
16
CEAPs
Track: Cyber Resilience
Course Title: Cyber Resilience Review
Course ID: CRP 501
Relevant Certifications (requires additional step): ACRP, CCRP
Duration: 2.5 days (Two full days of instruction 8:30 a.m. – 5:00 p.m.; Examination day 8:30 a.m. – 12:00 p.m. or at leisure)
16 Continuing Education Activity Points (CEAPs) may be awarded toward recertification if applicable.
The cost of this course includes both the course and the exam.
This course is currently available only for group training upon request.
Description
You’ll discover how business continuity and cybersecurity must integrate within every organization, using the five elements of cyber resilience: prepare/identify, protect, detect, respond, and recover. Collectively, these concepts and the resulting action plans will help develop a strategy to effectively respond to unforeseen events and get your organization back up and running as quickly as possible. These two traditionally separate functions must work together, and with this course, you’ll be able to take steps to make that happen in your organization. Doing so will streamline well-coordinated identification, response and recovery from cyber-attacks and data breaches, minimize impacts, protect the organization’s reputation, and give you the professional advantage of bringing the most current information and skills to the table.
Objective
1. Provide students with detailed instruction, framework, and guidance for implementing the concepts essential to combining cyber security and business continuity into an effective Cyber Resilience program.
2. Prepare students with actionable recommendations and best practices to represent an appropriate “value proposition” to an organization’s executive management that will help to ensure any investment necessary to step up to a strong Cyber Resilience program.
3. Have students engage in cyber/BCM based practical exercises to help understand the current issues you will face.
4. Share experiences with other professionals.
5. Prepare to pass the Cyber Resilience Examination, so you can be certified as a DRI International Certified Cyber Resilience Professional.
Outline
DAY 1
- Introduction to concepts of cyber resilience
- Types of cyber events
- How cybersecurity events impact business continuity
- Integrating cybersecurity into business continuity
- Organizational considerations
- Stepping up from cybersecurity and business continuity to achieve cyber resilience
- Develop an effective incident response
- Identify specific means to bringing cybersecurity incident response planning and entity continuity planning together
- Design strategies that mitigate loss should a breach occur
- Identify critical parameters of IT-related operations with an entity impact assessment
- List entity recovery strategies crucial to re-establishing technology and continuity of critical entity processes
- Advantages of identifying cyber-related risks and integrating them into entity planning and administration
DAY 2
- Creating a cyber resilience framework
- Examine the latest cybersecurity framework
- Review existing regulations that govern cyber security protection and reporting
- Explain how to develop and implement safeguard protection for critical technology infrastructure and services in order to contain the impact of a cyberattack
- Discuss how to detect and monitor network attack indicators to ensure the effectiveness of safeguards
- Describe the importance of regular cyber awareness training
- Monitoring internal security events and correlate them to external threats
- Creating an effective response plan
- How to restore data and services that may have been impacted during a cyberattack
- Understand how cybersecurity and business continuity both work with reputation management
- Cybersecurity monitoring
- Creating effective crisis communication plans for cyber incidents
- List recommendations for preparing key suppliers in the event of a cyberattack
- Discuss how training and awareness initiatives should be employed to embed cyber resilience within the entire organization and ensure that personnel know the function of response plans