• Online, Instructor-Led
  • Online, Self-Paced

This practical course guides participants through the steps necessary to develop an incident response plan to enable a company to minimize loss and speed recovery after a data breach or network intrusion. Specific topics include establishing proactive relationships before an attack occurs, tailoring a response plan to evolving and emerging threats, and understanding the protections afforded by attorney-client privilege.  

Learning Objectives

Identify what an incident is | Difference between an incident and a breach | Prepare an enterprise for Incident Management | Identify the sequence of events when an incident happens | Implement recovery procedures post incident | Manage customer perception post incident

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.