Cyber Incident Planning and Response Course
Government Certified, Accredited Course on Planning and Response Strategies to deal with Cyber-Attacks and Cyber Crises
The NCSC-Certified Training in Cyber Incident Response Course is available with an optional APMG Examination
Get Started
The Cyber Incident Planning and Response course is a comprehensive guide for enabling organisations and individuals to prepare a well-defined and managed approach to dealing with a data breach or a cyberattack. This course is targeted at a non-technical audience comprising key decision-makers and managers in both managerial and technical profiles.
Benefits of choosing the E-Learning Option
Benefits of choosing the E-Learning Option
Full access to all content (downloadable PDFs) for 60 calendar days
You can complete it as and when it’s possible, around your working hours or during.
Purchase the bundle offer below to recevie free access to our NCSC-Certified Building and Optimising Incident Response Playbooks course
You are able to relate it to your business more as you have longer to complete (and consume) the training rather than it being a 1-day virtual event. If you would prefer to attend a virtual class AND have the E-Learning included, you can select that option here once you have selected a date.
Get Started
Highlights of the E-Learning CIPR course
Certified by the UK-Government's National Cyber Security Centre (NCSC).
Accredited by the Chartered Institute of Information Security (CIISec).
19 modules with over 20 interactive exercises on all aspects of planning and response.
Bonus content (worksheets, templates, how-tos, mind-maps) Content updated regularly
170 page, comprehensive supporting PDF book.
Optional Exam: Take the APMG Examination of the NCSC-Certified Training*
* Please note you must complete the course and obtain a certificate of completion before sitting for the exam
Get Started
- Key Learning Objectives
- Downloads
- About
-
Key Learning Objectives
- Gain deeper insights on key risk-reducing controls to increase your company’s ability to protect, detect and respond to cyber-attacks on a strategic and operational level.
- Learn to design an early warning system to lower discovery time from months to days.
- Develop the skills to understand and improve your company’s cyber- resiliency by making more cost-effective, risk-based decisions.
- The latest techniques and insights on incident response.
- Threat Intelligence-led testing and response framework adopted by leading governments and institutions.
- How to use threat intelligence to lower organisation risk and speed up response times.
- The Cyber Kill Chain (the cyber attack process) and how to design an early warning system to lower discovery time from months to days.
- How to create actionable, fit-for-purpose plans, checklists and processes.
- How to define and baseline “Normal” within your organisation.
- Understand 'Normal' and how it can help reduce your time to respond and reduce human error.
- The best methods to stop up to 90% of all cyber attackers in their tracks, before they breach your critical data.
- How to design and implement a response framework and build an effective cyber response team.
- The “Golden Hour” and why it’s critical to managing an incident.
- The core concepts of incident triage, OODA and their relevance and importance in a cyber resilient organisation.
Furthermore, this cybersecurity training course provides senior management and incident response teams, amongst others, with the vital knowledge and skills to plan, lead and manage a cyber crisis and equips the learner with competence so that they can rapidly detect, rapidly respond and rapidly recover from a cyber-crisis.
-
Direct Downloads
Directly download the full Learning Objectives of the course here
Templates. Worksheets & Mind-maps
When you enrol in this course you will have access to several worksheets & templates that you can use immediately. Take a look at the course curriculum, below, to see whats included in this course.
The image immediately below is a gallery view of some of the templates and collateral available to students.
Continuing Professional Development
CPD points can be claimed for this course at the rate of 1 point per hour of training for this NCSC-certified and CIISec-approved course (8 points for one-day public course and 15 points for the two-day internal workshop - for when organisations host this course internally).
CIPR Student-Only Incident Response Plan Template
As a student you get access to unique content including our highly acclaimed Cyber Incident Response Plan Template. If you want, you can download the FREE version of the Incident Response Plan template here.
-
About
(ISC)2 & ISACA Members: You can claim 8 CPE points after they complete the whole course and obtain the attendance certification.
Curriculum
- About this Module
- CIPR Online Module 2 Threat Actors (12:31)
- CIPR Online Module 2a The Privileged User (11:24)
- Module 2 Exercise 1
- Module 2 Exercise 2
- Module 2a Exercise 1
- Module 2a Exercise 2
- Module 2a Exercise 3
- Test your learning
- Additional Collateral: Workflow: Selecting Threat Actors
- Additional Collateral: Example: Threat Agent Library - Intel
- Additional Collateral: CIPR Privileged User Worksheet
- About this Module
- CIPR Online Module 4a Cyber-attack Process - Attack Methodology (15:21)
- CIPR Online Module 4b Cyber-attack Process - Tools _ Technology (7:43)
- CIPR Online Module 4c Cyber-attack Process - Case Studies (9:44)
- CIPR Online Module 4d Cyber-attack Process - Threat Intelligence (14:51)
- Module 4a Exercise 1
- Module 4b Exercise 1
- Module 4b Exercise 2
- Test your learning
- Case Study - SANS Analysis Ukraine Attack
- Case Study - Target Kill Chain Analysis
- Additional Collateral: Workflow: Sample Threat Intel from NCSC
- Additional Collateral: DNS Threat Intel from NCSC
- About this Module
- CIPR Online Module 6a Golden Hour _ Incident Management (25:58)
- CIPR Online Module 6b Managing an Incident (8:20)
- CIPR Online Module 6c Playbooks (9:24)
- CIPR Online Module 6d Creating and Incident Response Plan (8:40)
- Module 6a Exercise 1
- Module 6a Exercise 2
- Module 6d Exercise 1
- Module 6d IR Mindmap
- Test your learning
- Additional Collateral: Defining a Breach Module 6a
- Additional Collateral: Workflow: Creating an Incident Response Strategy
- Student Version - Cyber Incident Response Plan Template
- Course PDF CIPR Online Training - Module 1 - Cyber Resiliency
- Course PDF CIPR Online Training - Module 2 -Threat Actors
- Course PDF CIPR Online Training - Module 2a Privileged User
- Course PDF CIPR Online Training - Module 3 Define Normal
- Course PDF CIPR Online Training - Module 4a The Cyber-attack Process
- Course PDF CIPR Online Training - Module 4d The Cyber-attack Process
- Course PDF CIPR Online Training - Module 4b The Cyber-attack Process
- Course PDF CIPR Online Training - Module 5 Visibility
- Course PDF CIPR Online Training - Module 6a Golden Hour & Incident Management
- Course PDF CIPR Online Training - Module 6b Golden Hour & Incident Management
- Course PDF CIPR Online Training - Module 6c Golden Hour & Incident Management
- Course PDF CIPR Online Training - Module 6d Golden Hour & Incident Management
- Course PDF CIPR Online Training - Module 7 Building the Team
- Course PDF CIPR Online Training - Module 8 Forensics & Investigations
- Course PDF CIPR Online Training - Module 9 Regulations & Standards
- Course PDF CIPR Online Training - Module 10 The Technology Stack
- Course PDF CIPR Online Training - Module 11 Commmunications & PR in Incident Management
- Additional Collateral: Incident Response Plan
- Additional Collateral: Checklist for Incident Response
- Additional Collateral: SoC Mindmap
- Additional Collateral: Top Ten Things to do During an Cyber-Attack
- Additional Collateral: Camerashy Report
- CIPR Exam Tips & Sample Questions
- Top 30 Cyber Exercise Scenarios & Treat Actors
- CMA-Disney-Summary-111024
- CMA-Disney-Timeline-111024
- CMA-Royal-Mail-Summary-030323
- CMA-Royal-Mail-Timeline-270223
- CMA-AT&T-Summary-040624
- CMA-AT&T-Timeline-040624
- CMA-Barracuda-Summary-040923
- CMA-Barracuda-Timeline-060923
- CMA-Change-Healthcare-Summary-250424
- CMA-Change-Healthcare-Timeline-250424
- CMA-MoD-Summary-200524
- CMA-MoD-Timeline-200524
- CMA-MrCooper-Summary-290124
- CMA-MrCooper-Timeline-300124
- CMA-Solarwinds-Summary-300721
- CMA-SolarWinds-Timeline-160721
- CMA-Synnovis-NHS-Summary-150724
- CMA-Synnovis-NHS-Timeline-150724
- CMA-Ascension-Summary-110924
- CMA-Ascension-Timeline-110924
- CMA-easyJet-Summary-170321 (1)
- CMA-EasyJet-Timeline-170321 (1)
- CMA-Travelex-Timeline-280920
- CMA-Travelex-TLgraphic2-A3-280920i
- CMA-Western-Digital-Timeline-060923
- CMA-Western-Digital-Summary-040923
- CMA-23andMe-Summary-190224
- CMA-23andMe-Timeline-190224
- CMA-Snowflake-Summary-240624
- CMA-AIIMS-Summary-260623
- CMA-AIIMS-Timeline-150523 (1)
Sign up and Start Today
Pay-in-full in your local currency (where available)
We take all major forms of payment and we use secure checkout.
Featured Products
Our most popular courses and offers.
© 2025 Cyber Management Alliance
All rights reserverd