Live Online Courses

BCT Certificate in Cyber Incident Management (NCSC Certified Training)
Live Online Course

Certified 2 Days £1,500.00 (+ VAT)

Course Overview/Dates

Our BCT Certificate in Cyber Incident Management course is a two day non-technical course, aimed at preparing organisations to manage their cyber response at the strategic/crisis management level. Topics include cyber risk assessments, playbook development, GDPR reporting incidents and reputation management. The course includes a 1 hour multiple choice exam taken individually after the training.

The BCT Certificate in Cyber Incident Management training course is delivered as a two day, live online training course. Scheduled breaks will be provided within each session. During the course, delegates will be able to use their microphones to take part in discussions and ask the tutor any questions, there is also the option to use a webcam too. Interactivity features used during the training may include the use of breakout sessions for group work, polls and quizzes. The course is delivered via GoToTraining.

We recommend purchasing the online mock questions to help with revision. With a pool of over 125 questions based on the course and unlimited attempts during the 30 days' access, they are the ideal revision tool. There is a £10 discount on the mock questions if purchased at the same time as booking the course.

Timings are indicative and exact timings may vary due to student experience and their interest in certain topics. The course may finish earlier if all topics have been covered

Timetable

Day 1 09.30-12.30 13.30-16.30 (UK time)
Day 2 09.30-12.30 13.30-16.30 (UK time)

What's included?

  • Course slides
  • Exam
  • Certificate

Course Dates

Dates Number of days Location Price
Mon 5 Dec 2022
£1,500.00 Book
Course tutor: Eamonn Keane MSc
Tue 17 Jan 2023
£1,500.00 Book
Course tutor: Eamonn Keane MSc
Tue 25 Apr 2023
£1,500.00 Book
Course tutor: Eamonn Keane MSc
Tue 23 May 2023
£1,500.00 Book
Course tutor: Eamonn Keane MSc
Tue 4 Jul 2023
£1,500.00 Book
Course tutor: Eamonn Keane MSc
Tue 3 Oct 2023
£1,500.00 Book
Course tutor: Eamonn Keane MSc
Tue 21 Nov 2023
£1,500.00 Book
Course tutor: Eamonn Keane MSc
Back to top

Details & Programme

Over the last few years the number of cyber incidents has grown, affecting organisations large and small. High profile incidents such as Sony, TalkTalk, and the Petya and NHS ransomware attacks, have had a major impact on the operations and reputation of the organisations.

"Thankfully, we now live in a world where it is accepted that data breaches happen and organisations are more comfortable disclosing that they have been victim to an attack. However, with this welcome move away from victim blaming, organisations are now being judged more on how well they manage a breach." - Brian Honan, ComputerWeekly

Our BCT Certificate in Cyber Incident Management training course is not a technical response, but looks at the actions organisations can take to prepare themselves, and how they should manage a cyber incident, including very importantly, how to manage communications associated with the incident. It will also look at the types of cyber attacks, the cyber landscape and how to exercise your cyber response plan.

Delegates will learn how to prepare their organisation, how to develop an effective response and how to manage an incident should it occur.

The BCT Certificate in Cyber Incident Management course is based on good practice from a variety of government and private organisations. The course has been certified by NCSC and is the only certified course which deals with reputational issues associated with the preparing for and responding to a cyber incident.

This Cyber Incident Management course includes a 1 hour multiple choice exam taken individually after the training. Once you have been registered for the exam, you will have 30 days to complete it. Delegates will receive an email from APMG by the end of day 1 of the course to set up an account and access the exam. A score of 70% is required to pass.

Modules

  • Module 1: Cyber Incident Threat Landscape and Essential Knowledge
  • Module 2: Prepare - Understanding your Impacts, Vulnerabilities and Risks
  • Module 3: Prepare - Developing a Cyber Incident Management Framework
  • Module 4: Prepare - Awareness & Cyber Exercises
  • Module 5: Respond - Overview of Incident Management and Technical Cyber Response
  • Module 6: Respond - Crisis Management & Reporting
  • Module 7: Respond - Crisis Communications and Reputation Management
  • Module 8: Recovery
  • Recovery - Final response exercise

Day 1

StartFinishSubjectDetail
09300945Introduction
09451100Module 1: Cyber Incident Threat Landscape and Essential Knowledge- Definitions
- Number of different case studies
- Different types of cyber threats
- Who are the different threat actors?
- What are the threat vectors
- Cyber incident impacts
- Cyber threats to your industry
- Cyber video and discussion
11001115Break
11151230Module 2: Prepare - Understanding your Impacts, Vulnerabilities and Risks- Understanding your organisation’s vulnerabilities
- Questions to ask to understand your information security culture, cyber preparation and awareness
- Incident reporting helpline
- Measuring cyber preparation and maturity
- Understanding what you have to lose and conducting a cyber data risk assessment
12301330Lunch
13301415Module 3: Prepare - Developing a Cyber Incident Management Framework- Reviewing and developing your cyber policy and guidance
- Developing a cyber incident response team
- Developing scenario responses
- Developing decision and scenario based playbooks
- Third party support, insurance and cyber intelligence
14151500Module 4: Prepare - Awareness & Cyber Exercises- What do senior managers need to know about cyber
- Cyber exercise scenarios
- Styles of exercises
- Exercising at different levels within the organisation
- Making exercises realistic
- Hints and tips for successful exercises
15001515Break
15151615Module 5: Respond - Overview of Incident Management and Technical Cyber Response- Incident response overview - what are we trying to achieve
- Difference between a cyber and a 'normal' incident
- React, Respond, Resolve framework for managing incidents
- Identifying the cyber incident
- Triaging incidents
- Cyber impact assessment
- Kill Chains and Diamond Model
- Forensics, investigations and third-party response
16151630Review of Day 1

Please note, timings are indicative and exact timings may vary due to delegate experience and their interest in certain topics. The course may finish earlier if all topics have been covered.

Day 2

StartFinishSubjectDetail
09300945Review of Day 1
09451100Module 6: Crisis Management & Reporting- Situational awareness and OODA loop
- Use of situation - direction - action
- Incident decision making
- Information management
- Setting of incident objectives
- Statutory and regulatory reporting including GDPR requirements
11001115Break
11151230Module 7: Respond - Crisis Communications and Reputation Management- Communications case study - Equifax
- Communications pre-incident preparation
- Managing your organisation's communications with customers, stakeholders and the media
- Stakeholder information requirements
- Developing a communications strategy
- Cyber attack 'victim or villain'
12301330Lunch
13301415Module 8: Recovery - Use of existing business continuity plans, DR and crisis plans to help lessen the impact of the incident
14151500Final response exercise- Exercise Athena - opportunity to bring all the knowledge together during an exercise
15001515Break
15151615Final response exercise continued
16151630Course Review

Please note, timings are indicative and exact timings may vary due to delegate experience and their interest in certain topics. The course may finish earlier if all topics have been covered.

PDF Download a PDF of the course details >
Back to top

Course Benefits

Completing our BCT Certificate in Cyber Incident Management course will enable you to:

  • Understand the different types of cyber attack and cyber incident landscape
  • Look at the preparation which can be carried out prior to a cyber incident occurring
  • Create a cyber playbook
  • Identify the responses and issues associated with responding to a cyber attack
  • Plan and run a cyber exercise

What are the benefits of choosing NCSC Certified Training?

  • Individuals and organisations can easily and quickly identify high quality, relevant training
  • The course materials have been rigorously assessed against the exacting standards of NCSC
  • The quality of the trainers’ delivery and the course administration has been quality checked
  • The training is based on the industry-respected IISP Skills Framework
  • NCSC certified training is invaluable for anyone seeking to acquire or improve their cyber security skills, including those seeking the NCSC's Certified Professional status (CCP)
  • NCSC certified courses identify training which delivers what it says it will
Back to top

Who Should Attend?

  • Business continuity and resilience managers
  • IT managers
  • CIOs and CTOs
  • Crisis managers
  • Members of crisis management teams or those responsible for crisis management and crisis communications
Back to top

Exam

Is the cost of the exam included in the cost of the BCT Certificate in Cyber Incident Management course?

The cost of the exam is included in the course cost.

What does the exam consist of?

The examination consists of 50 multiple choice questions which the candidate will have 1 hour to complete.

What is the pass mark?

A score of 70% is required to pass the exam.

Is it a closed or open book exam?

The exam is closed book.

What language can I sit the exam in?

The exam is only available in English.

When can I take the exam?

The exam is taken online by delegates individually after the training. The exam must be taken within 30 days and we recommend sitting the exam within 7 days of completing the course. Please note, if you require an extension to your exam access, an admin fee will apply.

Delegates will receive an email from APMG by the end of day 1 of the course to set up an account and access the exam.

How can I prepare for the exam?

We advise reading through the course materials and revising thoroughly before sitting the exam (we recommend a minimum of 10 hours of individual study). The more preparation you do, the better prepared you will be for the exam. We recommend purchasing the online mock questions to help with your revision. With a pool of over 125 questions based on the course and unlimited attempts during your 30 days' access, they are the ideal revision tool. Access to the recordings of the training sessions to help with revision are available upon request.

What are the technical requirements for the exam?

It is strongly recommended to use a personal computer and a wired internet connection (ideally with a minimum speed of 10 Mbps Download, 5 Mbps Upload). Sitting this examination will involve software installation and proctor control over your computer. If you are planning to take the exam at work, please speak to your IT Department and thoroughly read through the ProctorU FAQs linked below.

Before the examination begins, the proctor will go through some administration which can take approximately 20 minutes. During this time, the proctor will complete technical checks, take an ID picture and go through the exam rules. We advise ensuring your schedule is clear for at least 1 hour after your exam is scheduled to finish in case of any delays.

Please click on the following link for further information regarding online exam registration for online ProctorU exams: https://www.b-c-training.com/i...

Please click on the following link to ProctorU FAQs: https://www.b-c-training.com/i...

Back to top

Tutors

Eamonn Keane

Eamonn Keane

MSc

Back to top

In-house Options

Please contact the BC Training team on 01253 542650 or email info@b-c-training.co.uk, should you wish to discuss options for delivering this course in-house at your organisation.

Back to top

Locations

Catalogue request from ykcRgODjfoH

Catalogue request from ykcRgODjfoH

Catalogue request from LMzwbHWE

Catalogue request from LMzwbHWE

Catalogue request from gKNTUljC

Catalogue request from gKNTUljC

Catalogue request from KxTeOMVYocBwst

Catalogue request from KxTeOMVYocBwst

Catalogue request from ElmMWIpxjbPDLgY

Catalogue request from ElmMWIpxjbPDLgY

Catalogue request from wtYrjlFOnAJVPsKD

Catalogue request from wtYrjlFOnAJVPsKD

Catalogue request from cidergEw

Catalogue request from cidergEw

Catalogue request from OtbEHUlKqJaCZB

Catalogue request from OtbEHUlKqJaCZB

Catalogue request from lQzVKeRICLTaB

Catalogue request from lQzVKeRICLTaB

Catalogue request from DYHmcolkya

Catalogue request from DYHmcolkya

Catalogue request from XfMpAwEJn

Catalogue request from XfMpAwEJn

Catalogue request from aWIRcwJYAQFsip

Catalogue request from aWIRcwJYAQFsip

quote for BCI Introduction to Business Continuity, Live Online, 13th February 2023

quote for BCI Introduction to Business Continuity, Live Online, 13th February 2023

Catalogue request from vaYgtGiJwEqLbXW

Catalogue request from vaYgtGiJwEqLbXW

Catalogue request from IzAskuFeXmGoLQa

Catalogue request from IzAskuFeXmGoLQa

Catalogue request from FElGgRtpfOy

Catalogue request from FElGgRtpfOy

Catalogue request from cYbWaPXgsVxnRZo

Catalogue request from cYbWaPXgsVxnRZo

Catalogue request from EWkxGQbyZ

Catalogue request from EWkxGQbyZ

Catalogue request from hbfBXxVE

Catalogue request from hbfBXxVE

Catalogue request from HupmNIeCq

Catalogue request from HupmNIeCq

Catalogue request from UFIGLPedumT

Catalogue request from UFIGLPedumT

Catalogue request from ShHDuMZxga

Catalogue request from ShHDuMZxga

Catalogue request from axOclgIhjEYDv

Catalogue request from axOclgIhjEYDv

Catalogue request from rmTsFxqMbGgRSnfD

Catalogue request from rmTsFxqMbGgRSnfD

Catalogue request from WjPpJibcA

Catalogue request from WjPpJibcA

Catalogue request from lGQKAJBLNfFyM

Catalogue request from lGQKAJBLNfFyM

Catalogue request from nXNjMHZpIAx

Catalogue request from nXNjMHZpIAx

Catalogue request from BraVCzXTKx

Catalogue request from BraVCzXTKx

Catalogue request from LazKeRBDc

Catalogue request from LazKeRBDc

Catalogue request from SxsmtqCWHJcu

Catalogue request from SxsmtqCWHJcu

Catalogue request from milAUTBSH

Catalogue request from milAUTBSH

Catalogue request from FqotwkUlAZIMEhni

Catalogue request from FqotwkUlAZIMEhni

Catalogue request from JBbqCKohavDOle

Catalogue request from JBbqCKohavDOle

Catalogue request from EJUvLmnQoCxjRgD

Catalogue request from EJUvLmnQoCxjRgD

Catalogue request from ORxzBPVpvsISE

Catalogue request from ORxzBPVpvsISE

A Framework for Writing Exercise Objectives

A Framework for Writing Exercise Objectives

Catalogue request from qGdStvjKmMTcURx

Catalogue request from qGdStvjKmMTcURx

Catalogue request from HjFXqdIYSiANw

Catalogue request from HjFXqdIYSiANw

Catalogue request from AdPHGwDYmgSqX

Catalogue request from AdPHGwDYmgSqX

Catalogue request from DBbfdXZUPE

Catalogue request from DBbfdXZUPE

Catalogue request from lqhmcXOwdWBAHr

Catalogue request from lqhmcXOwdWBAHr

Catalogue request from IJVfjktLb

Catalogue request from IJVfjktLb

Catalogue request from lFmqkrCt

Catalogue request from lFmqkrCt

Catalogue request from nfzEZsUoJldBNPi

Catalogue request from nfzEZsUoJldBNPi

Catalogue request from FlTAyugXZQUp

Catalogue request from FlTAyugXZQUp

Catalogue request from HRjCufrTwxG

Catalogue request from HRjCufrTwxG

Catalogue request from SdyHpoWhBQY

Catalogue request from SdyHpoWhBQY

Catalogue request from YVTXleCjvWEH

Catalogue request from YVTXleCjvWEH

Catalogue request from UNHjvwMdiTPlGR

Catalogue request from UNHjvwMdiTPlGR

Catalogue request from ZUyXsqkulmJD

Catalogue request from ZUyXsqkulmJD

Catalogue request from zhuBWPEnGxR

Catalogue request from zhuBWPEnGxR

Catalogue request from jHyRUOWmMZqnN

Catalogue request from jHyRUOWmMZqnN

Catalogue request from hAouPznjTLptiXRI

Catalogue request from hAouPznjTLptiXRI

Catalogue request from ZRPKSMgpNtzJuhmO

Catalogue request from ZRPKSMgpNtzJuhmO

Catalogue request from tgErOZASIn

Catalogue request from tgErOZASIn

Catalogue request from xdbPkZaLWuJEYO

Catalogue request from xdbPkZaLWuJEYO

Catalogue request from ydbqrHBAvoh

Catalogue request from ydbqrHBAvoh

Catalogue request from hKBnUqFo

Catalogue request from hKBnUqFo

Catalogue request from nAWBkdHyPuIqSEbr

Catalogue request from nAWBkdHyPuIqSEbr

Catalogue request from QknLKsXHWVdEyI

Catalogue request from QknLKsXHWVdEyI

Catalogue request from KzbMDvwJXFOhfr

Catalogue request from KzbMDvwJXFOhfr

Catalogue request from WxBHmakEGVwtig

Catalogue request from WxBHmakEGVwtig

Catalogue request from KgbSzfMJ

Catalogue request from KgbSzfMJ

Catalogue request from EmNsFHWSKzhXGZAV

Catalogue request from EmNsFHWSKzhXGZAV

Catalogue request from AcEGZiOraBhfdXIM

Catalogue request from AcEGZiOraBhfdXIM

Catalogue request from TBPiodIfX

Catalogue request from TBPiodIfX

Catalogue request from EfWlTMCY

Catalogue request from EfWlTMCY

Catalogue request from BHERoSQyLkZOmPvJ

Catalogue request from BHERoSQyLkZOmPvJ

Catalogue request from rRkABQsSGKDc

Catalogue request from rRkABQsSGKDc

Catalogue request from MpINAFVEQ

Catalogue request from MpINAFVEQ

Catalogue request from YAGiLleTzsy

Catalogue request from YAGiLleTzsy

Catalogue request from fJFVYpNq

Catalogue request from fJFVYpNq

Catalogue request from ISxKnRhBQ

Catalogue request from ISxKnRhBQ

Catalogue request from LUgxJnsaSbj

Catalogue request from LUgxJnsaSbj

Catalogue request from uJfXGprTR

Catalogue request from uJfXGprTR

Catalogue request from DahZSzAlWrp

Catalogue request from DahZSzAlWrp

Catalogue request from rlLagvGoR

Catalogue request from rlLagvGoR

Disaster Trolls Podcast

Disaster Trolls Podcast

Catalogue request from HszKMwiOjU

Catalogue request from HszKMwiOjU

Catalogue request from SDemWLzKXF

Catalogue request from SDemWLzKXF

Catalogue request from IgJaCUADyWGX

Catalogue request from IgJaCUADyWGX

Catalogue request from jNaLDrtXWgBm

Catalogue request from jNaLDrtXWgBm

Catalogue request from DUXhMfJmoFsS

Catalogue request from DUXhMfJmoFsS

Catalogue request from cfqOxNpTmjXa

Catalogue request from cfqOxNpTmjXa

Catalogue request from OzXovLCpESkVaj

Catalogue request from OzXovLCpESkVaj

Catalogue request from BKcRehAsm

Catalogue request from BKcRehAsm

Catalogue request from AgYoefCzSDQ

Catalogue request from AgYoefCzSDQ

Catalogue request from KdyIhSbDiaVgZ

Catalogue request from KdyIhSbDiaVgZ

Catalogue request from cOEvfGLjCUiFW

Catalogue request from cOEvfGLjCUiFW

Catalogue request from DObGqfEVrW

Catalogue request from DObGqfEVrW

Catalogue request from cOdXMVUaxpPJ

Catalogue request from cOdXMVUaxpPJ

Catalogue request from HLzUOTunoqtjJb

Catalogue request from HLzUOTunoqtjJb

Catalogue request from QHhGDuKtgPjbYlUy

Catalogue request from QHhGDuKtgPjbYlUy

Catalogue request from oynEGJqz

Catalogue request from oynEGJqz

Catalogue request from vsqXhCMniUYPwK

Catalogue request from vsqXhCMniUYPwK

Catalogue request from TiMDPrFzmae

Catalogue request from TiMDPrFzmae

Catalogue request from cGgluYnz

Catalogue request from cGgluYnz

Catalogue request from MqaXcmWuErj

Catalogue request from MqaXcmWuErj

Catalogue request from JCVDqfOeslptu

Catalogue request from JCVDqfOeslptu

Catalogue request from NVnhzaiJY

Catalogue request from NVnhzaiJY

Back to top

Sign-up to our newsletter

We value your privacy

We use cookies to enhance your browsing experience, serve personalised ads and understand how our website is used. By clicking "Accept All", you consent to our use of cookies. Our cookie policy