cyber threats and we will also be able to advise businesses and the public as to their response. I would recommend this course. I don’t think there is anybody that wouldn’t benefit from attending this course. If you need the technical element, it is there. If you just want some practical explanation, it’s there.”
Superintendent Alan Farrow at Humberside Police said:
“I’ve got a lot out of the last two days in relation to understanding where the threat might come from, who the attackers might be, having to plan and prepare for that attack, and what responses might be proportionate to actually deal with that attack – I found it really, really interesting, very informative, and an awful lot I can take back to my own force.”
Gavin Mayes, a Technical Investigator with the Cyber Crime Unit at North Yorkshire Police commented:
“Some of the good things that I’ve taken away from the CIPR course would be around the planning and response to incidents, looking at the cyber kill chain, the methodology, and actually trying to prepare for these attacks. I found the ‘defining normal’ very interesting including how I can take that away and give advice to businesses so that they can recognise when threats are there, and how to identify them. A key thing that I found really, really interesting was the ‘go-destroy’ response - what’s the worst that can happen to your business - something that was really quite impacting and gets you thinking about why you need to have these effective cyber incident responses in place. That for me are the best parts of the course.”