Enroll Now

Shopping cart

Your Cart is empty

Browse courses

Welcome to the Cyber Resilience Academy

Your path to becoming a Certified Cyber Resilience Officer.

Courses / Advanced Course

Advanced Course

FC
Teacher

Francesco Chiarini

CR
Teacher

Cyber Resilience Academy

Last Updated

April 25, 2026

0 /0

About Course

The Advanced course builds on the essentials, focusing on developing cyber recovery capabilities (e.g., data vaulting), applying MITRE ATT&CK, and performing detailed critical asset analysis. It also covers traditional disaster recovery, backup and restore, and continuity planning under advanced cyber threat scenarios, and culminates with
techniques like red teaming and attack simulations to test and strengthen resilience strategies.

Course Curriculum

Advanced Course Module 1 – Situational Intelligence and Threat-Informed Defense
On this module, we will explore the following topics: an introduction to selected enablers from the Cyber Resilience Capability Maturity Model (CR-CMM), fundamentals of cyber threat intelligence (including the Diamond Model, STIX and TAXII, ISACs, and the Pyramid of Pain), an overview of the CTI-CMM (Cyber Threat Intelligence Capability Maturity Model) and NIST 800-150 for threat information sharing, the foundations of threat-informed defense from MITRE, a review of key tools across four categories (Foundation, Threat, Architecture, and SOC), an in-depth look at MITRE ATT&CK and related tools from the Center for Threat-Informed Defense and MITRE Engenuity, and a summary of essential NIST 800-53 controls for situational awareness and threat-informed defense.

  • Introduction to the Cyber Resilience Academy
    02:56
  • From Foundation to Advanced: Recap and Introduction
    11:03
  • Quick Orientation
    00:46
  • Threat-Informed Cyber Resilience Foundations
    06:52
  • Foundations of Threat Intelligence for Cyber Resilience
    14:17
  • Tools and Practices for Threat-Informed Defense
    05:13
  • Demo: Threat-Informed Defense Top Tools
  • Key Takeaways
    04:07

Advanced Course Module 2 – Criticality Analysis and Scenario Simulation
On this module, we will explore the following topics: the existing definitions of high value assets (also known as crown jewels, critical software, etc.) and methodologies for identifying what carries the highest inherent impact, thereby requiring cyber resilience approaches for protection. We will conduct a deep dive into the High Value Target methodology, provide examples of rating software criticality, and examine sample threat scenarios, including their associated loss scenarios and design. Additionally, we will review examples of threat catalogues from SCF and ENISA, provide an overview of applicable IT business impact analysis for technology assets, and discuss enhanced controls for critical assets. A detailed exploration of a Conti ransomware threat scenario will follow, including the process of building it using NIST 800-30 and MITRE Attack Flow, as well as deriving loss scenarios from these threat scenarios. We will also introduce contingency planning during a cyber crisis and examine the differences between adversarial and traditional non-adversarial planning. Finally, the session will include an overview of the critical assets process manual and the cyber resilience vision statement, as outlined in the Cyber Resilience Manifesto.

Advanced Course Module 3 – Crisis Management, Contingency Testing and Cyber Recovery
On this module, we will explore the following topics: developing a Business Continuity Plan to ensure critical operations are maintained during disruptions by identifying key functions and recovery priorities, Crisis Management best practices and structured responses to mitigate risks, Disaster Recovery planning focused on restoring IT systems and data to minimize downtime, Tabletop Exercises (TTX) and cyber scenarios tests plans, overview of traditional backup and ransomware strategies to ensure data recovery, Cyber-Physical Resilience convergence physical infrastructure protection from cyber recovery standpoint, defining Minimum Viable Company assets and recovery efforts, large-scale compromise playbooks within cyber crisis management, data vaulting as a secure, isolated repository that stores critical data in an immutable state, protecting it from cyberattacks and unauthorized changes, isolated recovery environment disconnected from primary infrastructure, where backups can be safely stored and restored during recovery, ensuring protection from ransomware and insider threats.

Advanced Course Module 4 – Defensible Architecture, Offensive Testing & System Testing
On this module, we will explore the following topics: Embedding architecture principles from the cyber resilience risk strategy, with a particular focus on six key principles and an in-depth exploration of the “unpredictability” objective. This includes an overview of Zero Trust and Moving-Target Defense, as well as MITRE's Engineering Design Principles and SCRAM. A deep dive into Cyber Resilience Analysis & Testing for critical assets, supported by customizable slides to guide assessments. A review of offensive security approaches, covering threat-led pentesting, red teaming, and attack simulations, alongside NIST 800-115 for security testing. Structuring an offensive security team, defining its goals, metrics, and operating model, ideally reporting to the Cyber Resilience Officer. Overview of target selection methodologies, including High Value Target (HVT) analysis and threat scenario modeling. Introduction to Atomic Red Teaming for unit tests, followed by non-offensive system testing principles from NIST 800-160 Vol. 1 and the System Engineering Body of Knowledge (SEBoK). Finally, a discussion on Chaos Engineering, highlighting its role in disaster recovery testing and its distinctions from reliability engineering.

Your Instructors

CR
Cyber Resilience Academy
0 Rating 2 Courses 10 Students
1 290,00  1 390,00 
-8%
Buy Course
This course includes:
Lectures 24
Duration 5h
Skill Level Expert
Certificate Yes
Share Course
Page Link
Share On Social Media
Cyber Resilience Logo

The Cyber Resilience Academy provides on-demand and live, hands-on training to equip you with the expertise to design and safeguard cyber resilient organizations.

Quick Links

Our Contact

Contact Us

Powered By

HVTLogoWhite-PPT (1)
certifier.io
© 2025 Cyber Resilience Academy. All rights reserved.

Want to receive push notifications for all major on-site activities?