SC510: Cyber Security Emergency Training for CISOs and Security Professionals

Agenda:

• Alert procedures and pitfalls
  
  
• Crisis and incident management from CISO perspective
  • Organization of incident response teams, crisis management teams and task forces
  • Process and organizational structure of incident response teams and crisis management teams
  • Situation briefings and documentation
  • Situational awareness presentation
  • Collaboration of stakeholders in the team
  • Communication within the team as well as with other internal and external stakeholders, incl. communication with authorities
  • Information assessment

• Recommendations and experience from tabletop exercises from CISO perspective
  
  
• Professional crisis management team exercise using crisis simulation software
  • Challenge team setup, tasks in the team
  • Challenge establishing situational awareness
  • Communication pitfalls, pressure and emotional stress
  • Response patterns, group dynamics and coping strategies

Objectives:

In the workshop SC510 Cyber Security Emergency Training for CISOs and Security Professionals, we address the management of emergencies and crises. You will learn how to respond appropriately to IT security incidents to minimize damage and ensure the business continuity of the company.

The following topics are covered:

• Incident Identification
• Response Coordination
• Risk Assessment
• Incident Containment
• Communication and Reporting

Target audience:

The training is aimed at:

• Information Security Officers
• Security Professionals
• CISOs (Chief Information Security Officers)

Prerequisites:

Description:

CISOs are responsible for information security within enterprises, and their roles and responsibilities are crucial in a world with rapidly increasing cyber threats. The attacks tend to become more aggressive, making the tasks of a CISO increasingly demanding.

When a company is attacked, the CISO is called upon. They must lead the defense measures by coordinating the efforts of the cybersecurity team and other relevant departments within and outside the organization. They must take measures to contain and eliminate the hacker attack, define the scope of the incident, assess the consequences and severity, and make critical decisions under great pressure to minimize damage and proceed with recovery. It is important for the CISO to maintain calm and efficiency during the incident.

In the event of a cyberattack, every minute counts. It depends on precisely coordinated process flows and coordination – and practice is required. Crisis management exercises are usually conducted frequently, while exercises in the cybersecurity field are rather the exception. We want to change that!

In the workshop SC510 Cyber Security Emergency Training for CISOs and Security Professionals, you will be guided by a seasoned crisis management expert. Wherever possible, the aspects of the training are not only addressed theoretically but are brought to life through practical experiences and case studies. We particularly focus on the behavior of CISOs in group dynamics and illuminate the construction of communication in its formal and informal aspects.

With the help of a crisis simulation software, you will experience a practical test for emergencies. During this interactive, team-based exercise, you will learn to master the complex challenges of a crisis and develop the routine to act and react confidently during an attack. Our crisis simulation offers you a controlled and secure environment in which you can test, improve, and strengthen your strategies and procedures in case of a crisis. In our crisis scenarios, the advantages and disadvantages of individual approaches become tangible, and issues that arise in such situations can be identified – they create awareness and the ability to handle situations that bring the highest level of stress.