Skip to main content
Module 2 – Cyber Incidents and Incident Handling Fundamentals (NERO)

Module 2 – Cyber Incidents and Incident Handling Fundamentals (NERO)

NERO Module 2 – Cyber Incidents and Incident Handling Fundamentals provides trainees with a practical introduction to modern cyber attack scenarios and standard incident management frameworks, helping organisations build robust defences and establish active readiness.

The module focuses on defining frequently occurring threat patterns, software supply chain risks, and the protection of emerging technologies like Large Language Models (LLMs), tailored specifically for small and medium-sized enterprises (SMEs). Through structured material and hands-on tool engagement, trainees learn how to identify, analyse, and handle cyber attacks while implementing standard steps to safely contain breaches, minimise recovery costs, and systematically preserve digital evidence.

Registration information

Participants can register for this module through the NERO Website where they can gain full access to the training materials and training activities. All required tools and resources are available through the NERO Marketplace.

Topics covered

The training covers a structured set of core and practical topics, including:

  • Ransomware and Malware Attacks: Understanding the different types of modern malware and ransomware, and how attackers use the Domain Name System (DNS) to deliver threats.

  • Web Application and API Security: Deep-diving into the security risks outlined in the OWASP Top 10 and identifying the role of automated bot attacks.

  • Software Supply Chain Vulnerabilities: Examining real-world third-party component breaches and learning how to prioritise software risks using standard criteria like CVSS and CISA KEV.

  • Attacks against Large Language Models (LLMs): Dissecting unique security flaws in AI applications, including data poisoning and model inversion.

  • Incident Response Fundamentals: Navigating the phases of handling an active security crisis, defining team roles, and understanding regulatory communication requirements.

These topics are supported by short lectures, demonstrations and video material.

Learning approach

The module follows an interactive learning approach that combines:

  • Expert-led presentations and concise lectures focusing on modern cyber threat patterns and the incident handling lifecycle

  • Live online training sessions and demonstrations where instructors showcase attack techniques and guide trainees through the practical use of defensive tools

  • Interactive exercises and simulated scenarios conducted in a safe and controlled virtual environment to replicate actual cyber incidents

  • Hands-on Cyber Range labs utilising the Attack Detect React (ADR) Cyber Range interface to analyse network traffic, detect malicious activities, and trigger countermeasures

  • Quizzes and knowledge checks to evaluate basic understanding of threat vectors, tool functionalities, and incident management procedures

Learning outcomes

After completing the module, trainees will be able to:

  • Identify and explain the behaviours of modern malware, ransomware, and automated bot attacks

  • Recognise critical security risks across web applications, APIs, and Large Language Models (LLMs)

  • Apply standard verification frameworks (OWASP ASVS/SCVS) to secure software pipelines and third-party components

  • Prioritise technical software vulnerabilities using industry-standard criteria like CVSS and CISA KEV

  • Execute standard Incident Response Lifecycle phases to contain operational threats and manage team roles during a breach

Training Offer Details

Digital technology / specialisation
Training opportunities
Learning Effort
Part time intensive
Self-paced
Yes
Digital skill level
Geographic scope - Country
Austria
Belgium
Bulgaria
Cyprus
Target language
English
Field of education and training
Personal skills and development
Information and Communication Technologies (ICTs) not further defined
Is this course free
Yes
Type of funding
DIGITAL ADS SO4
Prerequisites
No
Upcoming course
No