Recovering from Cybersecurity Incidents

MGT465 – 16.00 Hours

Currently there are no scheduled classes for this course. However, in some cases a course can be scheduled to meet your organization’s specific needs. For more information about this course or to schedule a class, please contact National Emergency Response and Recovery Training Center at (844) 789-5673 or nerrtc@teex.tamu.edu to get the latest schedule.

Course Description

This course is designed to provide guidance for the implementation of an effective cybersecurity incident recovery program from a pre-incident and post-incident perspective. The training focuses on connecting IT with emergency management and is intended for government, critical infrastructure, and private sector personnel who have the responsibility for recovering after a cyber incident. Short term tactical and long-term strategic activities are discussed culminating in the development of an action plan.

Prerequisites

FEMA / SID Number

    Students must have a FEMA Student Identification Number (SID) to attend class.

    To obtain a SID, register online at cdp.dhs.gov/femasid

Course Completion Requirements

Testing/Certification

A Pre-Test and Post-Test are given to measure participants’ understanding of the material. Participants are required to score a 70% or better on the Post-Test and attend 80% of the course hours in order to receive a course certificate of completion.

Registration and Attendance

Attendance is crucial in order to receive credit for this course. All participants must complete a registration form at the beginning of the course, sign the attendance roster for each day of the course, attend 80% of the course hours, and complete the evaluation at the end of the course in order to receive a certificate of completion.

Attendance Requirements

To meet attendance requirements, participants must review each training module and complete all required course assignments, activities, quizzes, and/or end of course exam.

Topics

  • Cyber terminology
  • Cyber incident life cycle
  • Threat levels
  • Emergency management
  • Recovery continuum
  • Government’s role in cybersecurity
  • Cyber and the incident command system
  • Federal resources for cyber
  • Key programmatic elements that improve recovery
  • Plan, organize, equip, train, exercise considerations
  • Short-term recovery actions
  • Long-term recovery actions
  • Cyber incident recovery action plan

Suggested Audience

  • Government and private sector IT staff
  • Local administrators and upper-level management personnel
  • System administration
  • Risk management personnel
  • Local government administration
  • Emergency management coordinators

Continuing Education And Professional Credits

  • 1.60 CEUs

Government Programs

  • GSA contract number:GS-07F-0357V. GSA customers, to register please contact ke@teex.tamu.edu or call (800) 541-7149. GSA Schedule logo
  • For DHS/FEMA Funded Courses, please contact ke@teex.tamu.edu or call (800) 541-7149

Contact Information

National Emergency Response and Recovery Training Center
Phone: (979) 458-7832 | Toll-Free: (844) 789-5673
Email: nerrtc@teex.tamu.edu

This course was much more than I expected. I learned more in these two weeks of training than in any other classes I have taken, and I’ve been doing this for 22 and 1/2 years.

— Forensic Technician
Back to top