Incident Response Frameworks

Learn to plan, implement, and manage cybersecurity incident response using NIST, SANS, and ISO frameworks. Build a customized, testable response plan to detect, contain, and recover from cyber incidents effectively in real-world environments.

Brett Moffett

Cybersecurity | intermediate | 9 hours | Published: Oct 2025

Discussions

Overview

STUDENTS^*

RECOMMEND^*

This course includes:

On-demand videos
Practice assessments
Multiple hands-on learning activities
Exposure to a real-world project
100% self-paced learning opportunities
Certification of completion

What happens when your organization is under cyber-attack, and you're the one who must respond?

In today's digital battlefield, cyber incidents are not a matter of if, but when. Whether it's ransomware, phishing, or insider threats, the ability to respond swiftly and effectively can mean the difference between containment and catastrophe.

This course is designed to equip you with the tools, strategies, and confidence to implement and use industry best practice for cybersecurity incident response to create an incident response process that anyone can follow.

We'll explore the most widely adopted industry frameworks (NIST and SANS) and learn how to apply them in real-world scenarios as well as integrate them into your existing IT Service Management solution. Through expert guidance and real-world examples, you'll gain a detailed understanding of how to build response plans, coordinate teams, and recovering from attacks.

Whether you're an aspiring cybersecurity professional, an IT support manager, or a team member looking to sharpen your response skills, this course will prepare you to act decisively when it matters most.

Join us and take the first step toward becoming your organisation's frontline defender.

Skills You Will Gain

NIST

SANS

ITSM Major Incident Planning

ITIL Incident Management

Learning Outcomes (At The End Of This Program, You Will Be Able To...)

Describe the fundamentals of a cybersecurity major incident response process.
Explain key industry frameworks (NIST and SANS).
Develop your own cybersecurity major incident response plan.
Test, measure, and improve your cybersecurity major incident management process.

Prerequisites

Basic understanding of IT Service Management, ITIL pillars (Incident, Problem, Change, Request), business IT support, and common cybersecurity events.

Who Should Attend

Cybersecurity engineers. Service Desk Analysts. Service Desk Managers. IT Managers.

Curriculum

Instructors

^*Where courses have been offered multiple times, the “# Students” includes all students who have enrolled. The “%Recommended” shown is also based on this data.

Incident Response Frameworks

Brett Moffett

Cybersecurity | intermediate | 9 hours | Published: Oct 2025

Discussions

Overview

STUDENTS^*

RECOMMEND^*

This course includes:

On-demand videos
Practice assessments
Multiple hands-on learning activities
Exposure to a real-world project
100% self-paced learning opportunities
Certification of completion

What happens when your organization is under cyber-attack, and you're the one who must respond?

Join us and take the first step toward becoming your organisation's frontline defender.

Skills You Will Gain

NIST

SANS

ITSM Major Incident Planning

ITIL Incident Management

Learning Outcomes (At The End Of This Program, You Will Be Able To...)

Describe the fundamentals of a cybersecurity major incident response process.
Explain key industry frameworks (NIST and SANS).
Develop your own cybersecurity major incident response plan.
Test, measure, and improve your cybersecurity major incident management process.

Prerequisites

Basic understanding of IT Service Management, ITIL pillars (Incident, Problem, Change, Request), business IT support, and common cybersecurity events.

Who Should Attend

Cybersecurity engineers. Service Desk Analysts. Service Desk Managers. IT Managers.

Curriculum

1Chapter 1: What is Incident Management and Why is it Important?

2Chapter 2: Importance of a Mature IT Service Management Solution

3Chapter 3: Justifying the Effort and Cost

4Chapter 4: SANS Framework: 6-Step Process

5Chapter 5: NIST SP 800-61r3: Incident Response Recommendations and Considerations for Cybersecurity Risk Management

6Chapter 6: Documentation Management Frameworks

7Chapter 7: Defining a Major Incident

8Chapter 8: Building a Cyber Incident Response Plan (CIRP)

9Chapter 9: Post Implementation Review Process

10Chapter 10: Implementing the Process

11Chapter 11: Testing the Plan

12Chapter 12: Review, Maintain, and Improve

Instructors

^*Where courses have been offered multiple times, the “# Students” includes all students who have enrolled. The “%Recommended” shown is also based on this data.