Training Course
Syllabus:
Cyber Security Incident Response Program (CSIRT) and Plans
This seminar will help you to establish Key Performance Indicators (KPI) to determine if your Information Systems Incident Response program meets business objectives and operational metrics for ongoing process improvement. We will discuss: How to tailor & enhance your existing security training program and requirements for specific audiences based on the sensitivity of the information for which they are granted based on policies. How to strengthen IT Risk Management - Integrate Information Security risk management with enterprise risk management, including using common business terminology, congruent methods, and common or linked risk register, and establishing mechanisms for risk acceptance. How to build an IS regulation review process, schedule and regulation requirements. Information Security, Governance & Risk, are all critical aspects of planning and execution of the Information Security Plan. Who in your organization has key responsibility to develop an information security governance program; review existing Information Security policies and standards to ascertain their adequacy in coverage scope against industry best practices, and update them as appropriate, taking into account compliance recommendations? Do you feel safe enough to bet your reputation on your current CSIRT Plan?
Your Organization must be prepared to respond to a Cyber Incident. Here are some of the cases which happened recently: On October 3, 2013, The Adobe Systems Incorporated in the United States of America discovered that there was a cyberattack Hackers made it through their network during its regular monitoring of security check. As Target continues to respond to the security breach that has now been estimated to affect up to 110 million people by NBC News.com, analysts continue to zero in on the statements and actions by CEO, Gregg Steinhafel. TJX Corporation, a major retailer with stores in the United States, Puerto Rico, and even the United Kingdom, experienced one of the largest security breaches. Millions of their customer’s credit and debit card information were stolen over a seventeen month period. TJX is the parent company of chains such as TJ Maxx, Marshalls, Homegoods, and a host of retail stores across the US and Canada. Learning Objective: Cyber Security Incident Response Program is a must for any organization using the Internet. It must be robust yet flexible. Unfortunately in spite of all of the Cyber Events, many companies are taking a long time to respond. Teams must be trained and have written procedures. Time is critical in responding to an incident. Every incident costs the organization, money and reputation, In this session you will learn: Best practices and the standards that make up a great Cyber Incident Response Program Learn what teams should be part of your CSIRT Team Get insight into how to create CSIRT Playbooks and Management Plans Learn how to conduct inexpensive tests of the CSIRT Teams and Programs This program will help you determine your current Gaps and provide milestones for correcting the Gaps Areas Covered: Key points to be discussed at the session include: Adopting a systematic approach to risk tracking to enhance the effectiveness of the Cyber Incident Program Outlining the critical actions to take if an event affects the company or its partners Understanding an organizations’ susceptibility to a Cyber Attack Cyber Incident Response: Getting started, research, training, testing and maintaining Standards and Best Practice: ISO 27001, ISO 27035, ISO 27005. NIST, FFIEC, HIPPA AND HITRUST Attendees will get below tools and templates: Best Practices Standards Organizing Researching Documenting for your Organization Testing for your Organization How to maintain the program and keep it current Course Outline: Day One (8:30 AM – 4:30 PM) Registration Process: 8:30 AM – 9:00 AM Session Start Time: 9:00 AM Cyber Security Incident Response Program (CSIRT): Where to Start Standards and Best Practices ISO and Information Security as a Guideline Researching Your Industry Event vs Incident NIST, SANS and More Planning Team Operation Sequencing for CSIRT Day Two (8:30 AM – 4:30 PM) Developing and documenting your Program Developing and documenting your Plan Developing and documenting your Playbooks Creating your CSIRT Team Team Training Testing and Types of Tests Maintenance |