Prior to or when security measures fail, it is essential to have in place several response strategies.

Create an incident response plan that can immediately protect digital assets in the event of an attack, breach, or penetration. The incident response plan should include (but is not limited to):

  1. Procedures to initially identify and      document an incident
  2. Procedures that will inform tactical      operational managers, internal and external stakeholders, and/or      individuals affected
  3. Procedures to investigate the breach, to      mitigate harm to individuals, and to protect against further breaches
  4. Enforcement mechanisms for breaches and      non-adherences
  5. Procedures to assess the damage to the      organization and estimate both the damage cost and the cost of the      containment efforts
  6. Procedures to review response and update      policies

APA style is not required, but solid academic writing is expected.

Refer to “CYB-690 Incident Response Management Scoring Guide,” prior to beginning the assignment to become familiar with the expectations for successful completion.

Incident Response Management