Advanced search

Cyber crisis management

Registration
 - 
Event dates
 - 
Location
Global or multi-regional
Training topics
Cybersecurity
Training type
Online instructor led
Languages
English
Tutors
  • Aliyev Samir
  • Ayaz Karimov
Coordinators
  • Kristina Hojstricova
Course level

Intermediate

Event email contact
kristina.hojstricova@itu.int
$0.00

Does this course have any restrictions?

By nationality
Angola, Bangladesh, Benin, Burkina Faso, Burundi, Cambodia, Central African Republic, Chad, Comoros, Democratic Republic of the Congo, Djibouti, Eritrea, Ethiopia, Gambia, Guinea (Republic of), Guinea-Bissau, Haiti, Kiribati, Lao People’s Democratic Republic, Lesotho, Liberia, Madagascar, Malawi, Mali, Mauritania, Mozambique, Nepal, Niger, Rwanda, Senegal, Sierra Leone, Solomon Islands, Somalia, South Sudan, Sudan, Timor-Leste, Togo, Tuvalu, Tanzania, Uganda, Yemen, Zambia

Event organizer(s)

ITU logo
swiss cyber

Description

This training is designed to equip professionals from Least Developed Countries (LDCs) with the skills and strategies needed to effectively prepare for, respond to, and recover from cyber incidents. This course covers the entire lifecycle of a cyber crisis—from identifying vulnerabilities and managing real-time attacks to post-incident recovery and legal implications. Participants will engage in hands-on simulations of real-world cyberattacks which will help them to develop quick decision-making and strategic thinking under pressure. 

The course focuses on developing practical skills to handle high-pressure situations, emphasizing structured decision-making and clear communication during incidents. Participants will learn to design and implement incident response plans, assess vulnerabilities, and understand the implications of cyber threats on organizational operations. 

 

Training will be delivered under the Cyber for Good project.

Target population

This training is designed for mid and senior-level government officials from least developed countries who have a background in cybersecurity. Participants should be involved in cybersecurity policy, management, or incident response within their government institutions. The course is tailored to those responsible for developing and implementing national cybersecurity strategies, managing cyber incidents, and coordinating with key stakeholders during a crisis. 

Entry requirements

Qualifications or experience needed to participate in this training course: 

  • Being from a least developed country
  • Participants should hold mid or senior-level positions within government institutions in least developed countries and have a background in cybersecurity.  
  • Prior experience in cybersecurity policy, incident response, or management is required.  
  • A basic understanding of national cybersecurity frameworks and crisis management principles is recommended.  
  • Proficiency in English is necessary, as the training will be conducted in English. 

Number of available places for the cohort: 70

Learning objectives

Upon completion of this course, participants will be able to:  

  • Identify vulnerabilities and risks within national cybersecurity infrastructures. 
  • Develop and implement comprehensive cyber crisis management and incident response plans. 
  • Analyze cyber incidents to determine their scope, impact, and necessary mitigation strategies. 
  • Apply crisis communication techniques to coordinate with internal teams and external stakeholders during cyber incidents. 
  • Evaluate legal, regulatory, and ethical implications related to cybersecurity crises in a governmental context. 
  • Design strategies for post-incident recovery and continuous improvement in cybersecurity practices. 
  • Lead multi-agency coordination efforts to ensure a unified response to national cyber threats. 
  • Assess the effectiveness of cyber crisis responses and recommend improvements for future incidents.   
Methodology

This course will use a practical learning approach to achieve the learning objectives. Participants will work on real-life examples and problem-solving activities to understand how to manage cyber crises. Simulations will be used to create realistic cyber incident scenarios, allowing participants to practice how to respond and make decisions in a safe environment. 

The training will include one live session The session will be recorded allowing flexible, self-paced learning. Group discussions and teamwork will encourage participants to share their experiences and learn from each other.  

Self-reflection activities via the Forums will help participants review their current practices and find ways to improve, while experts will provide guidance and feedback throughout the course. 

Assessment and grading

Assignments: Participants will complete scenario-based assignment focused on developing a cyber crisis response plan tailored to their national context.  60% 

Forum Participation and Group Work: Active participation in discussion forums and group activities is required to encourage peer learning and knowledge exchange.  20% 

Attendance and active participation in Live Session: Attendance in live sessions is mandatory.  In the event of an absence, participants are required to watch the entire session recording, which will be made available on the ITU Academy platform.  20% 

A total score of 70% or higher is required to obtain the ITU certificate  

Training details and instructional approach

Sessions 

  • Cyber Crisis Management Essentials 
  • Developing and Implementing Response Plans 
  • Simulated Cyber Crisis Exercise 
  • Post-Crisis Analysis and Improvement 

Learning Outcomes  

  • Identify key components of cyber crisis management and assess vulnerabilities in government cybersecurity infrastructure. 
  • Develop an effective incident response plan and apply crisis communication techniques for coordination with stakeholders. 
  • Demonstrate decision-making and response strategies during a simulated cyber incident. 
  • Analyze response actions, identify gaps, and propose improvements for future cyber crisis preparedness. 
  • Presentation, group discussion 
  • Workshop, scenario-based groupwork and forum discussion 
  • Simulation exercise, role-play, group debrief 
  • Reflection activity, peer feedback 

Activities 

After the lecturing section, participants break into small groups to discuss insights, share experiences, and identify challenges and opportunities. This discussion lays the groundwork for a scenario-based workshop, where each group analyzes a realistic cyber incident—such as a ransomware attack—and collaboratively develops an initial response plan, detailing immediate containment actions, stakeholder coordination, and both short- and long-term priorities. The training then transitions into a simulation exercise featuring a live role-play: participants assume distinct roles (e.g., Chief Information Security Officer, Legal Counsel, or PR Manager) and respond to evolving crisis updates in real time, testing their teamwork and communication under pressure. Finally, everyone reconvenes for a group debrief and reflection activity, where individuals document personal takeaways and provide peer feedback, highlighting successes and areas for growth. 

Registration information

Document on registration information (English)

Unless specified otherwise, all ITU Academy training courses are open to all interested professionals, irrespective of their race, ethnicity, age, gender, religion, economic status and other diverse backgrounds. We strongly encourage registrations from female participants, and participants from developing countries. This includes least developed countries, small island developing states and landlocked developing countries.

Related documentation and links
Share in