In our digital age, an incident response plan is a must have for an organization to survive against the rising cases of cyber security breaches. In my organization, there is an incident response plan that is spearheaded by the head of information technology (Andrade et al., 2019). The plan is supported by the information technology together with a team that known as Computer Security Incidence Response Team. The team involves members from different sections such as the Marketing, human resource, procurement, sales etc. The CSIRT is further divided into small teams where each team is given an opportunity to deal with specific type of threat. For instance, the hardware team includes people from the maintenance department (Grispos et al., 2019). The software team comprises of workers from the information technology department.
Whenever an incident occurs it is first reported to the office of the head of IT. The head of IT alerts the CSIRT team and they immediately starts to assess the situation. After assessment, the head of the CSIRT can activate the plan depending on the severity of the situation (Andrade et al., 2019). When an incident response plan is activated, all the CSIRT members should avail themselves and each of them should fulfill his or her role. It is done in accordance to the rule and regulations set out in the plan. Some of the improvements I would like our IT department to consider include the following. The current response plan does not allow the members of the CSIRT to be much flexible in case of a disaster (Grispos et al., 2019).
The plan should allow users to be more innovative especially when they are responding to an incident. Also, the incident plan does not a good chain of command which creates loopholes which can be exploited by malicious people within the organization. The organization should improve its flow of command to avoid communication problems which are more dangerous during incident response.
I want one page explanation on above paragraph with 3 reference, your sentence must be start from, I like your post, I would like to add some more details on your discussion….
Look towards your own organization. How does it handle incidents?
My firm has an incident response team. Whenever any form of incident occurs, the IRT is the one in the frontline to deal with it. However, the IRT also depends on other teams and even the employees for incident response. Everyone has to play their part if we are to succeed in mitigating major incidents (Harsch, Idler & Thurner, 2014).
Do your organization have an incident response plan? Is it based on any industry standard(s)?
Yes, my firm has an incident response plan. It is based on NIST standards. My firm has made sure that all the components of an incident response plan that NIST recommends is present in the plan.
No incident response plan is without improvement, so what aspects of your organization’s incident response plan do you think needs improving?
The main aspect is about incident reporting. Before incidents can actually be dealt with they need to be reported. However, the process is not streamlined and there is no central application or service that is used to track reports. For this reason the IRT sometimes gets bombarded with similar requests to report incidents from employees all over the firm. This can be improved by developing an incident response system (Ab Rahman, & Choo, 2015)
Do you need high quality Custom Essay Writing Services?