Business Continuity And Disaster Recovery Caseincident Response Planni ✓ Solved

Business Continuity and Disaster Recovery-Case Incident Response Planning Incident response planning deals with the identification of, classification of, and response to an incident. Attacks are only classified as incidents if they are directed against an information asset; have a realistic chance of success; or could threaten the confidentiality, integrity, or availability of information resources. Incident response (IR) is the set of activities taken to plan for, detect, and correct the impact of an incident on information resources. IR consists of the planning, detection, reaction, and recovery. Planning for an incident requires a detailed understanding of the scenarios developed for business continuity.

Predefined responses enable the organization to react quickly and effectively to the detected incident. The IR team consists of those individuals who must be present to handle the systems and functional areas that can minimize the impact of an incident as it takes place. The designated IR teams act to verify the threat, determine the appropriate response, and coordinate the actions necessary to deal with the situation. Incident Detection Individuals sometimes notify systems administrators, security administrators, or their managers of an unusual occurrence. The most common occurrence is a complaint about technology support, which is often delivered to the help desk.

The mechanisms that could potentially detect an incident include host-based and network-based intrusion detection systems, virus detection software, systems administrators, and even end users. Only by carefully training the user, the help desk, and all security personnel on the analysis and identification of attacks can the organization hope to quickly identify and classify an incident. Once an attack is properly identified, the organization can effectively execute the corresponding procedures from the IR plan. Incident classification is the process of examining a potential incident, or incident candidate, and determining whether the candidate constitutes an actual incident. Possible indicators of incidents are presence of unfamiliar files, presence or execution of unknown programs or processes, unusual consumption of computing resources, unusual system crashes, activities at unexpected times, presence of new accounts, reported attacks, etc.

Incident reaction consists of actions outlined in the IR plan that guide the organization in attempting to stop the incident, mitigate the impact of the incident, and provide information for recovery from the incident. In reacting to the incident, there are actions that must occur quickly, including notification of key personnel and documentation of the incident. Most organizations maintain alert rosters for emergencies. An alert roster contains contact information for the individuals who should be notified in an incident. There are two types of alert rosters: sequential and hierarchical.

A sequential roster is activated as a contact person calls each and every person on the roster. A hierarchical roster is activated as the first person calls a few other people on the roster, who, in turn, call a few other people, and so on. The incident is documented as an incident to ensure that the event is recorded for the organization’s records in order to know what happened, how it happened, and what actions were taken. A critical component of incident reaction is to stop the incident or contain its scope or impact. Before an incident can be contained, the affected areas of the information and information systems must be determined.

In general, incident containment strategies focus on two tasks: stopping the incident and recovering control of the systems. The organization can stop the incident and attempt to recover control through different strategies. If the incident originates outside the organization, the simplest and most straightforward approach is to cut the affected circuits. Compromised accounts or server(s) should be disabled. Only as a last resort should there be a full stop of all computers and network devices in the organization.

The bottom line is that containment consists of isolating the channels, processes, services, or computers and removing the losses from that source of the incident. To recover from the incident, people must stay focused on the task ahead and make sure that necessary personnel begin recovery operations as per the IR plan. Incident damage assessment determines the scope of the breach of the confidentiality, integrity, and availability of information and information assets during or just after an incident. Related to the task of incident damage assessment is the field of computer forensics. Computer forensics is the process of collecting, analyzing, and preserving computer-related evidence.

Evidence is a physical object or documented information that proves an action that has occurred or identifies the intent of a perpetrator. Computer evidence must be carefully collected, documented, and maintained to be acceptable in formal or informal proceedings. Case Assignment Assume that you have been tasked by your employer to develop an incident response plan. Create a list of stakeholders for the IR planning committee. For each type of stakeholder, provide the reasons for inclusion and the unique aspects or vision that you believe each of these stakeholders will bring to the committee.

1. Incident Response Plan Template – The Essential Elements: 2. Incident response planning: Are you ready for the Big One? Assignment Expectations After reviewing the above materials or other materials you find helpful, write a 4 to 5 page paper describing the stakeholders on the IR planning committee. Provide a detailed discussion for the skills needed for each of these members of the IR planning committee and why these skills are needed to have a successful IR plan.

Background Readings: NIST (2012), Computer Security Incident Handling Guide (Draft), National Institute of Standards and Technology Special Report 800-61 . Shannon, M. (2016). CISA: Business continuity planning process and policy. Skillsoft Ireland Limited. 109472, Video.

Available in the Trident Online Library. Thejendra, B.S. (2014). Disaster recovery and business continuity: A quick guide for organizations and business managers, 3rd edition. IT Goverance. Chpt 2-4.

ISBN:. Books 24/7 Version. Available in the Trident Online Library. Wallace, M. and Webber, L. (2018). The disaster recovery handbook: A step-by-step to ensure business continuity and protect vital operations, facilities, and assets, 3rd edition.

AMACOM. ISBN:, Chapters 5 -11. Books 24/7 Version. Available in the Trident Online Library. Case Study: Healing and Autonomy Mike and Joanne are the parents of James and Samuel, identical twins born 8 years ago.

James is currently suffering from acute glomerulonephritis, kidney failure. James was originally brought into the hospital for complications associated with a strep throat infection. The spread of the A streptococcus infection led to the subsequent kidney failure. James’s condition was acute enough to warrant immediate treatment. Usually cases of acute glomerulonephritis caused by strep infection tend to improve on their own or with an antibiotic.

However, James also had elevated blood pressure and enough fluid buildup that required temporary dialysis to relieve. The attending physician suggested immediate dialysis. After some time of discussion with Joanne, Mike informs the physician that they are going to forego the dialysis and place their faith in God. Mike and Joanne had been moved by a sermon their pastor had given a week ago, and also had witnessed a close friend regain mobility when she was prayed over at a healing service after a serious stroke. They thought it more prudent to take James immediately to a faith healing service instead of putting James through multiple rounds of dialysis.

Yet, Mike and Joanne agreed to return to the hospital after the faith healing services later in the week, and in hopes that James would be healed by then. Two days later the family returned and was forced to place James on dialysis, as his condition had deteriorated. Mike felt perplexed and tormented by his decision to not treat James earlier. Had he not enough faith? Was God punishing him or James?

To make matters worse, James's kidneys had deteriorated such that his dialysis was now not a temporary matter and was in need of a kidney transplant. Crushed and desperate, Mike and Joanne immediately offered to donate one of their own kidneys to James, but they were not compatible donors. Over the next few weeks, amidst daily rounds of dialysis, some of their close friends and church members also offered to donate a kidney to James. However, none of them were tissue matches. James’s nephrologist called to schedule a private appointment with Mike and Joanne.

James was stable, given the regular dialysis, but would require a kidney transplant within the year. Given the desperate situation, the nephrologist informed Mike and Joanne of a donor that was an ideal tissue match, but as of yet had not been considered—James’s brother Samuel. Mike vacillates and struggles to decide whether he should have his other son Samuel lose a kidney or perhaps wait for God to do a miracle this time around. Perhaps this is where the real testing of his faith will come in? Mike reasons, “This time around it is a matter of life and death.

What could require greater faith than that?†© 2020. Grand Canyon University. All Rights Reserved. Applying the Four Principles: Case Study Part 1: Chart (60 points) Based on the “Healing and Autonomy†case study, fill out all the relevant boxes below. Provide the information by means of bullet points or a well-structured paragraph in the box.

Gather as much data as possible. Medical Indications Beneficence and Nonmaleficence Patient Preferences Autonomy Quality of Life Beneficence, Nonmaleficence, Autonomy Contextual Features Justice and Fairness ©2020. Grand Canyon University. All Rights Reserved. Part 2: Evaluation Answer each of the following questions about how the four principles and four boxes approach would be applied: 1.

In words answer the following: According to the Christian worldview, how would each of the principles be specified and weighted in this case? Explain why. (45 points) 2. In words answer the following: According to the Christian worldview, how might a Christian balance each of the four principles in this case? Explain why. (45 points) References:

Paper for above instructions

Developing an Incident Response Plan: Stakeholders and Their Roles

Introduction

In today's digital landscape, the significance of developing a robust incident response (IR) plan cannot be overstated. An IR plan is essential for mitigating the impact of incidents on information resources, thereby ensuring business continuity. The plan comprises several stakeholders, each with unique contributions to enhance the organization's readiness against unforeseen incidents and disasters. This paper identifies key stakeholders for an incident response planning committee while discussing their roles, skills needed, and how these elements contribute to an effective IR plan.

Stakeholders in the IR Planning Committee

1. Chief Information Officer (CIO)
- Inclusion Reason: The CIO oversees the information technology (IT) strategy and ensures alignment with organizational goals. They play a vital role in resource allocation for incident response.
- Skills Needed: Strategic thinking, risk management, and technological expertise.
- Contribution: The CIO can integrate the IR plan with the broader business strategy, ensuring that it supports organizational objectives (Bocij, Greasley, & Hickie, 2015).
2. Information Security Officer (ISO)
- Inclusion Reason: The ISO is responsible for managing and implementing an organization's information security policies, ensuring that the IR plan adheres to best practices and compliance standards.
- Skills Needed: Strong knowledge of cybersecurity threats, risk assessment capabilities, and incident handling.
- Contribution: The ISO’s expertise will guide the development of effective detection, prevention, and response measures (NIST, 2012).
3. Legal Representative
- Inclusion Reason: Legal counsel ensures that the IR plan complies with regulations and laws governing data protection and privacy (Reed & Hinton, 2019).
- Skills Needed: Knowledge of cybersecurity laws, corporate governance, and risk assessment.
- Contribution: The legal representative will guide the committee on potential liabilities and regulations, ensuring that the incident response procedures are legally robust (Shannon, 2016).
4. IT Operations Manager
- Inclusion Reason: This person oversees the IT infrastructure and operations, playing a critical role in identifying and classifying incidents.
- Skills Needed: Technical proficiency in systems and networks, problem-solving abilities, and experience in systems recovery.
- Contribution: The IT Operations Manager brings firsthand knowledge of the technical environment, which is crucial for implementing response and recovery efforts (Thejendra, 2014).
5. Human Resources Representative
- Inclusion Reason: Human resources play a critical role in managing the organizational culture, especially during an incident that involves personnel actions.
- Skills Needed: Conflict resolution, communication, and understanding of workforce management.
- Contribution: HR can help communicate effectively with employees during an incident and manage any personnel-related issues that arise (Wallace & Webber, 2018).
6. Public Relations Officer
- Inclusion Reason: Effective incident response often involves communication with the public and stakeholders to manage reputational risk.
- Skills Needed: Media relations, communication strategies, and crisis management.
- Contribution: The PR Officer ensures that accurate and timely information is disseminated, minimizing damage to the organization’s reputation (Bocij et al., 2015).
7. Business Continuity Manager
- Inclusion Reason: This individual ensures that the incident response plan integrates seamlessly with the broader business continuity plan.
- Skills Needed: Strategic planning, project management, and risk assessment.
- Contribution: The Business Continuity Manager will provide insights into ensuring that critical business operations continue during and after an incident (Thejendra, 2014).
8. IT Security Analyst
- Inclusion Reason: On-the-ground specialists who monitor systems and analyze potential security incidents.
- Skills Needed: Intrusion detection, forensic analysis, and quick analytical skills.
- Contribution: The IT Security Analyst helps in the initial detection and classification of incidents, which is critical for timely response (NIST, 2012).
9. Incident Response Team Leader
- Inclusion Reason: A dedicated individual who leads on-the-ground activities when an incident occurs.
- Skills Needed: Leadership, crisis management, and technical expertise.
- Contribution: The team leader coordinates the execution of the IR plan, ensuring that all stakeholders fulfill their roles (Wallace & Webber, 2018).
10. Data Management Officer
- Inclusion Reason: Responsible for maintaining data integrity and security across the organization.
- Skills Needed: Data protection regulations, quality control, and data governance.
- Contribution: This stakeholder's input is crucial for ensuring data recovery processes are comprehensive and reliable (Shannon, 2016).

Conclusion

The formation of an incident response planning committee entails including a diverse group of stakeholders, each representing unique insights and skills crucial for the plan's success. Effective incident response requires collaboration across various sectors of the organization, emphasizing not only technical measures but also legal, operational, and reputational considerations. An understanding of the unique perspectives each stakeholder brings will help create a comprehensive IR plan capable of responding adeptly to incidents while safeguarding the organization's interests.

References

1. Bocij, P., Greasley, A., & Hickie, S. (2015). Business Information Systems: Technology, Development and Management. Pearson.
2. NIST. (2012). Computer Security Incident Handling Guide (Draft), National Institute of Standards and Technology Special Report 800-61.
3. Reed, C., & Hinton, R. (2019). Cybersecurity Law and Guidance: A Practical Guide. Wiley.
4. Shannon, M. (2016). CISA: Business continuity planning process and policy. Skillsoft Ireland Limited.
5. Thejendra, B.S. (2014). Disaster Recovery and Business Continuity: A Quick Guide for Organizations and Business Managers (3rd ed.). IT Governance Publishing.
6. Wallace, M., & Webber, L. (2018). The Disaster Recovery Handbook: A Step-by-Step Approach to Ensure Business Continuity and Protect Vital Operations, Facilities, and Assets (3rd ed.). AMACOM.
7. ISACA. (2020). Guide to developing a business continuity plan. ISACA Journal.
8. FISMA Implementation Project. (2020). Federal Information Security Modernization Act. Department of Homeland Security.
9. Stoneburner, G., Goguen, A., & Feringa, A. (2002). Risk Management Guide for Information Technology Systems. NIST Special Publication 800-30.
10. CISCO. (2020). Cybersecurity & Privacy: An evolving challenge. Retrieved from https://www.cisco.com/c/en/us/products/security/cyber-security-white-paper-listing.html.