Part 1: Research Incident Response Plans Note: In this part of the lab, you will research incident response teams to form a basis for their purpose and usage. Understanding the reason behind an incident response team is key to understanding the related policies and procedures.
Note: It is impossible to know at the beginning of any incident whether the case might become a court case. A good incident response team should approach every incident assuming that evidence documentation is required.
Part 2: Create an Incident Response Policy (0/7 completed)Note: There are many types of incident response plans. Remember that a plan is different from a policy. A policy is a high-level document that describes the organization’s stance on the particular topic and how it will comply with related governance and laws. A plan, on the other hand, is how the policy will be executed. An incident response plan should be generic enough to cover a variety of scenarios but also specific enough that an organization can quickly mobilize during an incident. Names of specific people should never be used in an incident response plan. Rather, roles and titles should define who is responsible for what portion(s) of the plan.
Note: When responding to an incident, remember who the provider of information is and who the consumer is. Senior management approves the response policy and budget, but it does not possess the subject matter expertise to handle the incident. Meanwhile, the incident response team should make only recommendations to management, not make decisions that might impact business. It is up to senior management to either give or deny approval.
Management remains the consumer and chief decider, based on information provided to it by the experts.
Insert policy verbiage here.
Insert the policy’s purpose as well as its objectives; use a bulleted list for the policy definition. Define the incident response team members and the authorization and authority granted to them during a crisis or while securing an incident situation.
Define this policy’s scope and whom it covers. What elements, IT assets, or organization-owned assets are within the scope of this policy? What access and authority are granted to the incident response team members that may be outside of standard protocol?
Does this policy point to any hardware, software, or configuration standards? If so, list them here and explain the relationship of this policy to these standards
Explain how you intend to implement this policy across the organization. Also, define and incorporate the six-step incident response approach here along with how the chain of custody must be maintained throughout any evidence collection process.
Explain any roadblocks or implementation issues that you must address in this section and how you will overcome them per defined policy guidelines.
Challenge Exercise Note: The following challenge exercise is provided to allow independent, unguided work – similar to what you will encounter in a real situation.
Having an incident response plan is a great first step. However, if the plan is never tested, it likely will not work in a scenario when needed. One way to test an incident response plan is to execute a tabletop exercise. During a tabletop exercise, a probable scenario is created, and all incident response team members are required to meet and discuss the scenario. The purpose of the exercise is to see which parts of the plan work well and which parts fail. Once the exercise has been completed, the incident response team (along with policy and plan writers and other stakeholders) meet to update the plan as necessary.
As the CISO and leader of the organization’s incident response team, you are required to hold an annual tabletop exercise involving the incident response team. Before the exercise can begin, you must complete the following tasks:
Identify and define an incident scenario for Bankwise Credit Union. The incident must involve some type of cybersecurity issue.
Create a brief abstract of the scenario to be approved by C-level executives.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more