By: Divan Hardik
Bus Control Plan & Disaster Recovery Plan
27th Jan 2018
Case Study #1
of the Cumberlands
response plan is really helpful in the organization. In the company, any time, disaster or any unexpected events can occur, so that time team should
have an incident plan that one can
launch. At a time of executing the incident plan,
there are set of actions a team has to perform and there are so many teams
involved in the plan execution.
The main responsibility of the team is to identify
future vulnerable activities (unexpected events) and what to do next when it happens in the organization. There are
committees for planning this plan and it requires
a long process.
There are set of stages for incident planning. Such as
form the IR planning committee, create strategies, develop a plan, and execute the plan, training, and
maintenance and it also requires triggering. The plan is always a written
document and can have all the information of security mechanism and it provides
all the information of attack, attack scenario and cases. The plan also has reaction force – such as before action, during
the action, and after the action. There are virtual and physical attacks on the organization. Then there will be a loss of technology, people, infrastructure, and
Incident Response, IR planning Committee, Strategies, Process,
Incident Response plans will handle the situation of
disaster and then reduce the recovery cost and time. There are some steps that
one can follow. The first team has to
identify the issue in the system and try to figure out what kind of quicker
solution they can easily implement also assign the tasks to the team. The team
has to get involved with other departments and try to engage in discussions. The
planning team will always be testing the incident response plan every
now and then to ensure do they have any failures or not, and also each time review
process will be required for upper departments.
When there is an incident try to figure out why the incident happened is it
small problem or disaster for the company market. The next step is to implement
the plan with different tools and then follow the strategies.
To trigger the incident recovery plan there are some
situations – such as internal team member or any user has to notify the administration
and let them know about the incident. As per the reaction of particular threat “before
incident” – one has to get ready of future upcoming vulnerable activates and “during
the incident” – the team has to determine what goes wrong in the
system and what needs to be done to resolve
it. The last part is “after the incident”
– it is kind of analysis part that team has to do forensic analysis.
IR planning process always begins with identifying and
inclusion of stakeholders. There is an
incident response team that will always try to contact stakeholders for
individual issues in the organization they have a solid relationship with all the teams.
HR department is a critical
department of the organization. When employee
gets any kind of security incident then
the response team will check the plan and then CSIRT will engage the HR team
when an incident happens.
Information Security Team always working towards
secure information system. In the current era, every
day new threats coming into the networks and each threat will be a disaster for the company data, network, and
physical security. Whenever there is a bad incident happen in the organization,
the Incident recovery team will directly
contact the IT security team and easily can figure out the threat and then
execute the incident response plan.
The Legal Department in the organization will be
working on maintaining and preventing legal issues that going to happen in the future. The legal department always
take care of future incidents and they do
have some technical experts which will help at that point of time.
Public Relations (PR) is all about managing the
relationship with organizations and try to communicate a message to the clients and customers. The PR
team of an organization will identify the incident response report is useful or
not, and then it will execute the plan.
General Management will be managing administration part
of the business in our organization. The efficiency of employees and workload
will be manageable by this team. So, whenever there is an issue with workload and efficiency incident planning team
directly contact the management and then try to fix the problem as soon as
Kirvan, P. & Peterson S. (2017) Businesses need
both incident response plans and DR plans to cope with today’s cybersecurity threats. Retrieved from: http://searchdisasterrecovery.techtarget.com
Doug D., (2017) 10 steps for a successful incident
response plan. Retrieved from: https://www.csoonline.com/article/3203705/security/10-steps-for-a-successful-incident-response-plan.html
Brangman R. & Madar M. (2016) Plan for Incident Response and
Rapid Recovery. Retrieved from https://www.cbiz.com/insights-resources/details/articleid/3728/plan-for-incident-response-and-rapid-recovery-article