This course discusses the often-neglected topic of managing an incident response team. Given the frequency and complexity of today's cyber attacks, incident response is a critical function for organizations. Incident response is the last line of defense.
Detecting and efficiently responding to incidents requires strong management processes, and managing an incident response team requires special skills and knowledge. A background in information security management or security engineering is not sufficient for managing incidents. On the other hand, incident responders with strong technical skills do not necessarily become effective incident response managers. Special training is necessary.
The course has been updated to address current issues such as advanced persistent threat, incident response in the cloud, and threat intelligence.
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.