Price is US Dollars.
This is a THREE-DAY immersion boot camp for members of the CISO organization and its key stakeholders across all industries.
Lunch, refreshments and snacks are included. Please contact us with special meal requirements.
During the fog of war (cyber crisis) is not the time to figure out how to respond. An effective response requires careful planning across an organization. This in-depth, hands-on immersive boot camp gives attendees the knowledge and tools to complete their own Cyber Crisis Response Plan / Cyber Crisis Management Plan (CCRP / CCMP).
DAY 1: FOUNDATIONS OF AN INCIDENT RESPONSE PLAN & CYBER CRISIS RESPONSE / MANAGEMENT PLAN (CCRP / CCMP)
• The purpose of cybersecurity incident response (IR) plans vs. a cyber crisis response / management plan (CCRP)
• Defining incident severity levels
• Defining the cyber crisis threshold
• Incident response plan framework
• Incident response team members and stakeholders
• Core team and support team roles and responsibilities (RACI matrix)
• Identifying and documenting functional/operational vs incident team activities
• Cyber Crisis Response Plan integration
DAY 2: CYBER CRISIS RESPONSE / MANAGEMENT PLAN (CCRP / CCMP) DEVELOPMENT
• An overview of a cyber crisis response, the response process flow and response logistics, which addresses the activities within each of the four phases of a response
• Cyber Crisis Response Team roles and responsibilities for the various executive members, response team members, and support teams
• The multitude of Cyber Crisis Response Plan Working Groups, which are focused on critical business functions
• Cyber Crisis Response Plan Ownership and Governance
• Incident severities and the incident lifecycle
• Anatomy of a cyber attack
• Anatomy of a cyber attack response
• Functional Team Incident Response Plans
o Corporate Communications
o Fraud
o General Counsel/Legal
o Advertising and Brand Management
o Regulatory Affairs
o Global Security
o Operational Risk
o Privacy
o Information Technology
DAY 3: CYBER CRISIS RESPONSE / MANAGEMENT PLAN USAGE AND VALIDATION (TABLETOP WAR GAMES)
• How to use the CCRP / CCMP, including instructions for the Senior Executive-in-Charge, the Executive-in-Charge and Lead Incident Handler, the Primary and Backup Incident Response Leads, and all others who are involved in the cyber crisis response
• Templates and checklists for:
o Lead Incident Handler
o Email Communication Templates
o Sample Cyber Crisis Initial and Subsequent Meeting Agendas
o Crisis De-Activation
• Defining war game goals and the war game scenarios needed based on the functions of the cyber crisis response plan and business function(s) to be tested
• War game logistical considerations
• Develop the materials needed for the tabletop exercise and refine them after some basic validation
• Execution of the war game as well as documenting the after-action report