Incident response is an organised approach to addressing and managing the aftermath of a security breach. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
This one-day course includes short, practical team exercises in which you can test your skills in detecting and efficiently responding to incidents. You will experience a crisis situation and learn how to handle this under pressure and how to communicate about and during the crisis to key stakeholders.
The course is led by Jisc's Lee Harrigan-Green, chief security architect, and Julian Fort, security analyst.
- Challenging scenarios will allow you to experience and react to a serious incident in a safe environment
- Assess your own organisation’s preparedness and ensure you are fully prepared with an effective incident response procedure
- Each scenario will be analysed for success and lessons learnt - giving you a checklist of actions to implement at your organisation
- Work through a straightforward incident response procedure, detecting, identifying, responding and compiling lessons learned, making recommendations for better future response and for preventing a recurrence
- Understand the importance of effective communication with IT staff, representatives from legal, human resources, and public relations departments during an incident
- Take away some scenarios to run with your teams to give them a chance to experience
- Share best practice with your peers
- See how other teams approach the same scenario and the effect different choices have on the outcome
Registration begins at 09:30 and the course will run between 10:00 and 16:00.
The course timetable will be adjusted on the day to allow discussion of areas of particular interest to the audience.
All our courses are designed to provide a balance between practical activities and information dissemination, as we believe people learn when they are engaged in the instructional process.
This course includes participant involvement through discussion and group work created specifically for the course.
All refreshments and lunch are provided.
Who should attend
This course will be of benefit to any technical staff responsible for their organisations security incident response that are new to incident response.
What we cover
During the day we will explore different scenarios including:
- Lost equipment
- Denial of service (DoS) attack
- Stolen data and ransom
By the end of the course, delegates will be able to:
- Assess the incident response policies and procedures at their organisation and make recommendations for improvement
- Draw on an effective response plan and understand the key process and documentation necessary to effectively respond to a security incident in an organisation and the help and support they can give during an incident
- Understand the role of the Janet Network CSIRT, and who the security contacts are within an organisation
- Describe the key elements of a security incident lifecycle
- List key stakeholders and have a plan of when and how to communicate with them and involve them during an incident
- Run an incident response exercise for their teams
Pricing and eligibility
- Jisc members - £350 + VAT 1
- Other organisations - £500 + VAT
- 1 VAT is charged at 20% of the value of the service. If you are a member of Jisc’s VAT-exempt cost sharing group, and you are able to provide confirmation of the exact taxable/exempt use of the service, we will be able to reduce the amount of VAT chargeable to reflect the taxable business use proportion of the service only. This additional information is required as a result of a change to HMRC policy. Please contact firstname.lastname@example.org if you require more information.
For more information, email email@example.com or phone 01235 822242.