An incidence is an unusual condition that may hinder a business organization from performing its day to day activities. In the current day and age, all companies are moving towards more technologized platforms that make their operations faster and more efficient. However, the internet has also its negative sides as hackers continue to discover ways they can use to intimidate companies, reduce the competitiveness or remove them from business completely. Nevertheless, companies that continuously anticipate these attacks and many more including virus attacks may stand a chance in reducing damages or completely preventing the attack. Organizations can achieve this by ensuring they have a well-prepared response plan that can enable an emergency team to conduct its recovery operations competently. This paper aims to explore the strengths and weaknesses of an incidence response plan template developed for one middle-sized company, and how useful it would be to an organization forming a CSIRT.
The document consists of four sections that explain the series of steps involved with the preparation, identification, containment to the eradication of the attacking factors and, recovery of the business and its normal operations. It would be crucial for the company that the plan covers the scope of events in which the organized response would be applicable. The template covers from loss of utility service like the internet or computer systems, disease breakouts and also natural disasters. This outline allows the stakeholders involved to know when and how to apply the carefully documented responses to the probable scenarios. It also mentions the several impacts that an occurrence might have on the business. For instance, the loss of a technology facility, in case of recovery may cause the need for new equipment, loss of data and high risk for a shutdown. This segment provides a well thought out logical sequence from the identification of abnormal conditions to declaration and recovery. However, it also mentions the exclusions; the document does not provide for a recovery strategy that involves other facilities other than the involved firm. It is crucial that a company and its staff know how to handle scenarios that begin from an external source, as they may grow to interfere with the facility’s internal functionalities (Sharma, 2019). Therefore, the firm creating a CSIRT may see the need to include the actions against such a scenario.
The second section provides an elaborate framework of notification and declaration procedures. It gives recommendations of the protocols that should be I use in case of an incident. Other forms of communication may be the same platforms compromised and sued by attackers in case of a hack, where individuals may want to steal, destroy, decrypt or corrupt company data. The segment also mentions assembly points that are essential in the event of a fire or building collapse, or, any other warranting event. The last point shows outlines the specific executives authorized to declare disasters and initiate recovery options. All company forming CSIRT will find this section, as it outlines methods of communications and the particular people who can authenticate the truthfulness and extent of any issues threat.
The last section provides the critical personnel and vendor contacts to ensure that any individual who spots an unusual event knows who to contact and how to ensure they reach them in a careful, efficient and confidential manner to reduce panic and increase the chances of a successful response. All actions appropriate for every event mentioned in the scope of the plan is available here. Also, the project documents the roles of all emergency officers to ensure that all personnel, leaders and the incidence team do not get confused at any instance. This template proves to include all the vital details needed for a company to successful avert an attack or, adequately reduce the impact of any attack, either biological, physical or technological. However, it may prove difficult for some personnel to follow as it may include too many details(Whitman Mattord& Green, 2013). An elaborate, concise and straight to the point plan will be significant in ensuring all persons involved understand their roles in the incidence response and recovery plan.
References
Sharma, A. (2019). Incident response template for effective incident response planning. Retrieved from https://www.computerweekly.com/tip/Incident-response-template-for-effective-incident-response-planning
Whitman, M. E., Mattord, H. J., & Green, A. (2013). Principles of incident response and disaster recovery. Cengage Learning.
Do you need high quality Custom Essay Writing Services?