Overview What You Will Learn Curriculum Instructor

Course Overview

How do you measure the success of your incident response program? How do you prioritize improvements? How do you identify issues? How do you communicate this to your leadership? 

If we can define meaningful metrics and relate these to how we affect organizational risk, we can better communicate pain points, blind spots, and opportunities to improve to our teams, our peers, and our leadership to ultimately reduce risk within the organization. We can enable the success of our incident response programs through thoughtful definition and analysis of these key metrics to drive further risk mitigation through our efforts.

This course provides strategy and implementation details to gather, analyze, and present key IR metrics and measurements to explain how your IR program is currently affecting the risk environment of the organization, and how your efforts can continue to reduce the risk of cybersecurity events with your IR program.

What You Will Learn

  • Articulate key incident response concepts
  • phases
  • and terminologies (Introduction to Incident Response)
  • Understand key concepts of risk models including vulnerabilities
  • threats
  • impact as well as risk mitigation strategies such as preventive
  • detective
  • and responsive controls.
  • Define
  • calculate
  • and strategically assess Incident Report Time
  • Mean Time to Detection
  • and False Positive Rate
  • Familiarize with metrics programs such as key performance indicators
  • key risk indicators
  • operational capacity measurements
  • effectiveness measurements
  • and efficiency measurements.
  • Learn to create a detailed incident response performance report to communicate the effectiveness of incident response mechanisms
  • Learn to strategically assess Cost of Incident
  • SLA Compliance
  • and Incidents Over Time

Program Curriculum

  • Incident Response Fundamentals
  • Preparation
  • Detection and Analytics
  • Containment, Eradication, and Recovery
  • Post Incident Activities
  • Incident Handling Checklist
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Quiz

  • Introduction to Risk Models
  • Mitigating Controls
  • Introduction to FAIR CAM
  • Chapter 2 Quiz

  • Understanding Values of Metrics Programs
  • Types of Metrics
  • Chapter 3 Quiz

  • Detection and Analytics Metrics
  • Logging Coverage
  • Mean Time to Detection
  • Detection Efficacy
  • Chapter 4 Quiz

  • Overview of Response Metric
  • Mean Time to Acknowledge
  • Dwell Time
  • Mean Time to Alert Disposition
  • Chapter 5 Quiz

  • Remediation Metrics
  • Mean Time to Contain
  • Mean Time to Eradication
  • Mean Time to Recovery
  • Mean Time to Remediate
  • Chapter 6 Quiz

  • Post Incident Metrics
  • Incident Costs
  • Incidents Over Time
  • Recurring Incidents and Lessons Learned
  • Chapter 7 Quiz

  • Reporting
  • Chapter 8 Quiz

Course Wrap Up

Load more modules

Instructor

Ryan Wisniewski

Ryan is a distinguished cybersecurity leader renowned for his remarkable accomplishments across diverse industries. With an illustrious track record of building highly successful security programs, portfolios, and organizations, Ryan specializes in Incident Response. His unwavering dedication to empathetic leadership, fostering a blameless culture, and instigating sustainable change management principles sets him apart as a guiding force in the cybersecurity landscape. As the current Incident Response Lead at Obsidian Security, Ryan channels his expertise into delivering elite incident response solutions that cater to the unique needs of each customer. He is committed to delivering actionable insights, advanced threat intelligence, and expeditious remediation strategies to reduce the impact of cyber security incidents around the world. Ryan's professional journey includes his role as the Incident Response Lead at Elastic N.V., where he orchestrated the development, enhancement, and seamless operation of Incident Response. He masterminded the Distributed Dynamic Response Program, aligning the organization with security frameworks such as MITRE ATT&CK and NIST 800-61. By implementing a Threat Intelligence Driven Response operating model, he optimized security event and response consistency and efficiency. Prior to his tenure at Elastic, Ryan held pivotal positions at prestigious companies including Paylocity, Zurich Insurance, ACH Food Companies, and McMaster-Carr Supply. His achievements span a spectrum, from establishing and nurturing successful security teams to orchestrating transformative security technology implementations. Ryan's credentials include renowned industry certifications such as Certified Information Systems Security Professional (CISSP), GIAC Information Security Professional (GISP), GIAC Strategic Planning, Policy, and Leadership (GSTRT), GIAC Certified Incident Handler (GCIH), GIAC Security Essentials (GSEC), GIAC Cloud Penetration Tester (GCPN), and SANS Security Awareness Professional (SSAP). Ryan's educational journey continues in pursuit of a master’s degree in information security from the esteemed SANS Technical Institute, alongside a master’s in business administration with a specialized focus on Organizational Change Leadership from Northern Illinois University. Ryan Wisniewski stands as a beacon of expertise and innovation within the realms of incident response, security architecture, and risk management. His unwavering dedication to excellence continues to make a resounding impact in the field.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $59.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 599.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • OSINT: Unmasking Online Scams and Fraud

    OSINT: Unmasking Online Scams and Fraud

    Short Course

    OSINT: Unmasking Online Scams and Fraud

    Cybersecurity

    Master OSINT Techniques to Detect Online Scams, Phishing, Fak...

    $0.00

    Beginner

  • Implementing and Administering Cisco Solutions: CCNA 200-301

    Implementing and Administering Cisco Solutions: CCNA 200-301

    Short Course

    Implementing and Administering Cisco Solutions: CCNA 200-301

    Cybersecurity

    Gain the core skills within the field of Network Engineering ...

    $69.99

    Beginner

    10 hr 30 m

  • WordPress Security - Secure Your Site Against Hackers

    WordPress Security - Secure Your Site Against Hackers

    Short Course

    WordPress Security - Secure Your Site Against Hackers

    Cybersecurity

    Learn how to protect and secure you Wordpress Website

    $59.99

    Beginner

    2 hr 30 m

  • OSINT - Open-source Intelligence

    OSINT - Open-source Intelligence

    Short Course

    OSINT - Open-source Intelligence

    Cybersecurity

    Learn about OSINT (Open-source intelligence) from a hacker's ...

    $69.99

    Beginner

    5 hr 59 m

  • Ultimate Privacy by Design Master Course (GDPR, CCPA, Etc.)

    Ultimate Privacy by Design Master Course (GDPR, CCPA, Etc.)

    Short Course

    Ultimate Privacy by Design Master Course (GDPR, CCPA, Etc.)

    Cybersecurity

    Learn the Privacy by Design process to increase the Privacy p...

    $69.99

    Beginner

    5 hr 30 m

  • Malware Analysis Fundamentals

    Malware Analysis Fundamentals

    Short Course

    Malware Analysis Fundamentals

    Cybersecurity

    Explore how to find, analyze, and reverse engineer malware.

    $59.99

    Beginner

    4 hr 22 m

  • Digital Footprinting

    Digital Footprinting

    Short Course

    Digital Footprinting

    Cybersecurity

    A Practical Introduction to Digital Footprint Analysis

    $69.99

    Beginner

    4 hr 0 m

  • CVE's for Ethical Hacking Bug Bounties & Penetration Testing

    CVE's for Ethical Hacking Bug Bounties & Penetration Testing

    Short Course

    CVE's for Ethical Hacking Bug Bounties & Penetration T...

    Cybersecurity

    Complete Practical Course on CVEs for Ethical Hacking Penetra...

    $69.99

    Beginner

    7 hr 20 m

1 8