Cyber Incident Planning & Response Course

About the NCSC - National Cyber Security Centre

Launched in October 2016, the NCSC or National Cyber Security Centre is headquartered in London and brings together expertise from CESG (the information assurance arm of GCHQ), the Centre for Cyber Assessment, CERT-UK, and the Centre for Protection of National Infrastructure.

The NCSC Assured Training is designed to assure high-quality training courses delivered by experienced training providers. The courses are assessed at two levels, namely, awareness and application.

This course has been certified for the application level of incident response in the areas of Risk Assessment, Business Continuity Planning and Incident Management. The Application level is for anyone looking for in-depth courses for their professional development.

The Chartered Institute of Information Security (CIISec) is the only pure-play information security institution to have been granted Royal Charter status and is dedicated to raising the standard of professionalism in information security. CIISec represents professionalism, integrity and excellence within the information and cybersecurity sector.

The NCSC Assured Training and the Chartered Institute of Information Security's (CIISec) accreditation enables organisations to distinguish between reputable courses and ones that have not been validated using a Government-endorsed assessment process.

Optional Online Examination

Following the completion of the training course (Public, Internal, Instructor-led or Self Paced Learning) all students have the option of earning incident response certifications  by successfully passing the APMG International examination of the NCSC Assured Cyber Incident Planning and Response Training. The exam is administered by APMG International and invigilated by ProctorU who provide secure live and automated online proctoring services for academic institutions and professional organisations. 

Number of Questions: 30
Passing Score: 50%
Exam Duration: 25 Mins
Exam Format: Multiple Choice
Exam Delivery: APMG Exam Portal and ProctorU

Our digital badges are issued by youracclaim.com, the world's most trusted digital credential network for professional associations and corporate learning. The badges are secure, digital representations of your professional development credentials (certification in incident response). Embed your digital badge on an email signature, website, social media profile or a digital CV.

With just one click, employers, clients, customers and other interested parties can easily view and verify your credentials and skills.

Students who have passed the exams and earned certifications in incident response have come from organisations including Microsoft, Adobe, NHS, numerous Government departments and Police forces, Unilever, IBM, CISCO, Ernst and Young, Deloitte, KPMG, UBS, RBS, Barclays, Goldman Sachs, Bank of America, TATA Consultancy Services and many many more. 

Continuing Professional Development

• CPD points can be claimed for this course at the rate of 1 point per hour of this NCSC Assured Training and CIISec-approved course (8 points for one-day public course and 15 points for the two-day internal workshop).
•  (ISC)2 members can claim 8 CPE points after they complete the whole course and obtain the attendance certification.
• ISACA members can claim 8 CPE points after they complete the whole course and obtain the attendance certification.

What delegates will learn in the Cyber Incident Planning & Response course: 
(Scroll down for details on individual modules)

• The latest techniques and insights on incident response.
• How to respond to ransomware and malware attacks.
• Threat Intelligence-led testing and response framework adopted by leading governments and institutions.
• How to use threat intelligence to lower organisation risk and speed up response times.
• The Cyber Kill Chain (the cyber-attack process) and how to design an early warning system to lower discovery time from months to days.
• How to create actionable, fit-for-purpose plans, checklists and processes.
• How to define and baseline “Normal” within your organisation.
• Understand "Normal" and how it can help reduce your time to respond to and reduce human error.
• The best methods to stop up to 90% of all cyber-attackers in their tracks, before they breach your critical data.
• How to design and implement a response framework and build an effective cyber response team.
• The “Golden Hour” and why it’s critical to managing an incident.
• The core concepts of incident triage, OODA and their relevance and importance in a cyber resilient organisation.

Directly download the complete Learning Objectives PDF of the NCSC Assured Training here.

   

Benefits of the NCSC Assured CIPR Training Course

There are numerous advantages of learning about cyber incident response plans, incident response certifications and knowing how to enhance your incident response capabilities and breach response maturity. Additionally, there are several benefits, to both, individuals and organisations attending the online NCSC Assured CIPR Training course.

Individual Benefits: As an individual who completes the CIPR online course, you will be able to:

1. Gain a deep understanding of NIST's Computer Security Incident Handling Guide: NIST SP 800-61 Revision 2. 
2. Become Certified in Cyber Incident Planning and Response. 
3. Display your incident response certifications or accreditation via a digital badge, showcase to potential clients and employers.
4. Comprehend and manage the threats and risks relating to information systems and assets from cyber-attacks.
5. Define and support the implementation of processes and procedures for detecting breaches of security policies.
6. Understand the core principles of and actively contribute to the creation of your organisation’s cybersecurity strategy and incident response plans. 
7. Explain what Threat Intelligence and its significance is in keeping organisations cyber-resilient. Discuss how Threat Intel can aid in rapid detection of advanced threats.
8. Participate in the development of information risk management strategies to reduce business risk.
9. Discuss the benefits of monitoring and auditing for violations of relevant security policies (e.g. acceptable use, security, etc.).
10. Define and implement processes and procedures for detecting data breaches.
11. Establish and maintain a Computer Security Emergency Response Team to deal with breaches of security policies.
12. Understand and explain the primary requirement of privacy regulations, like the EU-GDPR, in the context of cyber incident response and cyber resilience.
13. Discuss and support the development of innovative methods of protecting information assets, to the benefit of the organisation and the interface between business and information security.
14. Discuss and support in the development, coordination and evaluation of plans to communicate with internal stakeholders, external stakeholders and the media.

Organisations who invest in the NCSC Assured Cyber Incident Response Training Course for their staff observe a great number of additional advantages. 

Benefits of arranging an internal exclusive private workshop include, but not limited to:

1. Learn how to implement NIST's Cyber Incident Response Framework throughout your organisation.
2. Define the threat actors and create a threat actor library specific to your organisation.
3. Defining Normal - understanding your organisation's baseline.
4. Define and improve alerts for your analysts.
5. Assess and improve your organisation's triage capabilities.
6. Create organisation specific cyber-attack scenarios.
7. Detection & Response Strategies tailored to your business. 
8. Technology stack review & assessment of integration into SoC & monitoring technologies.
9. High level review of your monitoring and log management.
10. Review your PR & communication templates & internal communications approach.
11. Review and improve the team and organisational structure of IR teams and CSIM (cybersecurity incident management) teams.
12. Understand areas of improvement of your organisation’s incident response plans.
13. Baselines cyber resilience awareness across the business.
14. Become more compliant with data breach response regulations by creating fit-for-purpose data breach response plans.
15. Achieve tangible reductions in detection and response times to cyber-attacks that could lead to better managed and lower data breach compensations.
16. Improve interdepartmental communication and interaction before and during an incident (This is especially true when organisations host the CIPR workshop internally, over 2 days).
17. Streamline technology investments with the possibility of tangible savings across multiple technology sets.
18. Achieve more productive and efficient staff with increased motivation and better learning and career development.
19. Throughout the duration of the workshop all attendees have an aim to create an improvement action plan to further develop the operational strategies, processes and plans post the workshop. 
    

    ---

The course content…

All the content you need to implement NIST's Computer Security Incident Response Handbook.

All online and public students receive numerous takeaways including immediately usable cyber response checklists, templates like cyber response plans and workflows that you can put to use in your organisation immediately.