top of page
Cyber Crisis Management Exercise Professional (C2MEP)_course logo.png

CYBER WAR GAME EXERCISES 

LEARN HOW TO BUILD AND DELIVER TABLETOP CYBER EXERCISES & EXERCISE PROGRAM

Become a cyber exercise planning and delivery expert
Cyber Crisis Management Exercise Professional (C²MEP)

The C2MEP is offered in four modalities:

  • Online, self-paced

  • 1-Day Live, in-person or remote (Partner-sponsored)

  • 1-Day Live, in-person or remote (Company-sponsored)

  • 1-Day Live, in-person or remote (Public course; limited options)

Differences between the online training and the in-person or remote training:
  1. Although the curriculum is very similar, there are differences. You can review the differences below.
  2. The online training is shorter in duration due to less topics being covered.
  3. The live, in-person or remote course is longer in duration due to more topics​ being covered.
  4. The live, in-person or remote course provides for guided discussions following each simulation.
  5. The live, in-person or remote course provides for collaboration and discussion amongst attendees.
  6. The live, in-person or remote course can be delivered over one full days, two half-days, or on a schedule convenient to the sponsor.
Live, In-Person or Remote Course Outline: $1,100 Per Student (Contact us for volume discounts)

An immersion into planning, developing, conducting, and assessing tabletop cyber war games that leverages the best of U.S. and international standards as well as industry best practices. The ability to plan, develop, deliver, and assess tabletop war games are essential skills required to validate an organization's incident response and cyber crisis management plans. Acquiring this certification demonstrates a unique and specialized set of knowledge, skills, and abilities.

 

This is the second course in the Cyber Crisis Management Professional series. The first course is the Cyber Crisis Management Planning Professional (C2MP2). The final course is the Cyber Crisis Management Leadership Professional (C2MLP). Despite our recommendation that students complete the certification series, it is not required and each course stands alone and provides independent value.

The ability to plan, develop, deliver, and assess tabletop war games are essential skills required to validate an organization's incident response and cyber crisis management plans.  Acquiring this certification demonstrates a unique and specialized set of knowledge, skills, and abilities.

COURSE OUTLINE

  • Course welcome

  • Course objectives

  • Incident response maturity

  • Incident response maturity phases

  • Hazard Mitigation Plan & Threat and Hazard Identification and Risk Assessment (HMP/THIRA)

  • U.S. Homeland Security Exercise and Evaluation Program (HSEEP)

  • NIST 800-34: Contingency Planning in Federal Information Systems

  • NIST 800-61: Computer Security Incident Handling Guide

  • NIST 800-84: Guide to Test, Training, and Exercise Programs

  • NIST 800-184: Guide for Cybersecurity Event Recovery

  • ISO 27035: Information Security Incident Management

  • ISO 22398: Societal Security - Guidelines for Exercises

  • Exercise types and methods

  • Exercise program guidelines

  • Exercise program policy and governance

  • Exercise roles and responsibilities

  • Exercise Phases: Plan, Build, Deliver, Evaluate, and Optimize

  • Plan: Risk scenarios

  • Plan: Initial planning meeting

  • Plan: Midterm planning meeting

  • Plan: Final planning meeting

  • Plan: Exercise Plan/Situation Manual

  • Build: Master Event and Inject List

  • Build: Injects

  • Build: Facilitator Guide

  • Build: Participant Guide

  • Build: Observer Guide

  • Deliver: Exercise logistics

  • Deliver: Exercise materials

  • Deliver: Exercise conclusion

  • Evaluate: After-Actin Reporting

  • Optimize: Exercise improvement planning

  • Optimize: Program metrics and reporting

  • Optimize: Program improvement planning

  • Practical

    • Serve as exercise lead, facilitator, or observer for a given exercise subset

  • Course review

  • End of course examination

    • Online​

    • 50 multiple choice questions

    • Two hours

    • 70% passing score

    • Digital badge

    • Professional certificate

      • Red C2MEP "Wolf" lapel pin

        • Made in Estonia by Roman Tavast​

Online, Self-Paced Course Outline: $995 Per Student | ENROLL TODAY

An immersion into planning, developing, conducting, and assessing tabletop cyber war games that leverages the best of U.S. and international standards as well as industry best practices. The ability to plan, develop, deliver, and assess tabletop war games are essential skills required to validate an organization's incident response and cyber crisis management plans. Acquiring this certification demonstrates a unique and specialized set of knowledge, skills, and abilities.

 

This is the second course in the Cyber Crisis Management Professional series. The first course is the Cyber Crisis Management Planning Professional (C2MP2). The final course is the Cyber Crisis Management Leadership Professional (C2MLP). Despite our recommendation that students complete the certification series, it is not required and each course stands alone and provides independent value.

The ability to plan, develop, deliver, and assess tabletop war games are essential skills required to validate an organization's incident response and cyber crisis management plans.  Acquiring this certification demonstrates a unique and specialized set of knowledge, skills, and abilities.

COURSE OUTLINE

  • Course welcome

  • Course objectives

  • Incident response maturity

  • Incident response maturity phases

  • Hazard Mitigation Plan & Threat and Hazard Identification and Risk Assessment (HMP/THIRA)

  • U.S. Homeland Security Exercise and Evaluation Program (HSEEP)

  • NIST 800-34: Contingency Planning in Federal Information Systems

  • NIST 800-61: Computer Security Incident Handling Guide

  • NIST 800-84: Guide to Test, Training, and Exercise Programs

  • NIST 800-184: Guide for Cybersecurity Event Recovery

  • ISO 27035: Information Security Incident Management

  • ISO 22398: Societal Security - Guidelines for Exercises

  • Exercise types and methods

  • Exercise program guidelines

  • Exercise program policy and governance

  • Exercise roles and responsibilities

  • Exercise Phases: Plan, Build, Deliver, Evaluate, and Optimize

  • Plan: Risk scenarios

  • Plan: Initial planning meeting

  • Plan: Midterm planning meeting

  • Plan: Final planning meeting

  • Plan: Exercise Plan/Situation Manual

  • Build: Master Event and Inject List

  • Build: Injects

  • Build: Facilitator Guide

  • Build: Participant Guide

  • Build: Observer Guide

  • Deliver: Exercise logistics

  • Deliver: Exercise materials

  • Deliver: Exercise conclusion

  • Evaluate: After-Actin Reporting

  • Optimize: Exercise improvement planning

  • Optimize: Program metrics and reporting

  • Optimize: Program improvement planning

  • Course review

  • End of course examination

    • Online​

    • 50 multiple choice questions

    • Two hours

    • 70% passing score

    • Digital badge

The online, in-person and remote C2MEP courses all come with the following ready-to-use templates!
  • Cyber Exercise Program Plan

    • Microsoft Word

  • After-Action Report: Exercise

    • Microsoft PowerPoint

  • After-Action Report: Incident

    • Microsoft PowerPoint

  • Initial Planning Meeting Presentation

    • Microsoft PowerPoint

  • Midterm Planning Meeting Presentation

    • Microsoft PowerPoint

  • Final Planning Meeting Presentation

    • Microsoft PowerPoint

  • Exercise Plan/Situation Manual

    • Microsoft Word

  • Master Event and Inject List

    • Microsoft Word

  • Facilitator Guide Template

    • Microsoft Word

  • Observer Guide Template

    • Microsoft Word

  • Participant Guide Template

    • Microsoft Word

  • Exercise Evaluation Form Template

    • Microsoft Word

Cyber Crisis Management Program and Cert

OBJECTIVE

An immersion into planning, developing, conducting, and assessing tabletop cyber war games that leverages the best of U.S. and international standards as well as industry best practices. The ability to plan, develop, deliver, and assess tabletop war games are essential skills required to validate an organization's incident response and cyber crisis management plans. Acquiring this certification demonstrates a unique and specialized set of knowledge, skills, and abilities. 

VALUE

The ability to plan, develop, deliver, and assess tabletop war games are essential skills required to validate an organization's incident response and cyber crisis management plans.  Acquiring this certification demonstrates a unique and specialized set of knowledge, skills, and abilities.

bottom of page