Q) Assume that you have been tasked by your employer to develop an incident response plan. Create a list of stakeholders for the IR planning committee. For each type of stakeholder, provide the reasons for inclusion and the unique aspects or vision that you believe each of these stakeholders will bring to the committee.
Top of Form
Incident Response is a vital component of every organization’s security. Typically it provides safety when some incident occurs. A good IR team will also have subject matter experts who can guide your entire organization’s security strategy. However, even the best CSIRT team needs help. Handlers may be experts but want them spending time on the incident, not constantly refreshing their knowledge of the ins and outs of your environment.This can be solved by interacting with stakeholders in the business. Every organization is different. However, CSIRT must find a way to engage with equivalents of following groups.
IT Services: IR team needs to establish a relationship with all parts of IT Services organization. This includes networking, databases, developers, Hosting & Service providers team.
Security Management: We need more than CSIRT. The incident responders can be expected to own every aspect of security. we need to ensure they have a route to engage others parts of security and especially security management/ leadership teams.
Legal: Incident opens the door for lots of legal considerations. To make decisions about what to report and how significant an event may be. IR team should be technical experts, not legal experts. This means handlers must have a way of seeking guidance from real lawyers.
Human Resources: IR team need to able to handle these in the correct way. To enable this, the CSIRT needs to engage with HR.
Public Relations: It is vital that IR team engage with Public relation before and during incidents. The PR team is experts in making sure the IR message is the right one or not.
Bottom of Form
Assume that you have been tasked by your employer to develop an incident response plan. Create a list of stakeholders for the IR planning committee. For each type of stakeholder, provide the reasons for inclusion and the unique aspects or vision that you believe each of these stakeholders will bring to the committee.Bottom of Form
Click following link to download this document
Incident Response Plan.docx