Intelligent CISO Issue 28 | Page 38

FEATURE Response plans need to be succinct, free of jargon and preferably in the form of quick checklists that everyone can follow under pressure. One attendee, Wayne Parkes, Head of ICT – Warwickshire Police UK, offered his opinion on the course: “Quite a difficult subject to get over sometimes but I think Amar presented it really well. Nice mixture of technical knowledge and practical examples. Good for a very mixed audience as it wasn’t overly technical. I highly recommend it in terms of bringing a mixed group up to speed with the importance of responding to a cyber incident, and what the essentials are about dealing with it.” We spoke to Amar Singh, Founder and CEO of Cyber Management Alliance, to find out more about the importance of incident response and how the course provides attendees with a level of confidence in this particular field. How would you define a good incident response plan and how important is this? A good incident response plan is one that is simple, well-rehearsed by all key stakeholders in the organisation and one that is actually fit-for-purpose. As far as importance goes, doing business in cyberspace without an effective incident response plan is likened to: • Going on a holiday, during the pandemic, with no insurance, no masks and a brand-new, unopened phone • Jumping off a plane with a parachute without reading the manual or testing if the parachute actually works I’m very vocal about the fact that longwinded and complex response plans will take you nowhere. They will confuse and create chaos. Response plans need to be succinct, free of jargon and preferably in the form of quick checklists that everyone can follow under pressure. Also, if your incident response plans are not tested, they’re as good as the brandnew, unopened, untested smartphone AND without an Internet connection. How does the course provide good preparation and response to a cyber incident or breach? Our UK government’s NCSC-Certified CIPR course has been designed to cater to both technical and nontechnical audiences and transcends specific functions and hierarchies. Therefore, it gives a really holistic picture of all the aspects of cyber preparedness that a business executive or an IT professional needs to know. Through the 19 modules, the course introduces you to the basic concepts of cyberattacks, opens your mind to what actually happens during a breach and then educates you on how you can plan and be prepared to respond to that breach in advance. The overarching idea behind the course is that attackers will breach the defences. You need to plan to rapidly detect and prepare to swiftly respond to the attackers to stop them in their tracks. 38 Issue 28 | www.intelligentciso.com