Incident response is a strategic approach to handling security incidents and preparing for cyberthreats; a key element to operating with a robust cybersecurity posture. Amar Singh, Founder and CEO of Cyber Management Alliance, discusses the company’s incident response course in depth and explains the importance of having a strong incident response plan embedded into a company’s approach to cybersecurity.
Cyber Management Alliance, a provider of high-level specialised operational and strategic cybersecurity training courses, has announced that its Cyber Incident Response course is the first such course to be certified by the UK government.
Established in 2015 and headquartered in the UK, Cyber Management Alliance is closing the divide in cyberspace by bringing together the best qualities of thought leadership, operational mastery of cybersecurity and risk management, and achieving joint strategic goals of reducing organisational exposure to cyberthreats.
The provider offers cyber-resiliency services to global organisations and delivers a high-level of specialised operational and strategic consultancy, training and executive workshops in cybersecurity and data privacy.
Given how critical cybersecurity has become to Business Continuity, its highly popular Cyber Incident Planning & Response (CIPR) course aims to help people equip themselves with the requisite cyberskills to navigate the increasingly complex world of cyber-risks and threats.
The course’s level of prestige is highlighted by the fact that it is the first to be certified by the recently rebranded NCSC’s certified training scheme, provided by APMG International. The course was first certified by the Government Scheme in 2016 and is also accredited by the Chartered Institute of Information Security (CIISec).
Interactive, practical and immersive, the entire course can be conveniently completed by attending a virtual classroom or via a self-paced e-learning environment. Besides gaining imperative insights into key cyber risk-reducing controls for their business, course participants also have the advantage of being trained by Amar Singh, globally renowned as one of the top cybersecurity practitioners and the Founder and CEO of Cyber Management Alliance.
Commenting on the launch, Singh said: “I am delighted that APMG has awarded NCSC Certified Training status for the CIPR course, including its online delivery programme. The updated and comprehensive course is accessible for all levels of management and technical audiences. The CIPR course is a complete guide to planning and responding to a cyber crisis or a data breach.”
APMG-International’s COO, Nick Houlton, said: “Protecting individuals, teams and organisations from the financial and reputational damage of cyber incidents is at the heart of the Information Security Agenda. APMG is delighted to certify this course on behalf of the UK National Cyber Security Centre and looks forward to its continuing success in the market.”
Cyber Management Alliance’s Co-founder, Bal Rai, said: “We are pleased to have received NCSC Certified Training certification status. Over 300 organisations in 20 different countries have benefitted from the course and internal workshops and with the launch of the online training, it means every organisation, globally, can access the knowledge and skills at any time.”
Previous participants of the NCSC-Certified CIPR workshop have come from organisations including the United Nations, UK Ministry of Defence, several UK Police Forces, NHS Trusts, European Central Bank, Swiss National Bank, Microsoft, Ernst and Young and many others.
One attendee, Wayne Parkes, Head of ICT – Warwickshire Police UK, offered his opinion on the course: “Quite a difficult subject to get over sometimes but I think Amar presented it really well. Nice mixture of technical knowledge and practical examples. Good for a very mixed audience as it wasn’t overly technical. I highly recommend it in terms of bringing a mixed group up to speed with the importance of responding to a cyber incident, and what the essentials are about dealing with it.”
We spoke to Amar Singh, Founder and CEO of Cyber Management Alliance, to find out more about the importance of incident response and how the course provides attendees with a level of confidence in this particular field.
How would you define a good incident response plan and how important is this?
A good incident response plan is one that is simple, well-rehearsed by all key stakeholders in the organisation and one that is actually fit-for-purpose.
As far as importance goes, doing business in cyberspace without an effective incident response plan is likened to:
- Going on a holiday, during the pandemic, with no insurance, no masks and a brand-new, unopened phone
- Jumping off a plane with a parachute without reading the manual or testing if the parachute actually works
I’m very vocal about the fact that long-winded and complex response plans will take you nowhere. They will confuse and create chaos. Response plans need to be succinct, free of jargon and preferably in the form of quick checklists that everyone can follow under pressure.
Also, if your incident response plans are not tested, they’re as good as the brand-new, unopened, untested smartphone AND without an Internet connection.
How does the course provide good preparation and response to a cyber incident or breach?
Our UK government’s NCSC-Certified CIPR course has been designed to cater to both technical and non-technical audiences and transcends specific functions and hierarchies. Therefore, it gives a really holistic picture of all the aspects of cyber preparedness that a business executive or an IT professional needs to know. Through the 19 modules, the course introduces you to the basic concepts of cyberattacks, opens your mind to what actually happens during a breach and then educates you on how you can plan and be prepared to respond to that breach in advance. The overarching idea behind the course is that attackers will breach the defences. You need to plan to rapidly detect and prepare to swiftly respond to the attackers to stop them in their tracks.
How can you be sure that individuals will act with the correct approach to incident response after attending the course?
The objective of CM-Alliance’s cyberincident response training is to create muscle memory within employees and key stakeholders. Nobody can be sure that they will do all the right things in a crisis. However, one can try their best to train one’s mind to respond correctly.
We drive home the importance of testing response plans several times throughout the course.
By inculcating good practices of creating incident response checklists, rehearsing them repeatedly and testing their effectiveness, you can minimise the chances of error under pressure.
The practice of incident response training, creating response checklists and testing the plans regularly through cyber tabletop exercises in cybersecurity is akin to the simulation sessions and checklist rehearsals that take place in the aviation industry.
Best practices are so ingrained in the minds of aviation professionals that 99 times out of 100, they will do the right thing in case of crisis. That’s what makes modern-day flying so safe. Yet, one-in-11 million accidents do happen as some things continue to be out of anyone’s control and that’s how it is in every industry prone to cataclysmic events.
How do you think attendees would summarise how the course has benefitted them in preparing and responding to future attacks?
We have over 120 video testimonials and over 450 written testimonials from past attendees. The feedback has been both a mix of business and personal advantages. While there are some who say that the course actually helped them to see the loopholes in the processes at their organisation, one young lady recently told me how the course helped her ace an interview and opened up new career opportunities for her. Overall, the response has been overwhelmingly positive and in line with the outcomes we expect the training to generate.