Cyber Incident Response Planning for Executives

Empowering leaders to develop and execute effective cyber response strategies.

As an executive, responding to a cyber-attack can be one of the most stressful challenges you face. In the heat of the moment, managing the situation without a solid grounding in cybersecurity and incident response can feel overwhelming. You may instinctively feel the need to step in and make critical decisions, but doing so without the right information can complicate matters further.

Cyber-attacks can sometimes feel like an “extinction event,” where recovery seems impossible. In these high-pressure situations, you are tasked with making significant decisions based on limited information, and the consequences of those decisions can be profound. It’s crucial to recognise that choices made in the moment may unintentionally escalate the severity of an incident, especially if they are based on incomplete understanding of the attack's methodology and the environment you’re operating in.

This online course is designed specifically for leaders, providing essential insights into incident response that you can seamlessly integrate with your existing knowledge and incident response plans. With an executive-focused approach, we simplify complex concepts without delving into technical jargon, empowering you to lead with confidence when it matters most.

Upon completion of the course you will qualify with a formally recognised Microcredential from Bond University.

Dr Graeme Edwards

Graeme has nearly 30 years’ experience in law enforcement, with approximately 20 of these involved in the investigation of cybercrime and corporate fraud. He has undertaken numerous investigations into these crimes and researching the methodologies of the criminals, the vulnerabilities they exploit in their targets and understanding the consequences to the victims.  

Graeme has successfully completed a Doctor of Information Technology with a thesis of Investigating Cybercrime in a Cloud Computing Environment, a Master of Information Technology (Security) and a Bachelor of Business Studies (Security).  

He has written and delivered courses in cybercrime and digital evidence at a Queensland University and is currently writing and presenting such courses for Bond University. He is a past president of the Association of Certified Fraud Examiners in Brisbane and has successfully published The Cybercrime Investigators Handbook which has been published by Wiley Publishing in the United States.  

  • This course has been designed to fit seamlessly into your busy schedule. It is made up of six self-paced online modules that can be completed at your own pace via our high-quality learner platform.

    MODULE TOPICS

    Module 1: Introduction to Incident Response Framework models - In this module, you will explore cybersecurity incident response frameworks like NIST, CISA, and ACSC, learning how to prepare, detect, contain, and recover from cyber threats. You’ll gain insights into creating a comprehensive response plan by leveraging best practices from these frameworks to enhance organizational resilience. The focus will be on the NIST model, with additional insights from CISA and ACSC for a well-rounded approach.

    Module 2: Building a Cyber Incident Response Team - There are many frameworks available to review and determine which is applicable to your organisation. Alternatively, you may take components of different frameworks and use them to build your plan. This module reviews cyber security frameworks from national and international organisations.

    Module 3: Preparation - In this module, you will explore policy development and practical steps for incident response. While the NIST framework focuses on practical steps in its "Preparation" section, this module emphasises policy development, essential for executives and managers at all levels. You'll learn how to create an incident response framework, using policy as the foundation to guide effective incident management.

    Module 4: Detection and Analysis - In this module, you will learn the importance of identifying and how to identify attack vectors. Combining NIST and CISA frameworks, you will learn how to form a picture of your adversary and better understand how they have exploited your cyber vulnerabilities.

    Module 5: Containment, Eradication and Recovery - In this module, you will learn the final stage of the NIST model: containment of the incident, eradication of the threat and recovery. You will understand the role of the executive, containment and eradication strategies and important steps to consider for recovering from an incident.

    Module 6: Attack Response Guides - In this module, you will learn how to develop response guides for several examples of cyber security events that you may encounter. This information will be of assistance in your decision-making and reporting processes. Examples explored in this module include incidents of ransomware and denial of service attacks. 

    Assessment for this course consists of an online quiz. The quiz is a series of multiple-choice questions that assess your understanding of the content. You must complete and pass the quiz to be eligible for a digital Certificate of Completion. 

  • This course is tailored for executives and directors looking to enhance their understanding of cybersecurity and effectively guide the development of a cybersecurity plan that aligns with their organisation’s unique needs and risk profile.

  • Upon completion of this course, you will be able to:

    1. Understand the role of the management and executive in the development of a Cyber Incident Response Plan. 
    2. Identify differing Incident Response model frameworks.  
    3. Enhance the capability to lead the development of a Cyber Incident Response Plan and response team.
    4. Understand the role of preparation in the development of a cyber incident response plan.  
    5. Identify the applicable manager/executive roles in the detection and analysis of a cyber event.
    6. Identify the applicable manager/executive roles containment, eradication and recovery phases of responding to a cyber event.
    7. Understand responses to cyber events in the development of Response Playbooks.
       

This course has been designed to fit seamlessly into your busy schedule. It is made up of six self-paced online modules that can be completed at your own pace via our high-quality learner platform.

MODULE TOPICS

Module 1: Introduction to Incident Response Framework models - In this module, you will explore cybersecurity incident response frameworks like NIST, CISA, and ACSC, learning how to prepare, detect, contain, and recover from cyber threats. You’ll gain insights into creating a comprehensive response plan by leveraging best practices from these frameworks to enhance organizational resilience. The focus will be on the NIST model, with additional insights from CISA and ACSC for a well-rounded approach.

Module 2: Building a Cyber Incident Response Team - There are many frameworks available to review and determine which is applicable to your organisation. Alternatively, you may take components of different frameworks and use them to build your plan. This module reviews cyber security frameworks from national and international organisations.

Module 3: Preparation - In this module, you will explore policy development and practical steps for incident response. While the NIST framework focuses on practical steps in its "Preparation" section, this module emphasises policy development, essential for executives and managers at all levels. You'll learn how to create an incident response framework, using policy as the foundation to guide effective incident management.

Module 4: Detection and Analysis - In this module, you will learn the importance of identifying and how to identify attack vectors. Combining NIST and CISA frameworks, you will learn how to form a picture of your adversary and better understand how they have exploited your cyber vulnerabilities.

Module 5: Containment, Eradication and Recovery - In this module, you will learn the final stage of the NIST model: containment of the incident, eradication of the threat and recovery. You will understand the role of the executive, containment and eradication strategies and important steps to consider for recovering from an incident.

Module 6: Attack Response Guides - In this module, you will learn how to develop response guides for several examples of cyber security events that you may encounter. This information will be of assistance in your decision-making and reporting processes. Examples explored in this module include incidents of ransomware and denial of service attacks. 

Assessment for this course consists of an online quiz. The quiz is a series of multiple-choice questions that assess your understanding of the content. You must complete and pass the quiz to be eligible for a digital Certificate of Completion. 

Enhance your organisation’s security!

Enrol now

Send an enquiry

By browsing this site you accept that cookies are used to improve and personalise our services to you for a better experience on our website and for social activity. If you continue, we will assume that you agree to our use of cookies statement
I Agree