InfoSecBulletin Cybersecurity for mankind
ISC2 has launched a Threat Handling Foundations Certificate to assist cybersecurity experts in enhancing Digital Forensics and Incident Response (DFIR) amid rising disruptive attacks that may cause breaches.
DFIR is a complex field of incident response. This four-course program offers practical experience in building a DFIR program, digital forensics basics, incident management, and network threat hunting. Key topics include DFIR, security program management, evidence requirements, communication, security operations, and distinguishing between incidents and breaches.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Organizations face numerous attacks while having limited resources. The certificate provides a chance to learn real-world security techniques. ISC2 recommends prior experience but does not require it.
What’s On the Course Agenda?
Threats are rising fast, with attack surfaces expanding even faster. Organizations grapple with visibility, vulnerability patch management, and supply chain issues, which can make DFIR tricky. A plethora of security tools continues to emerge, but it can be tough to know which ones to buy and how to use them effectively. Learning how to “evaluate emerging tools, trends, and technologies in digital forensics” is one aspect of the Threat Handling Foundations Certificate.
Differentiating incidents from events and breaches is crucial, as it affects response and consequences. Breaches require extra attention regarding disclosure, legal issues, and data privacy.
The courses will teach how to identify common network threats and the difference between penetration testing and threat hunting. It’s essential to focus on high-risk threats, especially since security teams often have limited time.
Research Revealed DFIR Skills Gap:
ISC2 introduced a new certification after research revealed a notable gap in DFIR skills, according to COO Casey Marks. Specifically, 60% of cybersecurity experts noted that skill gaps hindered their organization’s security, and 25% said their teams lacked adequate DFIR knowledge. ISC2 worked with members and specialists to pinpoint the necessary skills and topics before launching the certification.
Breaches are now boardroom issues, not just IT ones, warns Marks. Organizations must invest in ongoing cybersecurity skills development to keep up with increasingly fast attackers. Consistent response is essential as threats rise and attackers grow more sophisticated.
Effective DFIR is crucial due to the increase in incidents and breaches. Organizations need to respond quickly and learn from these events to improve security.
“While identifying the source of a file server ransomware attack is often within the scope of many IT engineers, the deeper investigative tasks that follow an incident demand specialized expertise, meticulous care, and well-established procedures to ensure the findings are accurate and actionable,” he says.
