This course is designed to provide guidance for the implementation of an effective cybersecurity incident recovery program from a pre-incident and post-incident perspective. The training focuses on connecting IT with emergency management and is intended for government, critical infrastructure, and private sector personnel who have the responsibility for recovering after a cyber incident. Short term tactical and long-term strategic activities are discussed culminating in the development of an action plan.
FEMA / SID Number
Students must have a FEMA Student Identification Number (SID) to attend class.
To obtain a SID, register online at cdp.dhs.gov/femasid
Course Completion Requirements
A Pre-Test and Post-Test are given to measure participants’ understanding of the material. Participants are required to score a 70% or better on the Post-Test and attend 80% of the course hours in order to receive a course certificate of completion.
Registration and Attendance
Attendance is crucial in order to receive credit for this course. All participants must complete a registration form at the beginning of the course, sign the attendance roster for each day of the course, attend 80% of the course hours, and complete the evaluation at the end of the course in order to receive a certificate of completion.
Class attendance is an essential part of the education process and participants in TEEX courses are expected to attend all class sessions and field exercises. This course requires participants to attend a minimum of 80% of the class hours as a component of successful course completion. During the course, your instructor will review any additional attendance requirements, for example a field exercise that cannot be missed.
TopicsCyber terminology+Cyber incident life cycle+Threat levels+Emergency management+Recovery continuum+Government’s role in cybersecurity+Cyber and the incident command system+Federal resources for cyber+Key programmatic elements that improve recovery+Plan, organize, equip, train, exercise considerations+Short-term recovery actions+Long-term recovery actions+Cyber incident recovery action plan
- Government and private sector IT staff
- Local administrators and upper-level management personnel
- System administration
- Risk management personnel
- Local government administration
- Emergency management coordinators
Continuing Education and Professional Credits1.6 CEUs
Government ProgramsGSA contract number:GS-07F-0357V. GSA customers, to register please contact firstname.lastname@example.org or call (800) 541-7149.+For DHS/FEMA Funded Courses, please contact email@example.com or call (800) 541-7149