Analyze what must be done to identify and close the vulnerabilities so that this situation does not recur. Evaluate the security gaps and their risks to the organization

Analyze what must be done to identify and close the vulnerabilities so that this situation does not recur. Evaluate the security gaps and their risks to the organization

 

Your Topic: Action Plan

Assignment Details: _____________Week 3________________________
Assignment: Action Plan
Last week, you received indications of anomalous behavior in the network. The behavior could have an innocent explanation, or it could be the symptom of a security breach. You, as CIO, must narrow the possibilities and possibly start an incident response. Two conflicting risks make this difficult: there is a lack of information about what has happened and a lack of time to get more details.

In response to your request last week, you receive some operations reports from your staff. They may not be exactly that for which you had hoped. After all, the IT staff is under time pressure, too. It is time for you to make some decisions based on the information you have.

The initial response to a security incident often is to “stop the bleeding,” that is, to shut off any continuing unauthorized access to your organization’s assets. This is true even if the incident was not detected for weeks or months. Recall that your role as CIO requires more than technical leadership. You also are responsible for communications, both internal and external, and coordination of compliance actions. The longer and more severe the problem, the more difficult your job can be. In a real crisis, you likely would face some long days with little sleep.

To prepare for this Assignment, analyze the reports you received. Look for evidence that confirms or rejects each of your hypotheses. For any hypothesis you cannot reject, review and refine your qualitative risk analysis from last week. There could be more than one problem in the network. Review this week’s resources to understand reporting and other compliance requirements that affect your organization. These responsibilities can vary based on the location, type of business, and type and amount of information disclosed. Search the Walden University Library and web for specific guidance on what types of communication are necessary, appropriate, and for which stakeholders.

In a real organization, you would be under extreme time pressure to make technical, compliance, and communication progress. To allow time for you to reflect and obtain feedback, your work on this Assignment is due in Week 5. Please start your incident analysis and response planning immediately.

As you work through this Assignment, keep a record of your analyses and actions in your logbook. This information allows your Instructor to assess not only the results you achieve, but also the way you approach the problem. Explain your conclusions of how the reported information disproves, or is inconclusive, about each hypothesis. What other possibilities might the data suggest? Summarize the consequences of all the hypotheses that you cannot reject.

Given your conclusions, note in your logbook what can be done immediately to stop further compromises. Indicate how you would have your staff make these things happen.

The company must take various actions to comply with applicable laws and regulations. Note these requirements and the deadlines in your logbook.

Finally, assess how public awareness of the problem may affect the organization’s reputation and business. Outline the communications that should be initiated to each of the stakeholders.

Once you have completed your general plan for managing the crisis, begin working on specifics. You do not have to complete all of these components this week.

Analyze what must be done to identify and close the vulnerabilities so that this situation does not recur. Evaluate the security gaps and their risks to the organization and outline a plan to close the most significant ones. Does your plan require buy-in from the CEO or other stakeholders? Why? Will you need to divert resources from other initiatives or acquire additional resources? If so, outline how to make these things happen.

Create memos to anyone responsible for compliance actions and provide all of the information they need to act. It is a good practice to draft the documents they must submit and include them with your memos.

Notify anyone who should be making an internal or external communication regarding the situation. Draft the memo, press release, or other statement you would like them to deliver.

Turn your plans into stakeholder meetings and directions to your staff (simulated in your logbook) to accomplish the tasks.

___________Week 4______________
Assignment: Action Plan (continued)
Last week, you evaluated IT operations reports and diagnosed a security incident affecting your organization and began to plan responses. You should have taken steps to “stop the bleeding” by preventing further unauthorized access. These steps are most likely temporary, because they may deny needed access to legitimate users and they do not address root causes. You also must plan to close the vulnerability and restore the IT systems to normal operation. Stakeholders expect you to communicate these plans. Public perception and legal and compliance issues also demand your attention. You should be concerned about the costs of lost business and of the crisis response.

To prepare for this Assignment, review your work and plan what you intend to accomplish this week.

Continue to work on your Action Plan. Record your activities and decisions in your logbook. Your completed report is due next week (Week 5).

__________Week5_______________
Assignment: Action Plan (conclusion)
When a security crisis occurs, the organization looks to you, the CIO, to lead the response, ensure timely compliance with laws and regulations, and communicate effectively with a range of stakeholders.

In previous weeks, you diagnosed a network anomaly and took action to analyze and address the information security weaknesses it exposed. You have had time to address most of the issues concerning the security crisis. Your logbook should contain a record of your activities, including simulated meetings and staff directives. Although it may seem like everything happened quickly, in a real crisis, this may all have taken place in only a few hours or days.

To prepare, review your logbook and other notes. Finish writing the following items:

1) Technical Actions: Analyze what must be done to identify and close the vulnerabilities so that this situation will not recur. Evaluate the security gaps and their risks to the organization and outline a plan to close the most significant ones. Does your plan require buy-in from the CEO or other stakeholders? Why? Will you need to divert resources from other initiatives or acquire additional resources? If so, outline how to make these things happen.
2) Compliance Actions: Create memos to anyone responsible for compliance actions and provide all of the information they need to act. It is a good practice to draft the documents they must submit and include them with your memos.
3) Communications: Notify anyone who should be making an internal or external communication regarding the situation. Draft the memo, press release, or other statement you would like them to deliver.

Preferred Format: APA

Number of Sources: 5

Number of Pages: 3

PowerPoint slides:

Preferred Spacing: Double spaced

Answer preview for the “Analyze what must be done to identify and close the vulnerabilities so that this situation does not recur. Evaluate the security gaps and their risks to the organization” essay……………………

what must be done to identify and close the vulnerabilitiesapa 1442 words

Click the Purchase button now to download full answer for the “Analyze what must be done to identify and close the vulnerabilities so that this situation does not recur. Evaluate the security gaps and their risks to the organization” Page

Share this paper
Open Whatsapp chat
1
Hello;
Can we help you?