While automation has come to play a crucial role in cybersecurity, legwork by cybersecurity teams remains a fundamental part of threat handling. From threat hunting to digital forensics to incident response, human attributes like experience, instinct and resourcefulness remain a must. Well-honed, these attributes often make the difference in strengthening an organization’s security posture.
That’s why cybersecurity teams need solid expertise and up-to-date skills in threat handling areas such as detection, intelligence gathering, forensics and incident preparation and response. Without a strong grip on these areas, security teams will struggle to defend against ever present and evolving threats. And this is likely to create unintentional paths of attack for threat actors constantly the hunt for vulnerabilities to exploit.
When it comes to threat handling, cybersecurity teams need an understanding of the core principles, practices and legal implications of digital forensics and practices. They also should know how to effectively communicate their findings to stakeholders in non-technical roles.
Building Digital Forensics and Incident Response (DFIR) program is key. It spells out policies, roles, tools, frameworks, and strategies to define and distinguish security incidents from events and breaches so teams can know what to do in each case.
ISC2’s new Threat Handling Foundations Certificate is designed to help cybersecurity teams strengthen their capabilities in building DFIRs, network threat hunting and incident management. To earn the certificate, candidates must complete four courses totaling 13 hours of learning. The curriculum includes a primer on the fundamentals of digital forensics and incident response, providing learners with the core knowledge they need to delve deeper into DFIR, threat hunting and threat management in subsequent courses.
The four courses required for the ISC2 Threat Handling Certificate are as follows:
- Foundations of Digital Forensics – Understanding the core principles and practices of digital forensics, evidence, and legal considerations of digital forensics, and how to effectively communicate the findings.
- Building a Digital Forensics and Incident Response (DFIR) Program – An exploration of strategic frameworks and best practices for an in-depth understanding of how to build effective DFIR programs.
- Incident Management: Preparation and Response – How to define a security incident, prevent an incident from becoming a breach, and leverage security incidents to improve an organization’s security posture.
- Network Threat Hunting – Understanding network threats and techniques used by attackers, and applying that knowledge to strategically hunt, detect and mitigate the threats.
For more information on certificates from ISC2, visit https://www.isc2.org/professional-development/certificates.