In today’s digital landscape, every organisation is at risk of cyber-attacks. Being able to respond quickly, effectively, and strategically is vital for minimising damage and ensuring business continuity. The Cyber Manager: Response & Recovery microcredential is designed to equip managers and leaders with the critical knowledge and tools needed to prepare for, respond to, and recover from cyber incidents.

Through this course, you will learn how to draft and implement robust incident response protocols, detect and analyse cyber threats, lead your team through containment and recovery processes, and conduct post-incident reviews to strengthen your cyber security posture. By the end of this microcredential, you’ll be prepared to take decisive action when a cyber-attack occurs, ensuring your organisation is not only protected but also resilient.

MODULE INTRODUCTIONS

Module 1: Introduction to Security Incident Response
In this foundational module, you will learn about the far-reaching impact of cybercrime on organisations and why having a strong incident response plan is crucial. You will gain insight into the different types of cyber-attacks and explore the first steps in preparing to respond, from setting up protocols to understanding the immediate actions needed when a breach occurs.

Module 2: Preparing Your Organisation
With a deeper understanding of cybercrime’s impact, this module focuses on ensuring your organisation is prepared for a security breach. You’ll learn how to assess your organisation’s security landscape, identify vulnerabilities, and define what it means to be "prepared." We will also cover how to build a competent response team and develop effective crisis communication strategies, ensuring that all levels of your organisation are aligned and ready to act.

Module 3: Incident Detection & Analysis
How do you recognise that a cyber-attack is underway? In this module, you will learn methods to detect breaches early, focusing on key events and indicators that signal potential threats. We’ll guide you through the process of gathering data and analysing it effectively to pinpoint the root cause of the incident, giving you the insights needed to respond decisively.

Module 4: Containment, Eradication & Recovery
Once an attack is confirmed, the next critical step is containment. This module covers how to implement effective containment strategies to limit the impact of a breach. You’ll learn how to eradicate the threat, restore systems, and return operations to normal as swiftly as possible, ensuring minimal disruption to the organisation.

Module 5: Post Incident Activity
The work doesn't end once the immediate threat is over. In this module, you’ll learn the importance of documenting the incident thoroughly, conducting post-incident reviews, and analysing what went wrong and what went right. By reflecting on the event, you’ll identify lessons learned that can be used to refine your organisation’s cyber security strategy, improving your preparedness for future incidents.

NA

None