IncidentResponseIRStrategicDecisions Essay

Sadly, there is no way to alleviate the numerous amounts of threats that haunt networks and computers worldwide. The foundation and framework for choosing and implementing countermeasures against them are very important. A written policy is vital in helping to insure that everyone within the organization understands and behaves in an appropriate manner with regards to the fact that sensitive data and the security of software should be kept safe.

During this course there have been a number of key learning points that would help every organization protect itself from a cyber-event. These include password management, patch management, security policies, encryption, and user training. In each of the cyber security breaches one or more of these standard security protocols were not used.

Stallings, W., & Brown, L. (2012) Computer security: Principles and practice (2nd ed.). Boston, MA: Pearson.

Firstly, Disaster Recovery, this is a procedure that needs to be implemented in the case an accident occurs within an organisation that may result in the loss of data, for example fire/ water damage. This is when a plan needs to be applied to allow the recovery of data; an example of this could be recovering the backup files, installing new equipment and uploading the backup on the new network. For this to be effective this recovery policy relies on backups to be done regularly, otherwise recovery would not be eligible. The disaster recovery policy is highly beneficial and important as it saves not only the organisation but their money and reputation.

Incident information disclosure is an important, circuitous concern that requires acceptable centralized procedures in place to facilitate incident response processes and do not cause more harm for the organization and its audiences. Keeping information and operations secured, appropriately is of basic importance for any organization, which becomes the assignment of cyber

After identification of vulnerable areas that can easily be affected, secondly, I would lay and develop a strategic plan on preparedness including the communication of terror threat, then proceed to risk

After the business continuity plan is completed Incident Response (IR) planning and incident response plan should be performed and established. An incident response plan is “a detailed set of processes and procedures that anticipate, detect, and mitigate the effects of an unexpected event that might compromise information resources and assets.” (Whitman) This is done by first forming an IR committee, establishing an IR policy that integrates the business impact analysis into the incident response plan.

According to the article, How to Successfully Implement a Disaster Recovery Plan on ameinfo.com, “most major organizations are running critical enterprise applications such as Enterprise Resource Planning (ERP), Supply Chain Management (SCM), and Customer Relationship Management (CRM). These applications are integrated across the enterprise to such an extent that they touch everyone from employees and customers to suppliers and partners, and they are the backbone and life-blood of the organization” (ameinfo.com, 2003). Implementing a good disaster recovery plan is highly imperative to ensure business continuity. However, one of the biggest challenges is convincing business leaders to recognize the need and fund the change. An organization should be prepared for all forms of disasters and catastrophes and have a disaster recovery plan in place that will allow the system should function normally under any of these circumstances. This alone will provide a huge competitive advantage and allow the organization to remain functional during potential down times. Natural or any other form of disaster is something that cannot be predicted and the company should be well prepared to deal with any untoward incidents. Any business utilizing IT systems should have proper backup and restoration methods to reset the system in case of emergencies.

Provision of services can be disrupted in the event of systems failure, compromised security or other advanced technologies. However, the result in downtime and resources can be minimized following a disaster recovery plan (DRP), effective immediately. To achieve this, policies and procedures must be formally established and reviewed periodically, beginning with the current ‘binder(s)’. The recent compromise, exposed the company to great risk, and furthermore, exploited existing vulnerabilities. Nevertheless, it is recommended, all current documentation be given an update of “no less than once every three years” (GFOA 2010, p. 1). A team or committee should be assembled in the case of emergency. In this manner, iPremier will be able to effectively engage in response to unforeseen circumstances. It is clear no formal communications were established much less responsibility were properly assigned while an attack was underway. The GFOA (2010) suggests as a minimum requirement, a (DRP) should outline the responsibilities of team members who are current and in contact. Ross (2010) agrees with this practice, suggesting the existence of (DRP)’s have proper trained staff with specified roles for emergencies.

The risks that face an organization are going to always be present. However, an incident response plan outlines procedures for handling security incidents that occur within the organization and for correcting and documenting the security issue in a timely manner. The incident response team is trained to effectively implement the incident response plan. By containing an attack, and limiting the amount of time that an attack is allowed to continue, further risks to the organization can be mitigated.

Disaster Recovery Planning is the critical factor that can prevent headaches or nightmares experienced by an organization in times of disaster. Having a disaster recovery plan marks the difference between organizations that can successfully manage crises with minimal cost, effort and with maximum speed, and those organizations that cannot. By having back-up plans, not only for equipment and network recovery, but also detailed disaster recovery plans that precisely outline what steps each person involved in recovery efforts should undertake, an organization can improve their recovery time and minimize the disrupted time for their normal business functions. Thus it is essential that disaster recovery plans are carefully laid

In an event of intrusion or security disaster, a security audit must be put into action immediately to avoid further damages. The first thing to conduct is to confirm that a security breach or

Developing the skills required to ensure best practice in the Information Technology world starts here and now. Cyber-criminals, hackers, pentesters, corporate espionage, and disgruntled employees are everyday annoyances IT professionals will find themselves devoting massive amounts of time to, while maintaining their respective networks' functionality for legitimate users. The field covers all the processes and mechanisms by which computer-based equipment, information are protected from unintended or unauthorized access, modification or removal. Computer security is a critical part of technology as it grows in our daily lives.

For current policy vulnerability, centers around the upkeep of the company’s software maintenance plan. The attack vector for this vulnerability occurs by using latest technology to attack outdated security settings that provide hackers the chance to access corporate data via a less secure point and lead to the loss or corruption of existing data, or system impacts such as crashes or slow downs. To thwart this attack, best practices focus on the formation of a hierarchical cyber security policy that covers today's threats (Grimes, 2017), and use of the latest technology to attack outdated security settings, and provide a formal guide for cyber security and allow staffs and security specialist to cooperate on best corporate practices. This mitigation plan include the development of the cyber security policy and the policy execution support will require support at the upper management level to tie in with corporate vision.

Over many years most computer users have been familiar with computer viruses and other major threats to the computing environments. Even individuals who don’t know much about computers has seem a common computer virus or learn about a computer threat through friends, family and even TV shows such as Mr. Robot. Also, the news and other information sources has covered threats related to computer threats to harm folks. Like when Target and Sony was hacked in recent years and the hackers was about to acquire people information and steal money. There is no hesitation that companies and our culture is very concerned of the potential risk of these threats and computers viruses taking a huge toll on the computer environment.