Skip to main content

ISLA IPGT 13818

Incident Management

Cybersecurity
  • ApresentaçãoPresentation
    This course unit focuses on the management of cybersecurity incidents, exploring best practices and international frameworks, emphasizing ISO/IEC 27035 and the NIST Incident Handling Framework. Students will learn to prepare for, identify, respond to, and learn from security incidents, using these methodologies to establish effective incident management processes within an organization. A comparison with ISO/IEC 27001:2022 will allow students to understand the incident management in general information security management.
  • ProgramaProgramme
    Module 1: Introduction to Cybersecurity Incident Management Basic concepts of cybersecurity incidents. The importance of incident management for organizations. Module 2: ISO/IEC 27035: Principles and Practices Overview of ISO/IEC 27035. Phases of incident management according to ISO/IEC 27035: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned. Module 3: NIST Incident Handling Framework Exploration of the NIST Incident Handling Framework. Comparison of the NIST phases with ISO/IEC 27035. Module 4: Comparative with ISO/IEC 27001:2022 Understand incident management in information security management. Integration of incident management in the ISO/IEC 27001:2022 framework. Implementation of an Information Security Management System (ISMS) and its role in incident management.
  • ObjectivosObjectives
    Understand the fundamental concepts of cybersecurity incident management. Explore the steps and processes defined by ISO/IEC 27035. Analyze the NIST Incident Handling Framework and its application. Understant incident management in the general information security practices described in ISO/IEC 27001:2022. Develop practical skills to apply these frameworks in the real context of an organization.
  • BibliografiaBibliography
    International Organization for Standardization. (2023). ISO/IEC 27035-1:2023 Information security incident management — Part 1: Principles and process. ISO. International Organization for Standardization. (2022). ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems — Requirements. ISO. Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012). Computer security incident handling guide (NIST SP 800-61 Rev. 2). National Institute of Standards and Technology. Killcrece, G., Kossakowski, K.-P., Ruefle, R., & Zajicek, M. (2003). State of the practice of computer security incident response teams (CSIRTs) (CMU/SEI-2003-TR-001). Software Engineering Institute, Carnegie Mellon University. West-Brown, M. J., Stikvoort, D., & Kossakowski, K.-P. (2005). Handbook for computer security incident response teams (CSIRTs) (2.ª ed.). Addison-Wesley.
  • MetodologiaMethodology
    This curricular unit include theoretical sessions, guided discussions and practical sessions for demonstration of thematic cases. In theoretical sessions we'll use the expository method. Targeted discussions will focus on case studies. Practical sessions include the resolution of practical cases to enable the skills acquired to be validated
  • LínguaLanguage
    Português
  • TipoType
    Anual
  • ECTS
    1
  • NaturezaNature
    Mandatory
  • EstágioInternship
    Não