Cyber breach

The aim of the cyber breach response course is to provide drills, table-top exercises and rehearsals for the scenarios that you may face.

Your organisational structure can be unique and it is critical that we consider this when constructing a cyber breach playbook. Our approach is to prepare delegates for their role in their organisation’s breach plans. Differing structures can have an impact on operations and decision-making during a breach.

This course is a blend of lecture with practical exercises where we will share relevant insights and discuss the implications in your context. We use case studies based on real examples and we will draw on the wisdom in the room. You will participate in an interactive simulation of a real cyber breach that will test your responses.

The topics we will link into include

• Risk Management
• Understanding your environment
• Understanding your attackers
• Communications and stakeholder management
• Building your playbook
• Breach response

Example attack scenarios

• Denial of Service
• Credential Stuffing
• Ransomware outbreak
• Social engineering attack
• Data leak/loss
• Website defacement

Benefits for the individual

• The ability to communicate what your responsibilities are and what actions you should take in the event of a breach.
• The knowledge to be a part of developing and implementing a plan to effectively respond to a cyber breach.
• A wider understanding and appreciate of everyone’s role within a breach scenario.
• You will also help change the culture in your organisation

Benefits for the organisation

• Valuable templates and sample documentation for your own use, including RACI Matrix template; Playbook examples; Common scenarios; Communications messaging best practice
• Ability to recognise the importance of making decisions early or even ahead of a breach
• Building better collaboration between senior leaders is one of the significant outcomes of the cyber breach course
• Preparing your organisation for a security incident is now mandatory under the NIS Regulation
• Managers will function more effectively as a unit, in a consistent and repeatable manner

Socitm members:

Places included in your membership, subject to availability

Non-members:

Contact us for further details

The course is open to all roles, from CEO down to IT support staff because so many people need to play a part and everyone needs to understand the plan, whether directly involved or not.

We encourage delegates from digital/ICT managers, network managers, security analysts, corporate communications professionals, HR, Legal and fraud/investigations staff.

We assume participants on the course will:

• Be in a digital/ICT management and/or leadership role
• Be motivated and ambitious to succeed as a strategic leader of change
• Be curious and open to learn
• Be seeking principles and guidance to act strategically and tactically when required
• Be willing to contribute to group discussions and undertake a role in the breach simulation

A commitment to the whole course is mandatory. Participants must have good communication skills and be willing to contribute with enthusiasm and energy. Outside of the workshop modules, there will be some requirement to engage in the coaching and mentoring sessions (via phone/skype), as well as collaborating online with others in the group during the course.

The course is designed to minimise travel costs and time away from the office. Course materials, refreshments and lunch are included. Travel and any accommodation required is the participant’s responsibility.

The course attendees will be invited to attend our annual two-day President’s Conference to take part in a graduation ceremony during the evening dinner.

Any questions? Please get in touch with Dominika Szulim at dominika.szulim@socitm.net