No matter how well your data is protected, eventually there will be a breach of security or a natural disaster. It could be the result of a human error. It could be the result of a configuration error. It could be the result of an operating system vulnerability or a host of problems outside your control. No information security program is perfect. What is certain is that at some point, most organizations will have to respond to a security incident.
Respond
In a minimum of 1000 words, write an APA formatted paper addressing the following questions:
Who makes up an incident response team (IRT)?
What are business impact analysis (BIA) policies?
7/13/2019 Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=99c778e3-0c80-45ae-af5a-c409bdfd1b7… 1/3
%19
%4
%1
SafeAssign Originality Report Summer 2019 – Operations Security (ISOL-631-20) (ISOL-631-21) – Co… • Research Assignment (IRT)
%24Total Score: Medium risk Venkata Satya Phaneendra Dhanyamraju
Submission UUID: 71a4bfde-0f95-a8ca-4bb1-af89d4c645d8
Total Number of Reports
1 Highest Match
24 % Assignment_Venkat.docx
Average Match
24 % Submitted on
07/13/19 06:20 PM EDT
Average Word Count
963 Highest: Assignment_Venkat.docx
%24Attachment 1
Institutional database (5)
Student paper Student paper Student paper
Student paper Student paper
Global database (1)
Student paper
Internet (1)
techtarget
Top sources (3)
Excluded sources (0)
View Originality Report – Old Design
Word Count: 963 Assignment_Venkat.docx
1 5 7
2 4
3
6
1 Student paper 3 Student paper 5 Student paperhttps://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport?attemptId=99c778e3-0c80-45ae-af5a-c409bdfd1b74&course_id=_109679_1&download=true&includeDeleted=true&print=true&force=true
7/13/2019 Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=99c778e3-0c80-45ae-af5a-c409bdfd1b7… 2/3
Source Matches (10)
Student paper 82%
To analyze the security breaches and to take any change to measure, an IT team is responsible. The IR team must have: The manager of incident response: The
role of incident response manager is to prioritizes and oversee the action through the containment, analysis and detection of a particular incident. They have the responsibility to convey the high severity incident to the organization. He may also convey about the high severity incident requirement. The analysts of security:
The manager will support the security analysts’ team which may work with the affected network to work directly to the detail, location and time of an incident. There are many types of analysts that are: The triage analyst may watch the potential intrusion and filter out the false positives. The forensic analyst may maintain the integrity and recover key artifact to ensure the investigation of sound. The researcher of threat: They may complement the analysts of security to provide the
context for an incident and to provide the threat intelligence. They may identify and combine the internet intelligence which is externally reported. They
have also maintained and build an internal intelligence database to combine the information with the company records. The team of incident response should have the responsibility to address the threats of security. All employee and administrators may ensure that the emergency procedure may run easily. During an incident, each organization area has several responsibilities which are as follows: The HR: It may be called upon as the employee is involved in a particular incident. The management: The manager must buy-in the essential funding, resources, time commitment, funding for execution of incident response plan. The specialists of audit and risk management: These specialists will help to reduce the vulnerability assessments and to develop the threat metrices to encourage several practices in the organization. The general council: It may ensure that there is any evidence which must be maintain in the event for its forensic value as the company may choose to take the action. The company may also give advices which is related to liability issue as the incident occur and affect the general public, vendor or customer. The public relation: In public relation, we will communicate with the team leader and will ensure that it is any issue which is communicated to press and the stockholders.
During a particular incident, a communication must be conducted which will protect the information confidentiality. The manager of incident response must be
at the central point of all the communication as regard to detail of key incident, procedure, adversary tactics and compromise indicators. To secure the communication, a manager must avoid tipping them. Your team of incident response must be armed as they may need to aim for the incident. We will also analyze several factors to internal armor which would help everyone or team to be empower in the disaster worst case scenario. BUISNESS IMPACT ANALYSIS
The BIA is a process of systematic to evaluate and determine the interruption effect to critical operations of business which is may work as accident or disaster. It is an organization essential component for the continuance of business plan. It may also include the exploratory component which will reveal the planning component and vulnerability to develop the enhanced strategy to minimize the risk. The analysis of business may describe the risk which is related to every organization. The primary assumption in business impact analysis is that every organization component is rely on the other component functionality. There are several crucial which may require several allocations of value to recover in the disaster recovery plan. For instance, a particular business may continue if the cafeteria may close. The business impact analysis is the process of multi-phase which include: · To gather the information. · To evaluate the information which is collected. · To prepare a report to analyze the findings. · To present the outcome to the manager. To outsource the business impact analysis, an organization may include and elect the external and internal staff on the team for project. A survey is developed which will identify the processes of business, relationship, resources and other type of information which is important to assess the disruptive event. A session must be discussed with the business knowledge for key personnel. The information could be gathered in many ways which may include the automated survey and interview. The business impact analysis aim is to analyze the system, business function and the technology and the resources of staff which is needed for several operation which will run at the same time with optimally. It may also function and may recovered to restore the operation to a normal state of working. This type of analysis must be computer assisted or manual. There are several difficulties which may include the business function revenue which may quantify the customer, market share and business image impact.
1
1
1
2 1
3
It may also create an impact which will consider the increased expenses of labor, income or sales, contractual penalties, regulatory fines and dissatisfaction of customer. The analysis of business impact may include the information to gather the data, executive summary and the analysis on the functional diagram, chart and area which will illustrate the recommendation and losses to recover. This researched may also prioritized the most essential function of business which may examine the business impact and interruption, regulatory and legal requirement. Detail downtime acceptable level which may list the RPO an RTO. It may order several activities to restore every business. REFERENCES
At&T business (2018) Arming & Aiming Your Incident Response Team
Searchdisasterrecovery (2019) A business impact analysis checklist: 10 common BIA mistakes
4
5
6
7
1
Student paper
The manager of incident response: The role of incident response manager is to prioritizes and oversee the action through the containment, analysis and detection of a particular incident.
Original source
Incident Response Manager The incident response manager oversees and prioritizes actions during the detection, analysis, and containment of an incident
7/13/2019 Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=99c778e3-0c80-45ae-af5a-c409bdfd1b7… 3/3
Student paper 69%
Student paper 71%
Student paper 63%
Student paper 64%
Student paper 67%
Student paper 68%
Student paper 100%
techtarget 88%
Student paper 100%
1
Student paper
The manager will support the security analysts’ team which may work with the affected network to work directly to the detail, location and time of an incident. There are many types of analysts that are: The triage analyst may watch the potential intrusion and filter out the false positives. The forensic analyst may maintain the integrity and recover key artifact to ensure the investigation of sound.
Original source
The manager is supported by a team of security analysts that work directly with the affected network to research the time, location, and details of an incident There are two types of analysts Filter out false positives and watch for potential intrusions Recover key artifacts and maintain integrity of evidence to ensure a forensically sound investigation
1
Student paper
They may complement the analysts of security to provide the context for an incident and to provide the threat intelligence.
Original source
Threat researchers complement security analysts by providing threat intelligence and context for an incident
2
Student paper
They may identify and combine the internet intelligence which is externally reported.
Original source
By using checking the internet they can identify externally reported intelligence
1
Student paper
They have also maintained and build an internal intelligence database to combine the information with the company records.
Original source
Combining this information with company records of previous incidents, they build and maintain a database of internal intelligence
3
Student paper
The manager of incident response must be at the central point of all the communication as regard to detail of key incident, procedure, adversary tactics and compromise indicators.
Original source
The incident response manager must be the central point of any and all communication, and only individuals with a legitimate need-to-know should be involved in communications concerning key incident details, indicators of compromise, adversary tactics, and procedures
4
Student paper
At&T business (2018) Arming & Aiming Your Incident Response Team
Original source
Arming & Aiming Your Incident Response Team [Blog post]
5
Student paper
https://www.alienvault.com/resource- center/ebook/insider-guide-to-incident- response/arming-your-incident- response-team
Original source
https://www.alienvault.com/resource- center/ebook/insider-guide-to-incident- response/arming-your-incident- response-team
6
Student paper
Searchdisasterrecovery (2019) A business impact analysis checklist: 10 common BIA mistakes
Original source
A business impact analysis checklist 10 common BIA mistakes
7
Student paper
https://searchdisasterrecovery.techtarget .com/feature/A-business-impact-analysis- checklist-10-common-BIA-mistakes
Original source
https://searchdisasterrecovery.techtarget .com/feature/A-business-impact-analysis- checklist-10-common-BIA-mistakes