Reference no: EM133557663
Assignment: Cyber Security
Introduction
It is important for your incident response strategy to meet the requirements of your organizational context. Write a short introduction summarizing your type of organization, and an overview of the business-critical assets your organization relies on. You can use the information you provided in Module 3's ongoing project, or Module 5's online activity submission.
Step I: Prevention
Describe the measures your organization will take to protect against a cyberattack from both a technical and non-technical perspective.
Step II: Planning
List the individuals involved in your incident response team and their roles. Ensure that the roles, responsibilities, and structure of your team meets the requirements of your organizational context.
A cyber crisis communication plan is compiled in this phase, but in this incident response plan, include your plan under Step 7: Communication.
Step III: Preparation
Section 2.3 in Unit 1's notes details a number of requirements in this step, including reporting mechanisms, the preparation of checklists and jump bags, and auditing procedures. However, for the purpose of this ongoing project, you are required to detail one training exercise the incident response team will undergo. Include specific examples of scenarios or questions, and explain why you have chosen it.
Step IV: Detection
List the tools your organization would use to detect a breach.
Step V: Analysis
Explain how your organization would analyze whether an incident is a cyberattack. Also describe how you would categorize and prioritize cyberattacks in your organization.
Step VI: Containment
Describe how your organization would prevent a cyberattack from spreading further.
Step VII: Communication
As per Section 4 of the Unit 2 notes, compile a cyber crisis communication plan detailing the internal and external stakeholders your organization would need to communicate to in the event of a breach. Describe what communication channels would be used to communicate with these stakeholders.
Step VIII: Eradication
Provide insight into the approaches and decisions the team will take to remove the threat from your organization's internal system.
Step IX: Recovery
Describe what steps your organization will take to return to its normal operations.
Step X: Post-event analysis
List the processes that would need to be followed to ensure that lessons learned are implemented.