Macquarie University
Cyber Response and Recovery
Macquarie University

Cyber Response and Recovery

Matt Bushby

Instructor: Matt Bushby

Included with Coursera Plus

Gain insight into a topic and learn the fundamentals.
Beginner level

Recommended experience

7 hours to complete
Flexible schedule
Learn at your own pace
Gain insight into a topic and learn the fundamentals.
Beginner level

Recommended experience

7 hours to complete
Flexible schedule
Learn at your own pace

What you'll learn

  • Lead an Organisational Response to a Cyber Attack

  • Detect, Analyse, and Contain Threats

  • Strengthen Resilience and Learn from Incidents

Details to know

Shareable certificate

Add to your LinkedIn profile

Recently updated!

June 2025

Assessments

5 assignments

Taught in English

See how employees at top companies are mastering in-demand skills

 logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

There are 5 modules in this course

Cyber incidents are no longer a matter of if, but when. With attacks increasing in frequency, sophistication, and cost, organisations must shift from passive defence to active readiness. This opening module sets the foundation for effective response and recovery by unpacking the real-world impacts of cybercrime—financially, operationally, and reputationally—and helping you frame response readiness as a strategic business imperative. You’ll explore how to build organisational preparedness, establish a clear common language for incident response, and understand the essential principles of preparing to act under pressure. This module creates the mental framework and strategic orientation needed before diving into technical or procedural responses. By the end of this module, learners will recognise why response planning is vital, what’s at stake, and how to begin framing their organisation’s approach to responding with confidence when a breach occurs.

What's included

1 assignment5 plugins

Effective cyber response doesn’t begin when an incident hits—it starts with preparation. In this module, you’ll learn how to proactively equip your organisation to act swiftly, confidently, and in a coordinated manner when a threat emerges. We begin by examining your organisational security landscape—understanding your infrastructure, identifying potential vulnerabilities, and assessing the readiness of your current defences. You’ll then learn how to establish and structure a Computer Security Incident Response Team (CSIRT), defining clear roles, responsibilities, and escalation protocols. Crucially, you’ll explore the often-overlooked but vital domain of crisis communication—internally with your staff and leadership, and externally with stakeholders, customers, regulators, and the media. A strong response is not just technical; it’s also about preserving trust. This topic empowers you to build an organisation that’s not just aware of cyber threats—but truly prepared to respond and recover with speed, structure, and professionalism.

What's included

1 assignment6 plugins

Timely detection and accurate analysis are the cornerstones of an effective cyber response. This module trains you to move from noise to insight—equipping you to recognise early indicators of compromise and swiftly determine the scale and nature of an incident. You’ll begin by exploring the difference between routine system events and those that signal potential breaches. Using real-world examples, you’ll learn how to sift through logs, alerts, and user activity to identify suspicious patterns. Next, you’ll dive into incident analysis—what to look for, how to gather and interpret data, and how to assess the potential impact. You'll develop a structured approach to triaging incidents and escalating them with evidence-based confidence. By the end of this topic, you’ll be able to detect threats early, validate real incidents from false alarms, and analyse incidents with the clarity needed to mount an effective response.

What's included

1 assignment6 plugins

Once a cyber incident is detected and analysed, the next steps are critical: contain the damage, eliminate the root cause, and restore systems securely. This topic equips you with the skills and strategies to take decisive action under pressure. You’ll explore techniques for isolating compromised systems to prevent further spread—balancing urgency with precision to maintain business continuity. From there, you’ll learn how to fully eradicate threats from your environment, whether they stem from malware, insider threats, or advanced persistent attacks. The final stage is recovery: safely restoring systems, validating their integrity, and putting safeguards in place to prevent recurrence. This process isn’t just about getting back online—it’s about getting back smarter and stronger. By the end of this topic, you’ll have a practical roadmap to steer your organisation through the high-stakes aftermath of an incident—containing the damage, restoring trust, and reducing future risk.

What's included

1 assignment5 plugins

A cyber incident doesn’t end when systems are restored—it ends when the lessons are captured, analysed, and used to strengthen the organisation. This topic focuses on turning response into resilience by embedding continuous improvement into your incident management lifecycle. You’ll explore how to effectively document the response process, ensuring evidence is preserved and insights are clearly communicated to both technical and executive audiences. You’ll learn how to conduct a structured post-incident review that goes beyond what happened—to uncover why it happened, how it was handled, and what must change moving forward. Most importantly, you’ll understand how to institutionalise the “lessons learned” to evolve your security posture, improve detection and response capabilities, and reduce the likelihood and impact of future incidents. By the end of this topic, you’ll have the tools to transform setbacks into strategic wins—making each incident a catalyst for a stronger, smarter, and more cyber-resilient organisation.

What's included

1 assignment5 plugins

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.

Instructor

Matt Bushby
Macquarie University
7 Courses166 learners

Offered by

Why people choose Coursera for their career

Felipe M.
Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
Jennifer J.
Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
Larry W.
Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
Chaitanya A.
"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."
Coursera Plus

Open new doors with Coursera Plus

Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription

Advance your career with an online degree

Earn a degree from world-class universities - 100% online

Join over 3,400 global companies that choose Coursera for Business

Upskill your employees to excel in the digital economy

Frequently asked questions