cyber security

PLEASE take note of the expected word count for EACH section.  If you're not close to that word count, you're probably missing something – make sure you're developing your analysis well, providing detail, context and nuance.  Again, published word count is for a SATISFACTORY work.

If you aren't getting this by now, you're likely not getting the best grade…

1. Am I providing the level of detail required for this course?  Am I writing just to the provided word count (satisfactory baseline) or am I going over and above to ensure great detail and analysis?

2. Am I providing organizational context for every assignment, every section, every paper?  This is required.

3. Am I increasing my nuance each week – demonstrating that my competency is increasing?

Also – please read the instructions carefully and make sure you follow them.  And don't accidentally skip over the Introduction.  It is before step 1 – prevention.

Question

Each unit in this module explores one of the three crucial areas of cybersecurity management that need to be considered when developing an incident response plan. This ongoing project requires you to use the knowledge gained from each of the three units to formulate and complete the 10 steps of an incident response plan, as identified in the notes from Unit 1.

Introduction

It is important for your incident response strategy to meet the requirements of your organizational context. Write a short introduction summarizing your type of organization, and an overview of the business-critical assets your organization relies on. You can use the information you provided in Module 3’s ongoing project, or Module 5’s online activity submission.

(Write approximately 150 words)

Step 1: Prevention

Describe the measures your organization will take to protect against a cyberattack from both a technical and non-technical perspective.

(Write approximately 150 words)

Step 2: Planning

List the individuals involved in your incident response team and their roles. Ensure that the roles, responsibilities, and structure of your team meets the requirements of your organizational context.

A cyber crisis communication plan is compiled in this phase, but in this incident response plan, include your plan under Step 7: Communication.

(Write approximately 200 words)

Step 3: Preparation

Section 2.3 in Unit 1’s notes details a number of requirements in this step, including reporting mechanisms, the preparation of checklists and jump bags, and auditing procedures. However, for the purpose of this ongoing project, you are required to detail one training exercise the incident response team will undergo. Include specific examples of scenarios or questions, and explain why you have chosen it.

(Write approximately 150 words)

Step 4: Detection

List the tools your organization would use to detect a breach.

(Write approximately 150 words)

Step 5: Analysis

Explain how your organization would analyze whether an incident is a cyberattack. Also describe how you would categorize and prioritize cyberattacks in your organization.

(Write approximately 200 words)

Step 6: Containment

Describe how your organization would prevent a cyberattack from spreading further.

(Write approximately 200 words)

Step 7: Communication

As per Section 4 of the Unit 2 notes, compile a cyber crisis communication plan detailing the internal and external stakeholders your organization would need to communicate to in the event of a breach. Describe what communication channels would be used to communicate with these stakeholders.

Step 8: Eradication

Provide insight into the approaches and decisions the team will take to remove the threat from your organization’s internal system.

(Write approximately 150 words)

Step 9: Recovery

Describe what steps your organization will take to return to its normal operations.

(Write approximately 150 words)

Step 10: Post-event analysis

List the processes that would need to be followed to ensure that lessons learned are implemented.

(Write approximately 150 words)