Course Dates
| Dates | Number of days | Location | Price | ||
|---|---|---|---|---|---|
| Mon 6 Jun 2022 |
£1,250.00 | Book now | |||
| Course tutor: Eamonn Keane MSc | |||||
| Mon 18 Jul 2022 |
£1,250.00 | Book now | |||
| Course tutor: Charlie Maclean-Bristol MA (Hons), PgD, FBCI, FEPS | |||||
| Mon 5 Sep 2022 |
£1,250.00 | Book now | |||
| Course tutor: Charlie Maclean-Bristol MA (Hons), PgD, FBCI, FEPS | |||||
| Mon 24 Oct 2022 |
£1,250.00 | Book now | |||
| Course tutor: Charlie Maclean-Bristol MA (Hons), PgD, FBCI, FEPS | |||||
| Mon 5 Dec 2022 |
£1,250.00 | Book now | |||
| Course tutor: Charlie Maclean-Bristol MA (Hons), PgD, FBCI, FEPS | |||||
Details & Programme
Over the last few years the number of cyber incidents has grown, affecting organisations large and small. High profile incidents such as Sony, TalkTalk, and the Petya and NHS ransomware attacks, have had a major impact on the operations and reputation of the organisations.
"Thankfully, we now live in a world where it is accepted that data breaches happen and organisations are more comfortable disclosing that they have been victim to an attack. However, with this welcome move away from victim blaming, organisations are now being judged more on how well they manage a breach." - Brian Honan, ComputerWeekly
Our BCT Certificate in Cyber Incident Management training course is not a technical response, but looks at the actions organisations can take to prepare themselves, and how they should manage a cyber incident, including very importantly, how to manage communications associated with the incident. It will also look at the types of cyber attacks, the cyber landscape and how to exercise your cyber response plan.
Delegates will learn how to prepare their organisation, how to develop an effective response and how to manage an incident should it occur.
The BCT Certificate in Cyber Incident Management course is based on good practice from a variety of government and private organisations. The course has been certified by NCSC and is the only certified course which deals with reputational issues associated with the preparing for and responding to a cyber incident.
This Cyber Incident Management course includes a 1 hour multiple choice exam taken individually after the training. Once you have been registered for the exam, you will have 60 days to complete it. Delegates will receive an email from APMG by the end of day 1 of the course to set up an account and access the exam. A score of 70% is required to pass.
Modules
- Module 1: Cyber Threats and Landscape
- Module 2: Prepare - Understanding your vulnerabilities and risks
- Module 3: Prepare - Developing a cyber incident response framework
- Module 4: Prepare - Awareness and Cyber Exercises
- Module 5: Respond - Overview of incident management and technical cyber response
- Module 6: Respond - Executive Incident Management
- Module 7: Respond - Crisis Communications and Reputation Management
- Module 8: Recovery - Using existing BC plans to recover operations
- Final response exercise
Day 1
| Start | Finish | Subject | Detail |
|---|---|---|---|
| 0930 | 0945 | Introduction | |
| 0945 | 1100 | Module 1: Cyber Threats and Landscape | - Definitions
- Number of different case studies - Different types of cyber threats - Who are the different threat actors? - What are the threat vectors - Cyber incident impacts - Cyber threats to your industry - Cyber video and discussion |
| 1100 | 1115 | Break | |
| 1115 | 1230 | Module 2: Prepare - Understanding your vulnerabilities and risks | - Understanding your organisation’s vulnerabilities
- Questions to ask to understand your information security culture, cyber preparation and awareness - Incident reporting helpline - Measuring cyber preparation and maturity - Understanding what you have to lose and conducting a cyber data risk assessment |
| 1230 | 1330 | Lunch | |
| 1330 | 1415 | Module 3: Prepare - Developing a cyber incident response framework | - Reviewing and developing your cyber policy and guidance
- Developing a cyber incident response team - Developing scenario responses - Developing decision and scenario based playbooks - Third party support, insurance and cyber intelligence |
| 1415 | 1500 | Module 4: Prepare - Awareness and Cyber Exercises | - What do senior managers need to know about cyber
- Cyber exercise scenarios - Styles of exercises - Exercising at different levels within the organisation - Making exercises realistic - Hints and tips for successful exercises |
| 1500 | 1515 | Break | |
| 1515 | 1615 | Module 5: Respond - Overview of incident management and technical cyber response | - Incident response overview - what are we trying to achieve
- Difference between a cyber and a 'normal' incident - React, Respond, Resolve framework for managing incidents - Identifying the cyber incident - Triaging incidents - Cyber impact assessment - Kill Chains and Diamond Model - Forensics, investigations and third-party response |
| 1615 | 1630 | Review of Day 1 |
Please note, timings are indicative and exact timings may vary due to delegate experience and their interest in certain topics. The course may finish earlier if all topics have been covered.
Day 2
| Start | Finish | Subject | Detail |
|---|---|---|---|
| 0930 | 0945 | Review of Day 1 | |
| 0945 | 1100 | Module 6: Respond - Executive Incident Management | - Situational awareness and OODA loop
- Use of situation - direction - action - Incident decision making - Information management - Setting of incident objectives - Statutory and regulatory reporting including GDPR requirements |
| 1100 | 1115 | Break | |
| 1115 | 1230 | Module 7: Respond - Crisis Communications and Reputation Management | - Communications case study - Equifax
- Communications pre-incident preparation - Managing your organisation's communications with customers, stakeholders and the media - Stakeholder information requirements - Developing a communications strategy - Cyber attack 'victim or villain' |
| 1230 | 1330 | Lunch | |
| 1330 | 1415 | Module 8: Recovery - Using existing BC plans to recover operations | - Use of existing business continuity plans, DR and crisis plans to help lessen the impact of the incident |
| 1415 | 1500 | Final response exercise | - Exercise Athena - opportunity to bring all the knowledge together during an exercise |
| 1500 | 1515 | Break | |
| 1515 | 1615 | Final response exercise continued | |
| 1615 | 1630 | Course Review |
Please note, timings are indicative and exact timings may vary due to delegate experience and their interest in certain topics. The course may finish earlier if all topics have been covered.
Download a PDF of the course details >
Course Benefits
Completing our BCT Certificate in Cyber Incident Management course will enable you to:
- Understand the different types of cyber attack and cyber incident landscape
- Look at the preparation which can be carried out prior to a cyber incident occurring
- Create a cyber playbook
- Identify the responses and issues associated with responding to a cyber attack
- Plan and run a cyber exercise
What are the benefits of choosing NCSC Certified Training?
- Individuals and organisations can easily and quickly identify high quality, relevant training
- The course materials have been rigorously assessed against the exacting standards of NCSC
- The quality of the trainers’ delivery and the course administration has been quality checked
- The training is based on the industry-respected IISP Skills Framework
- NCSC certified training is invaluable for anyone seeking to acquire or improve their cyber security skills, including those seeking the NCSC's Certified Professional status (CCP)
- NCSC certified courses identify training which delivers what it says it will
Who Should Attend?
- Business continuity and resilience managers
- IT managers
- CIOs and CTOs
- Crisis managers
- Members of crisis management teams or those responsible for crisis management and crisis communications
Exam
Is the cost of the exam included in the cost of the BCT Certificate in Cyber Incident Management course?
The cost of the exam is included in the course cost.
What does the exam consist of?
The examination consists of 50 multiple choice questions which the candidate will have 1 hour to complete.
What is the pass mark?
A score of 70% is required to pass the exam.
Is it a closed or open book exam?
The exam is closed book.
What language can I sit the exam in?
The exam is only available in English.
When can I take the exam?
The exam is taken online by delegates individually after the training. We recommend sitting the exam within 7 days of completing the course.
Delegates will receive an email from APMG by the end of day 1 of the course to set up an account and access the exam.
How can I prepare for the exam?
We advise reading through the course materials and revising thoroughly before sitting the exam (we recommend a minimum of 10 hours of individual study). The more preparation you do, the better prepared you will be for the exam. Access to the recordings of the training sessions to help with revision are available upon request.
What are the technical requirements for the exam?
It is strongly recommended to use a personal computer and a wired internet connection (ideally with a minimum speed of 10 Mbps Download, 5 Mbps Upload). Sitting this examination will involve software installation and proctor control over your computer. If you are planning to take the exam at work, please speak to your IT Department and thoroughly read through the ProctorU FAQs linked below.
Before the examination begins, the proctor will go through some administration which can take approximately 20 minutes. During this time, the proctor will complete technical checks, take an ID picture and go through the exam rules. We advise ensuring your schedule is clear for at least 1 hour after your exam is scheduled to finish in case of any delays.
Please click on the following link for further information regarding online exam registration for online ProctorU exams: https://www.b-c-training.com/i...
Please click on the following link to ProctorU FAQs: https://www.b-c-training.com/i...
Tutors
Charlie Maclean-Bristol
MA (Hons), PgD, FBCI, FEPS
Eamonn Keane
MSc
In-house Options
Please contact the BC Training team on 01253 542650 or email info@b-c-training.co.uk, should you wish to discuss options for delivering this course in-house at your organisation.
Locations
quote for BCI Incident Response and Crisis Management, Live Online, 7th-8th July 2022
Working in a Hybrid World - The Future of Incident & Crisis Management Rooms
Business Continuity Awareness Week: Discounts!
quote for CBCI Certification Course (GPG), London, 18th-21st July 2022
CYBERUK 2022 – What Did We Learn?
quote for CBCI Certification Course (GPG), Live Online, 13th-17th June 2022
quote for CBCI Certification Course (GPG), Live Online, 11th-15th July 2022
Rota Power Cuts and an Old Incident Revisited – Auckland Power Outage, 1998
JPMorgan gets sued by Ray-Ban after failing to catch $272 million Cyber Theft
Catalogue request from h=2f6ef44c976c0976da461dbfa7e5f915- <div style="display:none;">
quote for CBCI Certification Course (GPG), Paris, 4th-7th July 2022
What Happened to UK Data Privacy Compliance?
Product Recall: A Checklist of Actions
FUNKY PIGEON SUSPENDS ORDERS DUE TO CYBER HACK
Cyber-Attack on Toyota?
Revising Your Business Continuity Strategies in Response to the Rising Trend of Working Anywhere
quote for BCI Introduction to Business Continuity, Live Online, 25th-26th April 2022
quote for BCI Introduction to Business Continuity, Live Online, 25th-26th April 2022
Looking After Your People During a Cyber Incident
quote for BCI Introduction to Business Continuity, Live Online, 25th-26th April 2022
quote for CBCI Certification Course (GPG), Live Online, 13th-17th June 2022
Scenario-specific Crisis Level Plans
Catalogue request from Angela Wilson
Hints and Tips for Delivering Online Business Continuity Training and Exercises
quote for BCI Business Impact Analysis (BIA), Live Online, 4th-5th April 2022
quote for BCI Business Impact Analysis (BIA), Live Online, 4th-5th April 2022
quote for BCI Business Impact Analysis (BIA), Live Online, 4th-5th April 2022
We Stand with Ukraine
Managing incidents ‘on the back foot’ - Britain’s poor response to issuing visas to Ukrainian refugees
quote for BCT Certificate in Cyber Incident Management, Live Online, 6th-7th June 2022
Common Crisis Lessons Visible Within the Ukraine Conflict
Crisis Communications - Do You Have a Team?
quote for CBCI Certification Course (GPG), Live Online, 9th-13th May 2022
Stop paying for Netflix and you can buy a house, says Kirstie Allsopp.
quote for BCI Business Impact Analysis (BIA), Live Online, 4th-5th April 2022
Hurry Up and Wait…
CONTAINERS LOST AT SEA: BOOKS OVERBOARD!
Case Study Zouma: Don’t Mess With Cats…
EXCLUSIVE: KP Snacks cyber-attack causes a crisps and nuts shortage
What’s Cyber Scotland Week all about?
Boris, Watt and the Footballer
'To pay or not to pay?' That is the question, after a ransomware cyber incident
Still trying to manage business continuity or risk using spreadsheets? It’s time to move on…
Five Tips for Successful Business Continuity Planning
Catalogue request from alberto alexander
Ransomware Negotiation Tactics
Catalogue request from Marta Bellers
Monthly Newsletter - January 2021
Verisimilitude and its Importance in Exercises
quote for BCT Certificate in Cyber Incident Management, Live Online, 6th-7th June 2022
quote for BCT Certificate in Cyber Incident Management, Live Online, 6th-7th June 2022
Catalogue request from Tim Mansfield
Amedia AS Cyber Hack Case Study: A review of their crisis communications from 28th December 2021 - 7th January 2022
quote for CBCI Certification Course (GPG), Live Online, 14th-18th March 2022
Catalogue request from Alexei Kozachuk
Top 10 Bulletins in 2021!
Storm Arwen: Lessons Re-Identified?
quote for CBCI Certification Course (GPG), Live Online, 10th-14th January 2022
quote for BCI Introduction to Business Continuity, Live Online, 7th-8th February 2022
Hints and Tips for Running SIMEX Exercises
Crisis Support Teams – What are they & do I need one?
quote for CBCI Certification Course (GPG), London, 7th-10th February 2022
quote for BCI Incident Response and Crisis Management, Live Online, 9th-10th December 2021
quote for CBCI Certification Course (GPG), Live Online, 29th November - 3rd December 2021
Learning Points From the SEPA Cyber-Attack
Comments on the Yorkshire Cricket Club Racism Crisis
quote for CBCI Certification Course (GPG), Live Online, 29th November - 3rd December 2021
quote for CBCI Certification Course (GPG), London, 7th-10th February 2022
COP26 and Our New Tree Planting Programme!
Catalogue request from Abdul-Fatawu Mohammed
quote for CBCI Certification Course (GPG), Live Online, 29th November - 3rd December 2021
Wicked Problems - What Do I Need To Know?
Closing the Gap Between Cyber Security and Business Continuity Management
The Future of Incident & Crisis Management Rooms Post COVID - In a Hybrid Working World
Is Business Continuity One of the Victims of COVID?
Fantasy Crisis Communications - Prince Andrew
quote for CBCI Certification Course (GPG), London, 18th-21st October 2021
quote for CBCI Certification Course (GPG), Live Online, 18th-22nd October 2021
Embedding BC for a More Resilient Future
Dealing with Anniversaries
Preparation for Protest
Low-Level Cyber Attacks
quote for BCI Business Impact Analysis (BIA), Live Online, 4th-5th October 2021
BCI Education Month, September 2021
quote for CBCI Certification Course (GPG), Live Online, 18th-22nd October 2021
What Can We Learn? - Afghanistan 2021
A Guide to Writing Contingency Plans/Playbooks
quote for Advanced Incident Response and Crisis Management, Live Online, 8th-9th November 2021
quote for BCI Introduction to Organisational Resilience, Live Online, 13th October 2021
quote for BCI Introduction to Organisational Resilience, Live Online, 13th October 2021
Building Resilience and Security for Long-Term Remote Working
quote for PECB Certified ISO 22301 Lead Implementer, Live Online, 15th-18th November 2021
‘Countdown to Zero Day’ By Kim Zetter - Book Review
quote for BCI Introduction to Organisational Resilience, Live Online, 13th October 2021
Cyber Podcasts You Need To Listen To!
Catalogue request from Becca
quote for CBCI Certification Course (GPG), Live Online, 16th-20th August 2021
quote for BCI Developing and Managing the Business Continuity Plan, Live Online, 6th October 2021
quote for IT Disaster Recovery, Live Online, 8th-9th November 2021
Location, Location, Location!