How to Build a Cyber Crisis Management Plan

CYBER CRISIS MANAGEMENT PLANNING 

BECOME AN EXPERT ON HOW TO BUILD A CYBER CRISIS MANAGEMENT PLAN & MATERIALS

How to Build a Cyber Crisis Management P

Stand out in the crowd by becoming a certified

Cyber Crisis Management Planning Professional (C²MP²)

The C2MP2 is offered in four modalities:

  • Online, self-paced

  • 2-Day Live, in-person or remote (Partner-sponsored)

  • 2-Day Live, in-person or remote (Company-sponsored)

  • 2-Day Live, in-person or remote (Public course; limited options)

Differences between the online training and the in-person or remote training:
  1. Although the curriculum is very similar, there are differences. You can review the differences below.
  2. The online training is shorter in duration due to less topics being covered.
  3. The live, in-person or remote course is longer in duration due to more topics​ being covered.
  4. The live, in-person or remote course provides for guided discussions following each simulation.
  5. The live, in-person or remote course provides for collaboration and discussion amongst attendees.
  6. The live, in-person or remote course can be delivered over two full days, four half-days, or on a schedule convenient to the sponsor.
Live, In-Person or Remote Course Outline: $1,750 Per Student (Contact us for volume discounts)

Organizations globally are under constant attack from internal and external threat actors but often have blind faith that their information technology (IT) department's incident response plan will be adequate to address the response and recovery requirements for the entire organization. 

 

This is the first course in the Cyber Crisis Management Professional series. The next course is the Cyber Crisis Management Exercise Professional (C2MEP). The final course is the Cyber Crisis Management Leadership Professional (C2MLP). Despite our recommendation that students complete the certification series, it is not required and each course stands alone and provides independent value.

As a certified Cyber Crisis Management Planning Professional (C²MP²) you will have the knowledge to help organizations prepare for a major cyber crisis by leading the development of an integrated plan that serves not only IT but also functional business and operational groups required to maintain resilience.

COURSE OUTLINE

  • THE PLAN CORE

    • Acronyms

    • How to Use the Cyber Crisis Management Plan

    • Define Plan Purpose

    • Response Organization

    • Response Structure

  • FUNCTIONAL INCIDENT RESPONSE PLANS

    • Functional Incident Response Plan (Detailed)

    • Functional Incident Response Plan (Summary)

    • Linking Incident Response Plans

  • RESPONSE PROCESS FLOW

    • Response Process Flow Foundation

    • Master and CSIRT Incident Response Plans

    • Response Process Flow Completion

  • CYBER WAR ROOMS & BRIDGE LINES

    • War Rooms

    • Bridge Lines

    • Cyber Crisis Logistics

  • TEAMS, ROLES & RESPONSIBILITIES

    • Cyber Crisis Executive Team (CCET)

    • Cyber Crisis Management Team (CCMT)

    • Cyber Crisis Response Team (CCRT)

    • Computer Security Incident Response Team (CSIRT)

    • Cyber Crisis Support Team

  • WORKING GROUPS

    • Communications Working Group

    • Technology Working Group

    • Additional Working Groups

  • PLAN OWNERSHIP AND GOVERNANCE

    • Plan Ownership

    • Plan Governance

  • IMPACT CATEGORIES, SCALES & SCORES

    • Impact Categories, Scales & Scores Table

  • CYBER ATTACK & CRISIS ANATOMIES

    • Cyber Attack Anatomy

    • Cyber Crisis Management Anatomy™

  • CYBER CRISIS INFORMATION FORM

    • CCIF Development

  • CHECKLISTS

    • Lead Incident Handler Checklist

    • Pre-Confirmation

    • Post-Confirmation

    • Cyber Crisis Deactivation Checklist

  • TEMPLATES

    • LIH-to-EIC Email Template

    • EIC-to-CCRT Incident Notification Email Template

    • LIH-to-CCRT Initial Meeting Email Template

    • Initial CCRT Meeting Agenda Template

    • Subsequent CCRT Meeting Agenda Template

    • SEIC-to-CCET Email Template

  • QUICK REFERENCE CARDS

    • CCET Quick Reference Card

    • SEIC Quick Reference Card

    • EIC Quick Reference Card

    • LIH Quick Reference Card

    • IRL Quick Reference Card

  • PROJECT PLANNING

    • Project Resources

    • Project Phases & Activities

    • Phase I: Plan

    • Phase II: Build

    • Phase III: Test

    • Phase IV: Implement

  • TRAINING THE ORGANIZATION

    • CCMP Training Deck

  • TABLETOP CYBER WAR EXERCISES

    • Tabletop Exercises vs. Immersive Simulations

    • Exercise Roles & Responsibilities

    • Exercise Logistics

    • Exercise Materials

    • Exercise Execution

    • Exercise Conclusion

    • After-Action Reporting

  • WRAP-UP

    • Version Control

    • Release Planning

  • END OF COURSE EXAM​

    • Online​

    • 50 multiple choice questions

    • Two (2) hours

    • 70% passing score

    • Digital badge

    • Professional certificate

    • Green C2MP2 "Wolf" lapel pin

      • Made in Estonia by Roman Tavast​

2022 WORLD TOUR: C2MP2 CERTIFICATION

 

NOTE: In the following schedule, the C2MP2 course will be the first two days (Monday & Tuesday) of a larger 5-day program that includes the C2MP2, C2MEP, and C2MLP.

APRIL 18-22, 2022 | SINGAPORE

Transitioning to 100% Online Certification Courses


APRIL 25-29, 2022 | DUBAI, UNITED ARAB EMIRATES | CLOSED

Sheikh Zayed Rd - Trade Centre - Trade Centre 2 - إمارة دبيّ - United Arab Emirates


MAY 16-20, 2022 | CHICAGO, ILLINOIS USA

Transitioning to 100% Online Certification Courses


MAY 23-27, 2022 | NEW YORK CITY, NEW YORK USA

Transitioning to 100% Online Certification Courses

MAY 30-JUNE 3, 2022 | OTTAWA, ONTARIO CANADA | CLOSED

Partner: Field Effect Software Inc.

825 Exhibition Way, Ottawa, ON K1S 5J3, Canada

JUNE 13-17, 2022 | BERLIN, GERMANY

Transitioning to 100% Online Certification Courses
 

JUNE 20-24, 2022 | PARIS, FRANCE | CLOSED

Rue du 8 Mai 1945 8, 75010 Paris

 

JULY 18-22, 2022 |ORLANDO, FLORIDA USA | CLOSED

121 South Orange Avenue, Orlando, FL, 32801


AUGUST 29-SEPTEMBER 2, 2022 | SYDNEY, AUSTRALIA | CLOSED

International Towers Sydney, 100 Barangaroo Avenue, Sydney, Australia

 SEPTEMBER 26 - OCTOBER 2, 2022 | LINZ, AUSTRIA | EXCLUSIVE PARTNER EVENT REGISTER

Partner: ARES Cyber Intelligence GmbH (DACH Clients)

Linz, Austria

Online, Self-Paced Course Outline: $995 Per Student | ENROLL TODAY

Organizations globally are under constant attack from internal and external threat actors but often have blind faith that their information technology (IT) department's incident response plan will be adequate to address the response and recovery requirements for the entire organization.

This is the first course in the Cyber Crisis Management Professional series. The next course is the Cyber Crisis Management Exercise Professional (C2MEP). The final course is the Cyber Crisis Management Leadership Professional (C2MLP). Despite our recommendation that students complete the certification series, it is not required and each course stands alone and provides independent value.

As a certified Cyber Crisis Management Planning Professional (C²MP²) you will have the knowledge to help organizations prepare for a major cyber crisis by leading the development of an integrated plan that serves not only IT but also functional business and operational groups required to maintain resilience.

  • War rooms and bridge lines

  • War room equipment

  • War room supplies

  • Bridge lines

  • Progress spot check

  • Teams and roles & responsibilities

  • Contact lists

  • Working groups

  • Example working groups

  • CCMP ownership

  • CCMP governance

  • Incident impact categories, scales, and scores

  • Cyber attack and response anatomies

  • Cyber crisis information form

  • CCMP checklists

  • CCMP templates

  • Quick reference cards

COURSE OUTLINE

  • Course welcome

  • Course objectives

  • Course structure

  • Getting started

  • Core sections

  • Appendices

  • Response process flow

  • Response process flow: Phases

  • Response process flow: Roles

  • Response process flow: Activity Descriptions

  • Response process flow: Activity Codes

  • Functional incident response plans

  • Functional incident response plans: Detailed

  • Building functional incident response plans

  • RACI matrix

  • Functional incident response plans: Summary

  • Linking the summary and detailed plans

  • Sample quick reference card: EIC

  • Change control and release planning

  • Project planning

  • Project phases

  • Training the organization

  • Training slides

  • Tabletop cyber war exercises

  • Tabletop exercises vs. Immersive operational simulations

  • Exercise risk scenarios

  • Exercise roles and responsibilities

  • Exercise logistics

  • Exercise materials

  • Exercise execution

  • Exercise conclusion

  • After-Action Reports

  • Course review

  • End of course examination

    • Online​

    • 50 multiple choice questions

    • Two (2) hours

    • 70% passing score

    • Digital badge

The online, in-person and remote C2MP2 courses all come with the following ready-to-use templates!
  • Cyber Crisis Management Plan Template

    • Microsoft Word

  • Cyber Crisis Management Quick Reference Cards

    • Microsoft PowerPoint​

  • Cyber Crisis Management Employer Training Material

    • Microsoft PowerPoint

  • Cyber Crisis Management Project Plan

    • Microsoft Excel​

  • After-Action Report: Incident Template

    • Microsoft PowerPoint

  • After-Action Report: Exercise Template

    • Microsoft PowerPoint

Cyber Crisis Management Program and Cert

VALUE

During the fog of war (cyber crisis) is not the time to figure out how to respond. An effective response requires careful planning across an organization. This in-depth, hands-on immersion boot camp gives attendees the knowledge and tools to complete their own CCMP.

OBJECTIVE

A deep, hands-on immersion into the development of a Cyber Crisis Management Plan (CCMP), which like a major cyber event, requires the collaboration of both line of business leaders and their partners in information technology / information security.