Topic: Assume that you have been tasked by your employer to develop an incident response plan. Create a list of stakeholders for the IR planning committee. For each type of stakeholder, provide the re

Ajay Pillagolla 

WEEK 4 DISCUSSION

COLLAPSE

Top of Form

Incident Response is a vital component of every organization's security. Typically, it provides safety when some incident occurs. A good IR team will also have subject matter experts who can guide your entire organization's security strategy. However, even the best CSIRT team needs help. Handlers may be experts but want them spending time on the incident, not constantly refreshing their knowledge of the ins and outs of your environment. This can be solved by interacting with stakeholders in the business. Every organization is different. However, CSIRT must find a way to engage with equivalents of following groups.

• IT Services: IR team needs to establish a relationship with all parts of IT Services organization. This includes networking, databases, developers, Hosting & Service providers team.

 • Security Management: We need more than CSIRT. The incident responders can be expected to own every aspect of security. we need to ensure they have a route to engage others parts of security and especially security management/ leadership teams.

 • Legal: Incident opens the door for lots of legal considerations. To make decisions about what to report and how significant an event may be. IR team should be technical experts, not legal experts. This means handlers must have a way of seeking guidance from real lawyers.

• Human Resources: IR team need to able to handle these in the correct way. To enable this, the CSIRT needs to engage with HR.

• Public Relations: It is vital that IR team engage with Public relation before and during incidents. The PR team is experts in making sure the IR message is the right one or not.

Bottom of Form

Sai Charan Gummadi 

Discussion

COLLAPSE

Top of Form

            Incident Response is very important for the security the organization. A good team of incident response guides the whole organizational security policies and strategies. But this team also requires help from experts, who can spend time over the incident and bringing solution to the problem. These experts can be the stakeholders who can be included for security the organization. The different stakeholders for the committee of IR planning includes:

1. System Administrator- IT people will contact the management personnel and members of incident response. The manager of incident response will be contacted using e-mail, messages or phone (Javaid, 2013). The designated and back-up personnel are also to be contacted. The ground security officer would be contacted.

2. Security Person or Security Department- This refers to the contact list of IT emergency and of effected department. The call will be made to the designated numbers. It will log on the caller’s names, time at which call is made, type and nature of incident, persons and equipment involved, locations of involved persons, when event was noticed first.

3. Helpdesk- To provide the support and information to the end-users regarding the incident report, helpdesk is required. The aim of the help-desk is to troubleshoot the issue and give guidance about the incident report which the committee has brought up with.

4. Manager- He or she will work for knowing the committee progress and provide guidelines that what is required to be done regarding the incident. He leads the entire committee and directs the member of committee.

5. Firewall Administrator- He or she administrator the system with the help of system administrator. The administrator considers that whether policies or procedures followed permitted the intrusion (Shinde & Kulkarni, 2021). They consider that what is required to be changed or what has been changed for ensuring that policy or procedure was to be followed in future.

Bottom of Form