Incident Response
Incident Response
Incident Response is the preparation for, handling of and following up of cyber security incidents, to minimise the damage to an organisation and prevent recurrence.
​
Depending on your organisation and the scale of threats it faces, there may be several or many apparent incidents every day. You decide which of them needs handling. Once an incident response is in progress, you work to understand what's happening so you can minimise the damage and stop the attack. Then you analyse the causes and propose changes to stop the same kind of thing happening again.
​
Throughout all this you work closely with colleagues in the cyber security team, if you have any, and with colleagues in other departments such as IT. You do all
On the program learners will receive knowledge and skills relating to the following areas:
-
Incident Management
-
Incident Investigation
-
Incident Response
-
Security Operations
-
Cyber-Physical Systems
-
Malware and Attack Technologies
-
Adversarial Behaviours
-
Human Factors
-
Forensics
-
Network Security
-
Hardware Security
this while remaining calm and ensuring that you communicate clearly and in a timely fashion with everyone who needs to know what is going on. Finally, you make sure every significant event and action is logged, so lessons can be learned and the response to the next incident is even more effective.
​
On quieter days, you may be draft or agree policies and procedures for handling incidents, or planning and carrying out exercises to test these.
​
In some roles, you may configure and maintain system and network monitoring software and hardware.
Entry Level Program
Learners will receive...
-
Coming soon...
Practitioner Level Program
Learners will receive...
-
Coming soon...