SABSA® Advanced A4: Incident, Monitoring & Investigations

The increasing tempo of cyber attacks by cyber criminals, state sponsored actors, and hacktivists is a major concern for all organisations within government and industry. Participants will learn how the SABSA framework can be applied to deliver effective incident management and monitoring. The internet is now a hostile environment where businesses can be destroyed overnight. The sophistication of cyber attack is challenging even the most capable cyber defender, and is well beyond the preventative capability of most organisations. Attacks will be successful, and there is an increasing requirement for businesses to monitor their systems and networks, and to respond effectively to incidents.

Course syllabus:

  1. SABSA as a Problem Solving Framework

  2. Stakeholder Value Propositions

  3. Thinking about Security Operation Centres

  4. Framework Alignment

  5. Strategy & Planning for Incident Management

  6. Incident Management Design

  7. Incident Management Maturity

  8. Industrial Control Systems

  9. Security Investigations

  10. Full Requirements-to-Solution Traceability