- Sigitas Rokas
- Vilius Benetis
- Rūta Jašinskiene
- Lena Lattion
Continuous growth and reliance on Information Communication and Technologies (ICT) results not only in benefits to organizations, but also in cyber incidents, which threatens ICT infrastructure and sensitive data inside it. The ability to timely detect, mitigate and recover from cyber incidents is a crucial capability to organizations, established and managed within Computer Security Incident Response Teams (CSIRTs/CERTs/CIRTs) and Security Operation Centers (SOCs), thereafter - cybersecurity team.
The course dives deep into CSIRT/SOC establishment practice, where combination of theory, unique experience with lessons learned, and hands-on practice give attendees a clear and actionable picture on how to build an effective cybersecurity team.
Fourth optional day is an iteration of the course and is dedicated to look into the CSIRT/SOC technologies on the spot. During the site visit attendees are led through service desks / incident tracking systems, vulnerabilities assessment and penetration testing tools, stack for cyber threat intelligence.