Benchmark - Developing Contingency Strategies For Information System

3 something super confidential, then the losses will be heavy, we would lose an enormous amount of money, and reputation. However, the losses wouldn't be as severe if the assets were of less importance. the way of recovering everything. Next is to find where the system misconfigurations are, and patch them. Correctly configure each system configuration to ensure that the threat can no longer affect the company, and the crisis can be averted. Out-of-Date Software High The best way to recover out-of-date software is to update the software. The whole issue arose from software being out-of- date. The next thing to do is to configure each device to auto-update at a certain time of day. This way, the software is more likely to be up-to-date in the future. Of course, the employees will need to trained of this, and know what to do when the system needs to update. Weak Authorization Methods High The best way to recover from weak authorization credentials is to set up a multi-step process, and make it required to authenticate with more than just user credentials, like a username or password. The other authentication methods could be biometrics, smart-card, one time passwords via phone number or email, etc. Incident Response Plan (IRP) In this plan, we will describe the steps to take when a cyber incident occurs (due to one of our threats being exploited, such as weak credentials, or system misconfigurations). This plan will outline the roles and responsibilities of the security organization, going from users to CISO and our reporting guidelines. More so, this plan will articulate activities to mitigate possible or real time threats (key examples are system monitoring and incidence response). Alongside that, this plan will display workflow diagrams and event to resolution, explanation of the six stages of incident handling related to the company, escalation procedures, with an associated chart, a