Cyber Incident Planning & Response — NCSC Certified Training

Level: Foundation

Organisations continue to suffer from external and internal attacks yet Cyber Incident Management is an afterthought in most companies. This course will enable you to prepare a defined and managed approach when responding to a data breach or attack of an information asset. The content is intended for senior management and business executives who wish to gain a better understanding of incident response or are responsible for helping organizations plan and prepare for potential cyber threats and effectively deal with actual cyber-attacks. This is not a technical course therefore there are no prerequisites.

Key Features of this Cyber Incident Planning & Response Training:

  • After-course instructor coaching benefit
  • Learning Tree end-of-course exam included

You Will Learn How To:

  • The latest techniques and insight on incident response.
  • Threat Intelligence led testing and response framework adopted by leading governments and institutions.
  • Deep dive into Cyber Kill Chain and design an early warning system to lower discovery time from months to days
  • Create actionable plans & checklists
  • Understand, define and baseline “Normal” within your organisation.
  • Stop up to 90% of all cyber attackers in their tracks and before they breach your critical data.
  • Design and implement a response framework and build an effective cyber response team.
  • Secrets of managing TV reporters and media journalists.
  • The “golden hour” and why it’s critical to managing an incident.
  • Basic application of incident triage, OODA and the Diamond Methodology.
  • Analyse recent attacks and learn how these attacks avoided detection.
  • Learn about security incident orchestration and how it can help reduce your time to respond and reduce human error
  • Learn how to automate critical incident response tasks to increase employee efficiency
  • Learn how to run effective table top exercises with management and your technical teams
  • Learn how to assess your organisations breach readiness

Choose the Training Solution That Best Fits Your Individual Needs or Organisational Goals


In Class & Live, Online Training

  • 1-day instructor-led training course
  • After-course instructor coaching benefit
  • Learning Tree end-of-course exam included
View Course Details & Schedule

Standard £649




Team Training

  • Bring this or any training to your organisation
  • Full - scale program development
  • Delivered when, where, and how you want it
  • Blended learning models
  • Tailored content
  • Expert team coaching

Customize Your Team Training Experience


Save More on Training with Learning Tree Training Vouchers!

Our flexible, easy-to-redeem training vouchers are available to any employee within your organisation. For details, please call 0800 282 353 or chat live.

In Class & Live, Online Training

Note: This course runs for 1 Day

Guaranteed to Run

When you see the "Guaranteed to Run" icon next to a course event, you can rest assured that your course event — date, time — will run. Guaranteed.

Important Cyber Incident Planning & Response Training Information

  • Requirements

    There are no formal prerequisites for this course.

Cyber Incident Planning & Response Training Outline

  • Interactive Group Activities

    Breach notification

    Before the Incident Mind Map underpin an effective breach ready

    After the Incident Mind Map organisation.


    Crown Jewels

    Process Workflows

    The Cyber Kill Chain

    Go Destroy

    Log Data Analysis

    Press Interview Scenarios

    Crisis Comms Plan

    Client and PR Communication Templates

  • Understanding Threat Actors

    Threat Actors in Detail

    Threat Agents Intent & Attributes

    Detection and Response Strategies

  • Automating Incident Management & Response

    What is incident orchestration

    Using incident orchestration to significantly reduce time to - respond to data breaches

    How to semi-automate and fully automate incident management

    Using incident orchestration to empower and up skill existing staff

    Incident orchestration as Force Multiplier

    Using orchestration to increase compliance to - Forensic Principles regulations like GDPR - Seizing Evidence

  • Defining Normal

    Identifying Critical Systems and Assets

    Understanding and Building the Organisational Baseline

    Interactive session on applying these principles

    Strategies in understanding operational weaknesses

    Defining high level cyber response process workflows

  • The Technologies

    Understanding the technologies that underpin an effective breach ready organisation

    Analysis of core technology requirements

  • The Cyber Kill Chain

    Methods of Attack

    Analysis of the Cyber Kill Chain

    Review of Recent High Profile Attacks

    Strategies to counter the Cyber Kill Chain

  • Triage, Detection & Monitoring

    OODA Loop

    The Golden Hour

    Log Management

  • The Checklist

    Creating/ adopting the checklist

    Incident management checklist

    Using the check list to beat the hackers!

  • Intelligence Led Incident Response

    Detailed why and how

    Actionable Threat intelligence

  • Forensics & Investigations


    Forensic Principles

    Seizing Evidence

  • Public Relations

    Crisis Comms Plans Management

    Social Media & PR Key Steps

    PR Case Study

    Breach notification

  • Building the Team

    Stakeholders - Who are they?

    Legal, Compliance and Notifications

Team Training

Cyber Incident Planning & Response Training FAQs

  • Can I learn Cyber Incident Planning & Response Training online?

    Yes! We know your busy work schedule may prevent you from getting to one of our classrooms which is why we offer convenient online training to meet your needs wherever you want, including online training.

Questions about which training is right for you?

call 0800 282 353
chat Live Chat

Why do we require your location?

It allows us to direct your request to the appropriate Customer Care team.

100% Satisfaction Guaranteed

Your Training Comes with a 100% Satisfaction Guarantee!*

*Partner-delivered courses may have different terms that apply. Ask for details.

Why do we require your location?

It allows us to direct your request to the appropriate Customer Care team.

Preferred method of contact:

Please Choose a Language

Canada - English

Canada - Français