Description
The 530 IT Incident Handling Workshop is a non-technical course aimed at introducing aspiring or new incident handlers to GC and departmental incident handling policies, processes and requirements. The range of learning activities includes pre-course activities, lectures, facilitated discussions, syndicate activities and exercises using a fictitious departmental scenario and a panel discussion. The emphasis is on providing participants with the opportunity to gain knowledge and non-technical skills related to incident handling and engage in critical thinking and discussion on current processes and practices as well as areas for potential individual, team and organizational improvement.
This workshop provides participants with the foundational knowledge and guidelines to contribute to the development of incident response processes and requirements, the tools to recognize and identify predominant threats to Government of Canada (GC) systems, as well as defensive capabilities and IT Security mechanisms. Upon completion participants should be able to apply business, legal and policy requirements as well as detect, validate and conduct initial mitigation measures in accordance with GC policies and practices.
Objectives
- Prepare for incident response activities
- Manage the approach to identify and detect security incidents
- Respond to cyber security incidents
- Support other incident management requirements
- Test incident response readiness
- Support continuous improvement
Target audience
Any person involved in cyber security event management and incident handling activities as well as any IT practitioners or IT managers who have an interest in the topic.
Prerequisites
- Read the Government of Canada Cyber Security Event Management Plan (GC CS EMP)
- Review the Personal Information Protection and Electronic Documents Act (PIPEDA)
- Review internal departmental policies on privacy and incident handling