Start Date:
End Date:
Event dates
Start Date:
End Date:


World or Multi-Regional
Training topics
  • Cybersecurity
Training type
Face to Face
  • English
Event organizer
Computer Emergency Response Team of Mauritius (CERT-MU)
Event mail contact
  • Ghazi Mabrouk
Course level


Global Gateway and EU flag blank


Cybersecurity exercises are a very effective way of learning the practical aspects of information security. But designing such exercises is not an easy task. This course provides a number of steps and guidelines that should be followed when designing a cyber exercise. The steps include defining the objectives, choosing an approach, designing network topology, creating a scenario, establishing a set of rules, choosing appropriate metrics and capturing lessons learned. This 3-day training course examines the key elements required to develop cyber disaster response simulation exercises. It will enable participants to increase collaboration, through greater understanding and familiarity of interaction between the private and public sectors and a better understanding of cyber-attacks, as well as the protection and defense of critical information infrastructures so that knowledge and skills for planning, implementing, and following up on cyber disasters can be improved. With generous support from the Global Gateway initiative of the European Union, participation in this training programme is free of charge for selected applicants. This includes accommodation, meals, and other planned learning activities during the training. Participants or their organizations are responsible for covering their travel expenses.

The training is intended for policymakers, ICT regulators and government officials such as Information Security Officers, Security Managers, Network Engineers and Systems Administrators.

The maximum number of participants in this training is limited to 25 participants. 

Members of the above-mentioned target population are invited to apply for the training if they meet the following criteria:

  • Hold an undergraduate degree in a relevant field or have a minimum of three years of experience in incident response, network security, information system security and system administration if they do not hold a university degree.
  • Possess a fluent level of English.
  • Complete the application questionnaire and attach an up-to-date CV, a recommendation letter from their employer, or a motivation letter.

Government officials and policymakers from developing countries, particularly women, are encouraged to apply.

Selection will be conducted by the course organizers, who will consider the above entry requirements along with an analysis of the application questionnaire and the recommendation/motivation letter of each applicant.

 Upon completing the training, participants will be able to:

  • Develop incident response and crisis management plans
  • Design a cyber security simulation exercise
  • Execute simulation exercises such as TTX and technical simulations
  • Develop effective communication plans for an effective interaction with all actors during a crisis situation. 

The training will be carried out face-to-face in Mauritius and will include presentations, analysis of examples and real-life case studies, and group exercises followed by instructor feedback.

Participants will be evaluated based on the following grading scale:

  • Full training participation: 10% of the total score
  • Group case study submission: 50% of the total score 
  • Final quiz completion on the ITU Academy: 40% of the total score    

The final quiz will consist of 20 questions. A total score of 70% or higher is required to obtain the ITU certificate at the end of the training. 

Day 1: Exercise Preparation & Planning

  • Topics Covered:
    • Initiatives and mission
    • Needs analysis – why should we have an exercise?
    • Mission Statement – Defining the assignment
    • Defining the expected outcome of the exercise
  • Key Learning Points:
    • Understand cyber incident response plan development

Day 2: Exercise Preparation & Planning (contd.)

  • Topics Covered:
    • Purpose – why should we have an exercise?
    • Objectives – what we want to achieve with the exercise
    • Target group
    • Limitations – what will not be addressed in the exercise
    • Exercise types, forms, and requirements
    • Formulation of the requirements for developing cyber exercises (scope, objective, etc.)
  • Key Learning Points:
    • Understand formulation of the requirements for developing cyber exercises

Day 3: Implementation & Evaluation

  • Topics Covered:
    • Procurement of Technical Infrastructure
    • Setting up of the infrastructure
    • Technical Exercise environment
    • Planning of the counter play organization
    • Technical support and communications
    • Website for exercise planning
    • Training external communication
    • Evaluation process
  • Key Learning Points:
    • Environment setup and the implementation of cyber exercises
Related documentation and links
Share in