University of Oxford Logo University of OxfordSoftware Engineering - Home
On Facebook
Facebook
Follow us on twitter
Twitter
Linked in
Linked in
Google plus
Google plus
Digg
Digg
Pinterest
Pinterest
Stumble Upon
Stumble Upon

Security & Incident Management

A key ingredient of successful security and risk programmes is effective management of security-related incidents. Incidents range from small and predictable - which can be eliminated through operation controls, through to large and unpredictable - when standard management controls and mechanisms may not work. This module introduces the principles of incident management in practical contexts and draws out the key themes for effective response to the panoply of events and triggers that impact businesses, governments and individuals alike.

Course dates

12th February 2018Oxford University Department of Computer Science 0 places remaining.

Objectives

The successful participant will:

  • have an understanding of the key themes and principles of security incident management; be able to apply these principles in designing systems and models for managing security incidents;
  • understand how to apply the principles of incident management in a variety of contexts; be able to make a case to argue the extent to which technology can assist in the resolution of security incidents and how this is changing over time;
  • have an appreciation of the wider context of security incident management, and in particular of the relationship with business continuity and crisis management disciplines.

Contents

Incident Management
IM in support of the business strategy; the causes of incidents - anticipation, prediction, and analysis; response as a component of Risk Reduction Strategies; the outcomes and consequences of an incident - feedback mechanisms; qualitative vs quantitative approaches - techniques and formalisation and automation; creating incidents to reduce incidents - testing the system; non-IT related security incidents; lost CDs, social engineering; incident management and software development environments; can software engineering eliminate the need for response capability?
Crisis Management
Managing a crisis when management structures don't work; making a drama out of a crisis; the value of simulation and practice of the unforeseen.
Business Continuity
Supporting the business requirements; bridging the link between technology and business; incident Management in context; business impact assessment and strategies for disaster recovery and work area recovery.