C²MP² Certification Lapel Pin
Made by ROMAN TAVAST

TRAIN: CYBER CRISIS MANAGEMENT PLAN 

TRAINING ORGANIZATIONS HOW TO BUILD THEIR OWN CYBER CRISIS MANAGEMENT PLAN

Stand out in the crowd by becoming a certified

Cyber Crisis Management Planning Professional (C²MP²)

Organizations globally are under constant attack from internal and external threat actors but often have blind faith that their information technology (IT) department's incident response plan will be adequate to address the response and recovery requirements for the entire organization.

As a certified Cyber Crisis Management Planning Professional (C²MP²) you will have the knowledge to help organizations prepare for a major cyber crisis by leading the development of an integrated plan that serves not only IT but also functional business and operational groups required to maintain resilience.

Step 1: Training

C²MP² candidates are required to attend our public or private Cyber Crisis Management Planning Boot Camp.  This 3-day (public course) or 5-day (private course) immersion covers all facets required to pass the certification exam.

Step 2: Exam

Achieve a score of 70% or better on the C²MP² exam

  • 50 multiple choice questions

  • Two hours; delivered on the final day of the boot camp

  • Only material produced by the candidate during the boot camp is permitted as reference material during the exam

  • There is an exam re-take fee of US$449 for students who do not pass the exam on first attempt.

    • One week must pass prior to attempting an exam re-take

Step 3: Plan Evaluation

The Cyber Crisis Management Plan (CCMP) developed during the exam will be reviewed and evaluated based on the criteria below. A score of 80% or better is required.

  • Presentation (15% of score)

  • Structure (20% of score)

  • Completeness (30% of score)

  • Content (35% of score)

NOTE: All three of the above steps will be completed during the boot camp. 

 

NOTE: Due to the time required to complete both the exam and the plan evaluation, students are advised to not schedule return flights home prior to 8 p.m.

OBJECTIVE

A deep, hands-on immersion into the development of a Cyber Crisis Management Plan (CCMP), which like a major cyber event, requires the collaboration of both line of business leaders and their partners in information technology / information security. 

VALUE

During the fog of war (cyber crisis) is not the time to figure out how to respond. An effective response requires careful planning across an organization. This in-depth, hands-on immersion boot camp gives attendees the knowledge and tools to complete their own CCMP.

FOUNDATIONS OF A CYBER CRISIS MANAGEMENT PLAN

  • THE PLAN CORE

    • Acronyms

    • How to Use the Cyber Crisis Management Plan

    • Define Plan Purpose

    • Response Organization

    • Response Structure

  • FUNCTIONAL INCIDENT RESPONSE PLANS

    • Functional Incident Response Plan (Detailed)

    • Functional Incident Response Plan (Summary)

    • Linking Incident Response Plans

  • RESPONSE PROCESS FLOW

    • Response Process Flow Foundation

    • Master and CSIRT Incident Response Plans

    • Response Process Flow Completion

  • CYBER WAR ROOMS & BRIDGE LINES

    • War Rooms

    • Bridge Lines

    • Cyber Crisis Logistics

  • TEAMS, ROLES & RESPONSIBILITIES

    • Cyber Crisis Executive Team (CCET)

    • Cyber Crisis Management Team (CCMT)

    • Cyber Crisis Response Team (CCRT)

    • Computer Security Incident Response Team (CSIRT)

    • Cyber Crisis Support Team

  • WORKING GROUPS

    • Communications Working Group

    • Technology Working Group

    • Additional Working Groups

DELIVERY

This course is delivered in two forms:

  • 3-Day Public Immersive Boot Camp

    • Cyber Crisis Management Planning Professional (C2MP2) Certification Course

  • 5-Day Private (Client site) Progressive Plan Development

OUTCOMES

Both course delivery methods lead to an end of course exam and possible Cyber Crisis Management Planning Professional (C2MP2) certification.

C2MP2 CERTIFICATION: PUBLIC COURSE SCHEDULE

2019 Schedule

  • October 15-17: Phoenix, Arizona, USA | CLOSED

  • December 17-19: London, United Kingdom | REGISTER

​​

2020 Schedule

  • ​January 21-23: Los Angeles, California, USA | REGISTER

  • February 18-20: Bangalore, India | REGISTER

  • April 28-30: Chicago, Illinois, USA | REGISTER

  • June 23-25: Sydney, Australia | REGISTER

  • October 27-29: Orlando, Florida, USA | 

  • December 15-17: Madrid, Spain | 

CYBER CRISIS MANAGEMENT ROLES, CHECKLISTS & TEMPLATES

  • PLAN OWNERSHIP AND GOVERNANCE

    • Plan Ownership

    • Plan Governance

  • IMPACT CATEGORIES, SCALES & SCORES

    • Impact Categories, Scales & Scores Table

  • CYBER ATTACK & CRISIS ANATOMIES

    • Cyber Attack Anatomy

    • Cyber Crisis Management Anatomy™

  • CYBER CRISIS INFORMATION FORM

    • CCIF Development

  • CHECKLISTS

    • Lead Incident Handler Checklist

    • Pre-Confirmation

    • Post-Confirmation

    • Cyber Crisis Deactivation Checklist

  • TEMPLATES

    • LIH-to-EIC Email Template

    • EIC-to-CCRT Incident Notification Email Template

    • LIH-to-CCRT Initial Meeting Email Template

    • Initial CCRT Meeting Agenda Template

    • Subsequent CCRT Meeting Agenda Template

    • SEIC-to-CCET Email Template

  • QUICK REFERENCE CARDS

    • CCET Quick Reference Card

    • SEIC Quick Reference Card

    • EIC Quick Reference Card

    • LIH Quick Reference Card

    • IRL Quick Reference Card

CYBER CRISIS MANAGEMENT PLAN USAGE AND VALIDATION (TABLETOP WAR GAMES)

  • PROJECT PLANNING

    • Project Resources

    • Project Phases & Activities

    • Phase I: Plan

    • Phase II: Build

    • Phase III: Test

    • Phase IV: Implement

  • TRAINING THE ORGANIZATION

    • CCMP Training Deck

  • TABLETOP CYBER WAR EXERCISES

    • Tabletop Exercises vs. Immersive Simulations

    • Exercise Roles & Responsibilities

    • Exercise Logistics

    • Exercise Materials

    • Exercise Execution

    • Exercise Conclusion

    • After-Action Reporting

  • WRAP-UP

    • Version Control

    • Release Planning

Free download of our images for your use.

Please use the following image credit.

Source: Crump, Jeffrey. "Image title." Cyber Crisis Management Planning: How to reduce cyber risk and increase organizational resilience. 2019.