Incident Response and Recovery in Information Security

Computer Sciences & Information Technology
Incident Response and Recovery in Information Security
Description: The overall vision for this paper is to inform and explain important aspects of Incident Response and Recovery considering a network attack. Inform the reader of how response plans are made and the benefits of having one established. Explain how the recovery process becomes simpler with a response plan, and how these methods help prevent future attacks.
Incident Response and Recovery in Information Security
Cyber attacks are known for compromising individual and business data. Therefore, system owners and managers need to respond promptly and effectively when security breaches happen (Cichonski et al., 2012). One benefit of having an incident response and recovery plan is that it allows a systematic response to incidents. The system users can follow a consistent incident handling methodology, ensuring that the proper measures are implemented. The second benefit from this plan is that personnel are allowed to reduce the loss or theft of information and any disruption of services due to the incidents (Cichonski et al., 2012). Additionally, the plan can use information obtained as the incidents are handled; hence they can make better preparations to handle future incidents. This information will guide on more robust protection from systems and data.
The development of an incident response and recovery plan will encompass various aspects. These include the people, process technology, and information (Creasey & Glover, 2013). The people factor entails establishing the incident response team, availing adequate technical skills, streamlining the decision-making princess, and obtaining access to critical third parties. The process factor encompasses considering the steps to be taken and how they will be accepted. The steps include identifying the cyber security incident, investigating it, taking proper measures, and recovering the critical systems, data, and connectivity (Creasey & Glover, 2013).. The technology factor entails understanding the data and network topology, then determining the internet touchpoints and storing the proper event logs. Finally, there is a need to determine how sufficient details will be recorded on the information factor, defining the business priorities and understanding the prevailing interdependencies.
Ultimately the incident response and recovery plan will position the system at a better place to deal with the cyber attacks before they cause severe impact on the potential business crises caused.
Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012). Computer security incident handling guide. NIST Special Publication, 800(61), 1-147.
Creasey, J & Glover, I. (2013). Cyber Security Incident Response Guide: Version 1. Crest

In need of this or similar assignment solution?
Trust us and get the best grades!