Self-Paced eLearning |
Online Immediate Access |
Click Here |
Virtual Live Class |
Thursday 21st November |
Click Here |
Virtual Live Class |
Tuesday 17th December |
Click Here |
Virtual Live Class |
Tuesday 21st January |
Click Here |
The NCSC Assured Cyber Incident Planning & Response Course (CIPR) created by Cyber Management Alliance, the leading global experts in cybersecurity training and advisory services, is a comprehensive course enabling individuals to prepare a well-defined and managed approach to dealing with a data breach or a cyber-attack.
The course is aimed at a wide audience including those, technical or non-technical, who want to understand how to better prepare for responding to a cyber-attack. The course has no pre-requisites and students will understand the operational strategies and processes an organisation needs to consider before, during and after a cyber crisis or data breach.
Training assured by the UK-Government's National Cyber Security Centre (NCSC)
Teaches how to implement NIST's Computer Security Incident Handling Guide: NIST SP 800-61 Revision 2
Enables meeting the objectives of ISO 27001:2013's Annex A.16.1
Accredited by the Chartered Institute of Information Security (CIISec)
Optional Examination (Provided by APMG International and ProctorU)
19 modules with interactive exercises on key aspects of planning and response
Bonus content including worksheets and templates
Access to several accompanying mind-maps and checklists
Full access to all content (downloadable PDFs) for 60 calendar days (E-Learning students only)
Comprehensive supporting e-book for reinforced learning
Access to regular live-discussions with global experts (online students only)
Exclusive group remote and onsite workshops available
There are numerous individual advantages of learning about cyber incident response plans, incident response certifications and knowing how to enhance your incident response capabilities and breach response maturity.
We also run an internal private workshop for organisations who wish to enhance their cyber resilience through improved and a more coordinated response to cyber-attacks. Organisations who invest in the NCSC Assured Cyber Incident Response Training Course for their staff observe a great degree of improvement in their cybersecurity maturity and cyber resilience.
The table below lists the benefits to both individuals and organisations who undergo our NCSC Assured Training.
Individual Benefits |
Organisational Benefits |
Gain a deep understanding of NIST's Computer Security Incident Handling Guide: NIST SP 800-61 Revision 2. | Learn how to implement NIST's Cyber Incident Response Framework throughout your organisation. |
Become Certified in Cyber Incident Planning and Response. | Define the threat actors and create a threat actor library specific to your organisation. Define Normal - understand your organisation's baseline. |
Display your incident response certifications or accreditation via a digital badge, showcase to potential clients and employers. | Assess and improve your organisation's triage capabilities. Define and improve alerts for your analysts. |
Comprehend and manage the threats and risks relating to information systems and assets from cyber-attacks. | Become more compliant with data breach response regulations by creating fit-for-purpose data breach response plans. |
Define and support the implementation of processes and procedures for detecting breaches of security policies. | Achieve tangible reductions in detection and response times to cyber-attacks that could lead to better managed and lower data breach compensations. |
Understand the core principles of and actively contribute to the creation of your organisation’s cybersecurity strategy and incident response plans. | Streamline technology investments with the possibility of tangible savings across multiple technology sets. |
Explain what Threat Intelligence and its significance is in keeping organisations cyber-resilient. Discuss how Threat Intel can aid in rapid detection of advanced threats. | Create organisation specific cyber-attack scenarios. |
Participate in the development of information risk management strategies to reduce business risk. | Build Detection & Response Strategies tailored to your business. |
Discuss the benefits of monitoring and auditing for violations of relevant security policies (e.g. acceptable use, security, etc.). | Technology stack review & assessment of integration into SoC & monitoring technologies. High level review of your monitoring and log management. |
Define and implement processes and procedures for detecting data breaches. | Improve interdepartmental communication and interaction before and during an incident (This is especially true when organisations host the CIPR workshop internally, over 2 days). |
Establish and maintain a Computer Security Emergency Response Team to deal with breaches of security policies. | Review your PR & communication templates & internal communications approach. |
Understand and explain the primary requirement of privacy regulations, like the EU-GDPR, in the context of cyber incident response and cyber resilience. | Review and improve the team and organisational structure of IR teams and CSIM (cybersecurity incident management) teams. |
Discuss and support the development of innovative methods of protecting information assets, to the benefit of the organisation and the interface between business and information security. | Understand areas of improvement of your organisation’s incident response plans. Baselines cyber resilience awareness across the business. |
Discuss and support in the development, coordination and evaluation of plans to communicate with internal stakeholders, external stakeholders and the media. | Achieve more productive and efficient staff with increased motivation and better learning and career development. |
Here's a quick look at what delegates can look forward to learning in our NCSC Assured Training in Cyber Incident Planning and Response.
For a more detailed view of the Learning Objectives, you can directly download Complete Learning Objectives PDF.
Our NCSC Assured Training in CIPR has been created by one of the world's leading cybersecurity practitioners & a practising global CISO. The CIPR course stands apart for:
All online and public students receive numerous takeaways including immediately usable cyber response checklists, templates like cyber response plans and workflows that you can put to use in your organisation immediately.
This module starts by emphasising the importance of asking the question - WHY? Why would an attacker attack your organisation? It delves briefly into the psychology of attacks and builds the foundation for Module 2. In addition, this module introduces the core concept of resiliency in the context of cyber. The module offers:
For full details on this and other modules click here.
Threat actors may sound daunting but fear not. After asking the question, “Why” in the first module, this cyber threat actor section discusses the importance of asking - WHO could damage your critical assets and consequently destroy your business. This section explains the importance of knowing details about your attacker(s) who could target your business. This module offers:
For full details on this and other modules click here.
Another key concept in the Cyber Incident Planning & Response course, Define Normal introduces the important idea of baselining or defining an organisational normal and explains its importance in building a cyber resilient business. It goes without saying, unless you can define and understand what’s normal for your digital network, it will be almost impossible to rapidly detect the abnormal. In this module, you will learn:
For full details on this and other modules click here.
Cyber criminals follow a process and have their own easy-to-follow attack methodology. In this module (also known as the cyber-attack process), we disclose the specific workflows that the majority of advanced and/or smart criminals utilise when they attack organisations and nation-states.
In these four modules, you will learn:
For full details on this and other modules click here.
In this module, we introduce an important strategy - the concept that every business must focus on if it wants to increase its breach response and preparedness. The notion that if you stand in a dark room you are blind and oblivious to the surroundings may seem obvious, but this very fact is ignored and overlooked by organisations when planning and strategising on breach-readiness. In this module, students learn:
For full details on this and other modules click here.
The pivotal moment, the ‘golden hour’ and many other important concepts and strategies are discussed in this section.
For full details on this and other modules click here.
Building a great cybersecurity team also involves walking the tightrope between having a great internal team and liaising with external experts wherever necessary. In this module on Building the Team, students will learn:
For full details on this and other modules click here.
Forensics and evidence are often overlooked in cyber incident management. Many IT professionals don't have enough experience in handling evidence the right way. Dealing with a cyber-attack requires the ability to ensure chain of custody and ensure the evidence is captured, protected and processed in a way that it can be presented in court without anyone being able to challenge the integrity of that evidence. Delving further into this subject, in this module, we cover:
For the full details on this and other modules click here.
The actions that an organisation takes before, during and after an incident can have legal and or financial repercussions. It is imperative, therefore, that the management, IT and Security teams understand the regulations and standards that apply to them and have a well-defined set of policies to cover these regulations. In this module, we cover:
For full details on this and other modules click here.
It goes without saying that technology plays an extremely crucial role in all aspects of cyber incident response and management. The challenge is that most organisations have a messy and complex technology stack. A huge part of the objective of cyber incident planning and response is to evaluate your technology stack and ensure that it is optimised and ready for a cyber-attack. In this module, students will learn:
For full details on this and other modules click here.
The media is always on the lookout for juicy news and controversies. In case of a cyber incident in your organisation, you could be making the next set of headlines. What will you do when you’re in the news and your business and its security infrastructure is being scrutinised by the media? Do you have a PR strategy for when a security disaster hits? In this module, students will learn:
For full details on this and other modules click here.
A really good session. The trainer is really knowledgeable and presented the course in a really understandable format that the participants really enjoyed.
It was really spot on, very practical, non-technical. I have a couple of great take aways for my every day work. Highly recommend it for non-technical people.
It was amazing. Amar is not just a trainer, he’s an industry expert, and from his experience and knowledge, I actually got some amazing insights.
I found today’s course very productive - discussing the various aspects of incident response. The course is very clearly presented; I fully understood the content and look forward to putting some of the stuff into practice. Thank you.
Brilliant course with lots of good examples. A course to recommend to any incident response team.
I feel the day was really well spent in terms of understanding and getting newer or additional knowledge around this concept and the trainer was absolutely wonderful in sharing and articulating this.
I have been attending CMA’s Cyber workshop and we’ve been reviewing incident response. They’ve been directing us towards good cybersecurity practices; they’ve been reviewing our current ideas, and they’ve been adding real value to our Cyber Security response. I thoroughly recommend using CMA for the future.
I have attended the CIPR training course and I have to say I was very impressed with the course and its content. You don’t need to have IT skills or an insight into IT. But what it does do is, in layman terms, sets out the key issues. This course is very good.
I wish all Senior Executives attend this course. It’s the most practical course I have ever attended. It teaches you not just how to understand but also how to respond to a Cyber Attack.
I found the course to be very interesting. It's not the usual bookish theoretical type of course. It was quite interactive.
Launched in October 2016, the NCSC or National Cyber Security Centre is headquartered in London and brings together expertise from CESG (the information assurance arm of GCHQ), the Centre for Cyber Assessment, CERT-UK, and the Centre for Protection of National Infrastructure.
The NCSC Assured training is designed to assure high-quality training courses delivered by experienced training providers. The courses are assessed at two levels, namely, awareness and application.
This course has been certified for the application level of incident response in the areas of Risk Assessment, Business Continuity Planning and Incident Management. The Application level is for anyone looking for in-depth courses for their professional development.
The Chartered Institute of Information Security (CIISec) is the only pure-play information security institution to have been granted Royal Charter status and is dedicated to raising the standard of professionalism in information security. CIISec represents professionalism, integrity and excellence within the information and cybersecurity sector.
The NCSC Assured Training and the Chartered Institute of Information Security's (CIISec) accreditation enables organisations to distinguish between reputable courses and ones that have not been validated using a Government-endorsed assessment process.
Following the completion of the training course (Public, Internal, Instructor-led or Self Paced Learning) all students have the option of earning incident response certifications by successfully passing the APMG International examination of the NCSC Assured Cyber Incident Planning and Response Training. The exam is administered by APMG International and invigilated by ProctorU who provide secure live and automated online proctoring services for academic institutions and professional organisations.
Number of Questions: 30
Passing Score: 50%
Exam Duration: 25 Mins
Exam Format: Multiple Choice
Exam Delivery: APMG Exam Portal and ProctorU
Our digital badges are issued by youracclaim.com, the world's most trusted digital credential network for professional associations and corporate learning. The badges are secure, digital representations of your professional development credentials (certification in incident response). Embed your digital badge on an email signature, website, social media profile or a digital CV.
With just one click, employers, clients, customers and other interested parties can easily view and verify your credentials and skills.
Students who have passed the exams and earned certifications in incident response have come from organisations including Microsoft, Adobe, NHS, numerous Government departments and Police forces, Unilever, IBM, CISCO, Ernst and Young, Deloitte, KPMG, UBS, RBS, Barclays, Goldman Sachs, Bank of America, TATA Consultancy Services and many many more.
Amar Singh has a long history and experience in data privacy and information security. Amar has served as CISO for various companies, including News International (now News UK), SABMiller, Gala Coral, Euromoney and Elsevier. Amongst various other activities, Amar is a Global Chief Information Security Officer and Trusted Advisor to a number of organisations including a FTSE100 firm, and is chair of the ISACA UK Security Advisory Group. He also founded the not-for-profit cybersecurity service for charities, Give01Day.
Amar has the highest integrity and is trusted by FTSE100 companies with some of the most sensitive commercial information. He has been involved with highly sensitive forensic investigations.
He has the ability to deal with both technically-astute, board-level executives and lead an organisation's information security direction. Apart from his experience and abilities, Amar holds a number of industry-recognised certifications, such as ISO 27001 Certified ISMS Lead Implementer, MoR, CRISC and CISSP certification.
Amar is an industry-acknowledged expert and public speaker and is regularly invited to speak and share his insights by some of the largest and most respected organisations in the world including The BBC, The Economist’s Intelligence Unit, The Financial Times, SC Magazine, InfoSec Magazine, Computer Weekly, The Register and the AlJazeera English Channel.
Want more information on the NCSC Assured Training in Cyber Incident Planning and Response? Book a no-obligation discovery call with one of our consultants.
The information on this page and related pages and documents is Copyright of Cyber Management Alliance Ltd. The VCA or Virtual Cyber Assistant term, other terms, information, concepts, ideas, workflows, processes, procedures and other content that directly or indirectly supports the VCA Service are Copyright of Cyber
Management Alliance Ltd. Copyright 2022.