Recovering from Cybersecurity Incidents

MGT465 – 16.00 Hours

Currently there are no scheduled classes for this course. However, in some cases a course can be scheduled to meet your organization’s specific needs. For more information about this course or to schedule a class, please contact National Emergency Response and Recovery Training Center at (844) 789-5673 or [email protected] to get the latest schedule.

Course Description

This course is designed to provide guidance for the implementation of an effective cybersecurity incident recovery program from a pre-incident and post-incident perspective. The training focuses on connecting IT with emergency management and is intended for government, critical infrastructure, and private sector personnel who have the responsibility for recovering after a cyber incident. Short term tactical and long-term strategic activities are discussed culminating in the development of an action plan.

Prerequisites

FEMA / SID Number

    Students must have a FEMA Student Identification Number (SID) to attend class.

    To obtain a SID, register online at cdp.dhs.gov/femasid

Course Completion Requirements

Testing/Certification

A Pre-Test and Post-Test are given to measure participants’ understanding of the material. Participants are required to score a 70% or better on the Post-Test and attend 80% of the course hours in order to receive a course certificate of completion.

Registration and Attendance

Attendance is crucial in order to receive credit for this course. All participants must complete a registration form at the beginning of the course, sign the attendance roster for each day of the course, attend 80% of the course hours, and complete the evaluation at the end of the course in order to receive a certificate of completion.

Participants Must Provide

  • a photo identification on the first day of class. See the Participant Handbook for approved forms of identification and additional guidelines.

Attendance Requirements

Class attendance is an essential part of the education process and participants in TEEX courses are expected to attend all class sessions and field exercises. This course requires participants to attend a minimum of 80% of the class hours as a component of successful course completion. During the course, your instructor will review any additional attendance requirements, for example a field exercise that cannot be missed

Topics

  • Cyber terminology
  • Cyber incident life cycle
  • Threat levels
  • Emergency management
  • Recovery continuum
  • Government’s role in cybersecurity
  • Cyber and the incident command system
  • Federal resources for cyber
  • Key programmatic elements that improve recovery
  • Plan, organize, equip, train, exercise considerations
  • Short-term recovery actions
  • Long-term recovery actions
  • Cyber incident recovery action plan

Suggested Audience

  • Government and private sector IT staff
  • Local administrators and upper-level management personnel
  • System administration
  • Risk management personnel
  • Local government administration
  • Emergency management coordinators

Government Programs

  • GSA contract number:GS-07F-0357V. GSA customers, to register please contact [email protected] or call (800) 541-7149. GSA Schedule logo
  • For DHS/FEMA Funded Courses, please contact [email protected] or call (800) 541-7149

Contact Information

National Emergency Response and Recovery Training Center
Phone: (979) 458-7832 | Toll-Free: (844) 789-5673
Email: [email protected]

Back to top