Incident-Response Team

Sec280

08/17/2014

As the small software company, Gem Infosys, has had a malware attack that shutdown their network operations for two full days. The company has decided to take a forward step to preventing this incident from occurring again in the near future by having an incident response policy that will reduce network down-time in case if the incident occurs again in the future. Things that will be needed in the response policy are by having an incident-response team, disaster-recovery process, and a business-continuity plan.

Whenever you have an incident-response team, this will conduct of a team of peers that will be solely responsible for whenever something occurs, such as the malware virus that shutdown Gem Infosys for two days, and conducts the research to find a better way to keep things better secured by “encrypting all data prior to backup”(Smith). The team will also be responsible for handling such things as vulnerabilities, having information disclosed, managing the system, backup strategies, and disaster recovery.

The next part of the policy is having a disaster-recovery process that will be responsible for limiting the any significant loss while the systems are down and offline. Other responsibilities will be recovering and organizing anything lost in an effective manner as well as assessing “damage, repair the damage, and activate the repaired computer center.”(Martin)

Last but not least, it is beneficent that your company should have a business-continuity plan in order to keep the business running correctly after any incident has occurred. Such things that you would need to plan when having a continuity plan is to have a scope of the plan, have key business areas, critical functions, “identify dependencies between various business areas and functions”(Lindros, Tittel), having acceptable downtime for critical maintenance, and creating a plan intended to maintain operations.

Having a countermeasure would be beneficent to the incident...