Cyber Incident Planning and Response Course

Government Certified, Accredited Course on Planning and Response Strategies to deal with Cyber-Attacks and Cyber Crises

The NCSC-Certified Training in Cyber Incident Response Course is available with an optional APMG Examination

Get Started

The Cyber Incident Planning and Response course is a comprehensive guide for enabling organisations and individuals to prepare a well-defined and managed approach to dealing with a data breach or a cyberattack. This course is targeted at a non-technical audience comprising key decision-makers and managers in both managerial and technical profiles.

Benefits of choosing the E-Learning Option

Benefits of choosing the E-Learning Option


Full access to all content (downloadable PDFs) for 60 calendar days


You can complete it as and when it’s possible, around your working hours or during.


Purchase the bundle offer below to recevie free access to our NCSC-Certified Building and Optimising Incident Response Playbooks course

You are able to relate it to your business more as you have longer to complete (and consume) the training rather than it being a 1-day virtual event. If you would prefer to attend a virtual class AND have the E-Learning included, you can select that option here once you have selected a date.



Get Started

Highlights of the E-Learning CIPR course


Certified by the UK-Government's National Cyber Security Centre (NCSC).


Accredited by the Chartered Institute of Information Security (CIISec).


19 modules with over 20 interactive exercises on all aspects of planning and response.


Bonus content (worksheets, templates, how-tos, mind-maps) Content updated regularly


170 page, comprehensive supporting PDF book.


Optional Exam: Take the APMG Examination of the NCSC-Certified Training*

* Please note you must complete the course and obtain a certificate of completion before sitting for the exam



Get Started
  • Key Learning Objectives
  • Downloads
  • About
  • Key Learning Objectives

    • Gain deeper insights on key risk-reducing controls to increase your company’s ability to protect, detect and respond to cyber-attacks on a strategic and operational level.
    • Learn to design an early warning system to lower discovery time from months to days.
    • Develop the skills to understand and improve your company’s cyber- resiliency by making more cost-effective, risk-based decisions.
    • The latest techniques and insights on incident response.
    • Threat Intelligence-led testing and response framework adopted by leading governments and institutions.
    • How to use threat intelligence to lower organisation risk and speed up response times.
    • The Cyber Kill Chain (the cyber attack process) and how to design an early warning system to lower discovery time from months to days.
    • How to create actionable, fit-for-purpose plans, checklists and processes.
    • How to define and baseline “Normal” within your organisation.
    • Understand 'Normal' and how it can help reduce your time to respond and reduce human error.
    • The best methods to stop up to 90% of all cyber attackers in their tracks, before they breach your critical data.
    • How to design and implement a response framework and build an effective cyber response team.
    • The “Golden Hour” and why it’s critical to managing an incident.
    • The core concepts of incident triage, OODA and their relevance and importance in a cyber resilient organisation.

    Furthermore, this cybersecurity training course provides senior management and incident response teams, amongst others, with the vital knowledge and skills to plan, lead and manage a cyber crisis and equips the learner with competence so that they can rapidly detect, rapidly respond and rapidly recover from a cyber-crisis.

  • Direct Downloads

    Directly download the full Learning Objectives of the course here

    Templates. Worksheets & Mind-maps

    When you enrol in this course you will have access to several worksheets & templates that you can use immediately. Take a look at the course curriculum, below, to see whats included in this course.

    The image immediately below is a gallery view of some of the templates and collateral available to students.

    Continuing Professional Development

    CPD points can be claimed for this course at the rate of 1 point per hour of training for this NCSC-certified and CIISec-approved course (8 points for one-day public course and 15 points for the two-day internal workshop - for when organisations host this course internally).

    CIPR Student-Only Incident Response Plan Template

    As a student you get access to unique content including our highly acclaimed Cyber Incident Response Plan Template. If you want, you can download the FREE version of the Incident Response Plan template here.

  • About

    (ISC)2 & ISACA Members: You can claim 8 CPE points after they complete the whole course and obtain the attendance certification.

Example Curriculum

  ** IMPORTANT ** Please read this first
Available in days
days after you enroll
  Welcome Introduction - Goals, Learning Objectives & Trainer
Available in days
days after you enroll
  Cyber Resiliency - Module 1
Available in days
days after you enroll
  Threat Actors - Module 2
Available in days
days after you enroll
  Define Normal - Module 3
Available in days
days after you enroll
  The Cyber Attack Methodology - Module 4
Available in days
days after you enroll
  Visibility - Module 5
Available in days
days after you enroll
  The Golden Hour & Incident Management - Module 6
Available in days
days after you enroll
  Building the Team - Module 7
Available in days
days after you enroll
  Forensics & Investigations - Module 8
Available in days
days after you enroll
  Regulations & Standards - Module 9
Available in days
days after you enroll
  The Technology Stack - Module 10
Available in days
days after you enroll
  Communications & PR - Module 11
Available in days
days after you enroll
  Course PDFs
Available in days
days after you enroll
  Additional CIPR Collateral
Available in days
days after you enroll
  Additional Collateral Cyber Attack Timelines
Available in days
days after you enroll

Sign up and Start Today


Pay-in-full in your local currency (where available)


We take all major forms of payment and we use secure checkout.