In cyber security, incident management is the process of monitoring and detecting events related to security on a computer network and initiating appropriate responses. Essentially, the primary purpose of incident management is to develop clear responses to events that could result in disasters such as remote intrusions. The incident response process detects and evaluates threats and determines their severity, before following the pre- determined incident response plan. In case of incidents that cannot be contained or resolved, other aspects of the contingency plan are implemented, as stipulated the plan. According to Whitman, Mattord, and Green (2013), the incident response process comprises of several stages, which include preparation, detection and analysis, containment, eradication, and recovery, and post- incident activity. This process is crucial in ensuring that the integrity of a network is maintained.
One of the crucial portions of the incident response process is determining the steps that are taken during, after, and prior to the occurrence of an incident. The incident response plan team typically considers every attack scenario and determines the steps. After all feasible attack scenarios are assessed by the incident response team, the team focuses on the steps that should be taken to react to an incident. In all attacks, there is always a trigger, which is caused by a wide range of issues. Some common triggers include loss of connectivity in the network, device malfunctions, complaints from users, notification from an unrecognized device on the network, or unusual traffic in the network (Whitman, Mattord &Green, 2013). Essentially, such triggers let the systems administrator know there is an anomaly in the network that could be an incident.
Notably, upon the occurrence of an incident, it is imperative to react swiftly with a clear plan of action. It is typically up to the incident response duty officer to determine what aspect of the incident response plan to implement. It is also important to note that different attacks require employees with different skills sets. For instance, the skills required to tackle a DDoS attack may not the same, as those need to handle a network virus (Whitman, Mattord & Green, 2013). When an incident occurs, the reaction processes should be preceded by a clear determination of a plan of action. For instance, in the event of a virus on the network, the first step would be to check the logs, virus scanners, as well as other systems designed to monitor unusual activity (Thompson, 2018). The next step would be to ascertain the scope of the infestation by checking all devices on the network and placing the infected ones under quarantine.
Part of planning for incidents involves knowing ones enemy by identifying an organizations assets, weaknesses, and vulnerabilities. This means that one must examine and understand the threats that pose a risk to the organization (Thompson, 2018). In doing so, the organization can identify possible controls, safeguards, and most importantly, countermeasures that would reduce the risk posed by various threats. Some of the measures that a company can implement include providing additional security training to employees, awareness programs, and investing in security technologies such as advanced virus scanners and firewalls (Whitman, Mattord &Green, 2013). In some cases, an organization may terminate an asset by removing it from a risky environment. This is often the case if the cost of protecting the asset exceeds the value of the asset.
What are some of the scenarios where the cost of protecting an asset may not be justified by its value to an organization?
You can get our ideal online homework help services with four easy steps. All you have to do is inform us of your requirements. Immediately we will match with a specialist in your academic discipline. After that, we will track your order, review it to ensure it meets your requirements, and submit it to your email.
Fill in your assignment instructions on the order form
Immediately you contact us for homework help; we will assign your assignment to an academic expert.
We have a team of editors, who will thoroughly review your assignment, ensuring there are no errors before submission
Once we have completed the assignment, we will deliver it to your account. Additionally, we will send a notification to your email.
Once you consult us for homework help online services, you will attest to why we are among the USA's best essay writing services.
Read on and find out some of the features that make our services superlative.
You can confirm that the content you get is original for free using our plagiarism checker.
We offer unlimited access to our essay homework samples.
Once you place an order, we format it accordingly without demanding additional charges.
We offer free unlimited revisions until your assignment is of your desired quality..
We have a team of specialized editors who review your assignment before submission.
You can track the progress of your homework for free.