The Recovering from Cybersecurity Incidents course is designed to provide guidance to a jurisdiction on the actions necessary to effectively recover from a cybersecurity attack. It discusses the pre- and post-incident programmatic activities needed for short-term and long-term recovery. The course bridges the different worlds of information technology and emergency management. This training is particularly pertinent to IT management, emergency management personnel, as well as any other government, critical infrastructure, or private sector personnel who has the responsibility for recovering after a cyber incident. This course is intended to be delivered across the country to jurisdictions at all response levels: local, state, tribal, territorial, as well as private industry.
Upon successful completion of this course, participants will better be able to prepare for and act during the recovery of a cybersecurity incident.
