Incident response is an organised approach to addressing and managing the aftermath of a security breach. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
This live online courses includes short, practical team exercises in which you can test your skills in detecting and efficiently responding to incidents. You will experience a crisis situation and learn how to handle this under pressure and how to communicate about and during the crisis to key stakeholders.
The course is led by Jisc's Paul Jacobs, senior security analyst and Julian Fort, security analyst.
- Challenging scenarios will allow you to experience and react to a serious incident in a safe environment
- Assess your own organisation’s preparedness and ensure you are fully prepared with an effective incident response procedure
- Each scenario will be analysed for success and lessons learnt - giving you a checklist of actions to implement at your organisation
- Work through a straightforward incident response procedure, detecting, identifying, responding and compiling lessons learned, making recommendations for better future response and for preventing a recurrence
- Understand the importance of effective communication with IT staff, representatives from legal, human resources, and public relations departments during an incident
- Take away some scenarios to run with your teams to give them a chance to experience
- Share best practice with your peers
- See how other teams approach the same scenario and the effect different choices have on the outcome
- Access to pre and post course material online through Itslearning.
This course comprises of two online sessions, each lasting two and a half hours. The sessions will involve presentations, audio and interactive chat both as a whole class and in break-out groups.
Our courses are designed to provide a balance between practical activities and information dissemination, as we believe people learn when they are engaged in the instructional process.
This course includes participant involvement through discussion and group work created specifically for the course.
These sessions are delivered over Adobe Connect, which you can access using the Adobe Connect app or directly via your browser. Further detailed instructions will be sent following booking.
We would also recommend the use of a second screen where possible.
Who should attend
This course will be of benefit to any technical staff responsible for their organisations security incident response that are new to incident response.
What we cover
During the day we will explore different scenarios including:
- Lost equipment
- Denial of service (DoS) attack
- Stolen data and ransom
By the end of the course, delegates will be able to:
- Assess the incident response policies and procedures at their organisation and make recommendations for improvement
- Draw on an effective response plan and understand the key process and documentation necessary to effectively respond to a security incident in an organisation and the help and support they can give during an incident
- Understand the role of the Janet Network CSIRT, and who the security contacts are within an organisation
- Describe the key elements of a security incident lifecycle
- List key stakeholders and have a plan of when and how to communicate with them and involve them during an incident
- Run an incident response exercise for their teams
Pricing and eligibility
- 16 and 17 November 2021 - 10% discount for delegates attending the Jisc security conference 2021
- Jisc members1 - £250 + VAT2
- Non-member3 - not-for-profit - £300 + VAT
- Other organisations4 - £400 + VAT
- 1 All Jisc members – typically publicly funded FE, HE and Research institutions
- 2 VAT is charged at 20% of the value of the service. If you are a member of Jisc’s VAT-exempt cost sharing group, and you are able to provide confirmation of the exact taxable/exempt use of the service, we will be able to reduce the amount of VAT chargeable to reflect the taxable business use proportion of the service only. This additional information is required as a result of a change to HMRC policy. Please contact email@example.com if you require more information.
- 3 Eligible local government, public sector, private/independent education providers and non-profit customers
- 4 All non-member commercial partners
For more information, email firstname.lastname@example.org or phone 01235 822242.
An easy route to procurement
We are an approved supplier on the Crown Commercial Service dynamic purchasing system (DPS). This provides a simple and trusted way for public sector buyers and our members to procure Jisc cyber security services and training.