Learn to Create Fit-for-Purpose Cyber Incident Response Playbooks
We have trained over 400 organizations including:
The Building and Optimising Incident Response Playbooks one-day training & teaches you how to create actionable incident response playbooks to respond to a variety of simple and complex cyber-attacks and data breaches.
Unlike a traditional crisis like an earthquake or flood, a cyber-crisis is often invisible and near impossible to detect in the early stages. In a majority of cyber-attacks, by the time a business detects the attack, it is often too late. The data has been stolen , the media knows about your data-breach and your customers are worried their personal data may be in the hands of criminals.
As an individual, after you complete the Playbooks course you will be able to:
When run internally, the Building & Optimising Incident Response Playbooks (Playbooks) workshop brings significant benefits to an organisation including, but not limited to:
The playbooks training is available as an eLearning (also called Self-paced Learning) option and as a virtual classroom training. For the virtual training we use Zoom
You can combine the Internal Playbooks training with our Cyber Crisis Tabletop Exercise (CCTE) workshop to formally test your playbooks in a simulated cyber-attack environment. You can find more information on Cyber Crisis Tabletop Exercises here or if you prefer, you can book an appointment with us to discuss this option in more detail.
IT Technicians Level 1, level 2, IT support Network engineers Windows, Unix and Max engineers SOC Analysts (all levels) IT Managers, Network Managers |
|
The playbooks training course was a good 'part-2' to the CIPR and went into greater depth in a number of areas. The day was fun and Amar kept us moving along at a good pace.
Enjoyed the course. Good mix of attendees and plenty of lively conversation. Amar steered us through it all admirably.
Overall the course was very good. I would strongly recommend this training to anyone who is involved in Cyber Security or has control of information assets.
It was a great workshop with a lot of interesting people and a great learning experience.
This was a very helpful day and opportunity to speak with a number of operational incident responders to discuss what really works in practice and not just in theory. I gained a great deal from the day, particularly around the construction of bespoke playbooks and also a variety of useful resources to inform my learning. A really good day.
Starting the foundation, this module sets the baseline, ensures all students understand the core concepts that underpin the course.
Those who are non-technical will find that attending our NCSC-Certified CIPR course establishes the core concepts on which this playbooks course is built upon.
Building on the NIST 800-61.r2 Computer Security Incident Handling Guide, we take the student through an in-depth understanding of these four phases, their relationships to each other and the relationship of this concept to creating effective and fit-for-purpose incident response playbooks.
These 3 modules introduce the student to key concepts of not just playbooks but the primary constituents of a good incident analyst. There is a substantial link between an analyst and playbooks and to create and use playbooks effectively you need to understand the basics.
This module breaks down the topic of automation in incident response and playbooks and dives deeper into the concepts and reasons and implementation examples of automation. This section also gives examples of how automation can be used as a force for staff retention and motivation. In addition, the student is shown a structured approach to automating actions before, during and after a cyber attack.
This is not a section to learn about threat intelligence but rather a specific section that teaches and challenges the student to start creating their first full playbook. We all now threat-intel is important, but in this module we show you useful and important it is and how you can use playbooks to significantly improve your security posture.
'Who you going to call' during an attack. Even for the most prepared there are moments when you wonder, who is it we need to call? OR who can authorise this action? Seems simple, but there is a method and approach to get this right and yes, you have to plan ahead.
In this module, we do what it says on the tin. We start creating and review all sorts of playbooks, from detection, analysis and response with scenarios from malware, ransomware, data theft and more. As with other modules, there are several interactive exercises.
Amar Singh has a long history and experience in data privacy and information security. Amar has served as CISO for various companies, including News International (now News UK), SABMiller, Gala Coral, Euromoney and Elsevier. Amongst various other activities, Amar is a Global Chief Information Security Officer and Trusted Advisor to a number of organisations including a FTSE100 firm, and is chair of the ISACA UK Security Advisory Group. He also founded the not-for-profit cybersecurity service for charities, Give01Day.
Amar has the highest integrity and is trusted by FTSE100 companies with some of the most sensitive commercial information. He has been involved with highly sensitive forensic investigations.
He has the ability to deal with both technically-astute, board-level executives and lead an organisation's information security direction. Apart from his experience and abilities, Amar holds a number of industry-recognised certifications, such as ISO 27001 Certified ISMS Lead Implementer, MoR, CRISC and CISSP certification.
Amar is an industry-acknowledged expert and public speaker and is regularly invited to speak and share his insights by some of the largest and most respected organisations in the world including The BBC, The Economist’s Intelligence Unit, The Financial Times, SC Magazine, InfoSec Magazine, Computer Weekly, The Register and the AlJazeera English Channel.
All trademarks, service marks, trade names, product names, service names and logos appearing on the site, or on printed or digital material are the property of their respective owners, including in Cyber Management Alliance Ltd. Any rights not expressly granted herein are reserved.
Virtual Class | 19th Oct | SOLD OUT |
Virtual Class | 3rd Dec | Click Here |
Virtual Class | 11th Feb | Click Here |
“I found the course to be very interesting. It not the usual bookish theoretical type, of course, it was quite interactive.."
CIO, Rak Bank, Dubai
“Amar Singh brings a wealth of personal experience and knowledge.”
President ISACA UAE
“The course was excellent. Not the typical core text book training but giving valuable insights and experiences.”
Head of IT, Bank of Sharjah, UAE
“This was the most interesting and attractive courses I have ever attended. A lot of inside knowledge was shared.”
Head of Audit, Emirate Global Aluminium, UA
"I wish all Senior Executives attend this course. It’s the most practical course I have ever attended. It teaches you not just how to understand but also how to respond to a Cyber Attack. ."
"The information we learnt provoked plenty of conversation both around personal experiences with the challenges that I face in the business and also backing up what was said in the course with real-life examples"
"The training was very informative and well knowledgable and i would recommend this course to anyone who wishes to explore cyber security even further."
IT Director, Christ the King Sixth Form Colleges London
"It’s been a great two days of learning. We drilled down, we simplified how an incident should be detected and how an incident should be handled. One of the key learnings I have taken is define normal. ."
"The overall training was good, it was quite informative. I highly recommend this training session to at least the CXO level people because it is something very meaningful for them and it can be very beneficial for organisations."
"Amar is a good mentor because he did more than just teaching. The checklist and mind maps are a really good part of the course. ."
IT Manager, HLB HAMT, Dubai UAE
"Amar is an excellent tutor and mentor also. The key aspects of the training is interactive sessions. Everyone has shared their experiences. I gained much knowledge which will be useful for my day to day activities."
"I really learnt a lot from this course as it was the first cyber security course I have been on. What I liked the most was the mind-mapping."
Paramount Computer Services, Dubai UAE
"I recommend everyone to attend this course whether your business is at the beginning or whether you have already implemented some of the IT security procedures. Even if you think you are protected but in fact it is not protected.."
Find out more about our one day public courses or internal workshops, please complete the form below.
© 2016 Cyber Management Alliance.