WHERE TO TAKE THIS COURSE
Dates for upcoming training are posted here.
Incident response programs are generally geared toward and adequate for network attacks, however most programs do not have a sufficient plan for responding to and recovering from social engineering (SE) attacks. Employees know who to contact if they get a virus, but not who to contact or what to do if they receive a suspicious phone call or if someone “piggybacks” them into the building. These attacks require special care, situational awareness, and a strong yet empathetic understanding of human nature. A solid set of procedures and knowledgeable staff are the foundation for proper response. Having these in place prior to an attack is key to ensuring first responders know what to do when something suspicious happens, such as how to avoid dangerous confrontations, de-escalation of encounters with possible intruders, or preventing further intrusions. This course will teach the principles of preparing for and ensuring detection measures are implemented to discover and report social engineering attacks, as well as what an incident responder should do – step by step – once a potential SE incident has been identified. Learn how to validate, protect, detect, respond and recover from an SE event as part of a comprehensive incident response plan that goes beyond the network and into the heart of your enterprise.
- Types of deterrent and detective controls, specifically how to identify and prioritize gaps in these important security measures based on risk, brainstorming, and common attacks.
- Building: Policies and procedures; The team; Goals, strategy, and objectives. The incident response plan, tactical procedures
- Tying the SE IR plan into the supply chain, ensuring communication methods are adequate, and using metrics / reporting to create incident reports and improve the IR plan and procedures.
WHO SHOULD TAKE THIS COURSE
- Blue team
- Security defenders
- Internal Awareness Teams / Trainers
- Security Awareness teams
- Incident Responders
- Infosec personnel interested in defending against social engineering
- IT Support Staff
- Security Program/Policy Managers
- First Responders
- Anyone interested in learning more about handling social engineering attacks
AUDIENCE SKILL LEVEL
WHAT STUDENTS SHOULD BRING