Skip to main content

Detection & Incident Response
These days, no organization is immune from a potential attack. The question is no longer if your organization will be the target of an attack, but rather… when it will be.*

Today, cyberattacks have moved from the realm of the possible to that of the inevitable.
But what happens when an attack takes place? Teams responsible for handling these incidents must confront both successful and failed attacks on a daily basis, learning and improving to ensure that the confidentiality, integrity, and accessibility of critical systems are maintained, and this, even while an attack is underway.

In this course, you’ll be led through the process of implementing and working with the applications of an IR program. You’ll also be shown how to develop and manage IR tools. Both of these skills will be among the many you apply on a daily basis in your new career as a cyber-resilience expert.

In terms of specific content, you’ll learn and master the following operations.

Creating an IT Incident Response Program (IR)

In the event of a systems breach, response time is a determining factor in limiting the resulting damage and cost of the attack. Having an effective response program readied at the outset will enable an immediate incident response that can lessen the impact.

Establishing IR Policy

The design of governance elements and strategies that are pertinent to IR policy as a whole will help determine the course of action to follow in the event of an attack, saving precious reaction time. Crafting the documentation required to manage incidents and to monitor and detect threats in a proactive way is a vital step, one that cannot be circumvented.

Identifying an IR Approach

The nature of attacks can vary. It stands to reason that your defensive strategy also has to be adaptable to any manner of attack. What’s more, the range of resources you have available will help identify the appropriate type of response for various incidents. So, it’s of paramount importance that you have an IR that’s as varied and complete as possible.

Describing the Threat Surface of an Environment

The threat attack surface of a cyber-environment refers to the ensemble of points of entry that a hacker can exploit to breach a system. Identifying the weaknesses and vulnerable areas of the system enables you to precisely describe your threat attack surface. And that helps you better and more fully protect against it.

An efficient IT incident-response program leads to a considerable reduction in the investigation, response, and resolution time of cyber-threats. And building one is precisely what you’ll learn how to do in this course.

*Source : Deloitte


Back to top

© Concordia University