77 unread replies.2222 replies.
The topic of this week is "planning for security". We cannot overemphasize the importance of planning in information security. We need to start with a plan, a security policy, to be more specific, at first, then continue with more detailed plans, like security blueprints. Your organization should have a contingency or a fallback plan in case you face disruptions/interruptions in any of the business components. For immediate response you should have an Incident Response Plan (IRP) to guide your employees and customers throughout that incident/crisis period. For the aftermath and tactical controls you need a Disaster Recovery Plan (DRP). Finally for the long-term or strategic solutions, you need a Business Continuity Plan (BCP). The NIST special publications especially SP 800-53 and SP 800-18, and also 800-34 or 800-61 as well as ISO 27000 standards can be used as references to setup all the aforementioned security plans. Please review the definition/description of these plans and also the referred standards in Planning for Security. Make sure to include all of your references (APA format).
- Review the text in conjunction with a Web search for sample IRP/DRP/BCPs. Based on your research, identify at least three specific steps/principles/practices you think common in all plans. If you think some items are more important than others, please share your thoughts also.
- Find and describe an incident (e.g., security breach, Distributed Denial of Service, etc.) that occurred recently to an organization (Note: It could be your current or prior employers.)
• Any particular aspect about this incident you think is interesting?
• Can you find any information about this organization’s IRP or DRP or BCP?
• Which indicators would cause someone to think that an incident might have occurred?
• What strategy should (or did) the organization take to contain the incident? Do you think it’s effective? Why or why not?
• What could be done to prevent similar incidents from occurring in the future?