Incident Management
The incident response and the business continuity report presents the situation of the organization in relation to the security. This report discusses about the various issues that is involved with the current technological background of the organization. The report discusses about the ISML Ltd organization, which is an electronics based company. The technical problems related with current situation of ISML organization is given in the report. The report also involve the three security risks related with the current practice of ISML. The solutions for the overcoming of these risks is also given in the incident management and the business continuity report. The ways to get rid of the problems related to the organization has been presented by carrying out research in the field of incident management and business continuity. The research has been carried out in the field of policies, procedures and technical.
The incident management ensures the proper management of the issues or the vulnerabilities that are related to the information security of an organization. Incident management involves the findings of the answers to the different problems that arise in the protection of the information. The incident management is basically a three step process that involves confidentiality, integrity and availability (CIA). This triad is the main driving factor for the proper incident management. The various instances that may be stated of the incident management is the proper management of the loss of information confidentiality, the damage to the physical assets of the information technology. The other instances that involve the use of incident management is the attempt of unauthorized access or the infection of the system due to attack of malware.
The business continuity process involves the planning of the activities of the business in order to take the various important decisions. The business continuity works in the principle that in case of any form of incident or mishap the business functions will continue to operate. The issues that has occurred will be recovered to a state which can be put to a operational state. The recovery is possible within a short span of time. The instance of business continuity may be given as in case of an alert of any form of attack on the systems, the business function are carried out as usual while the problem is resolves to an operational state in the background.
The process of the storage of the data is done manually. However, in this process there may be certain vulnerabilities that may arise in the system. The efficiency of the work gets reduced if the process is carried out in a manual way. If the process of the protection of the information is done in an automatic manner by the use of the strategic information system then it is possible to back up the data in a more efficient manner. The handling of information becomes more easy and efficient by the use of an automatic system for the data management process.
The employees of the organization do the back- up process. These employees may not be trained in the field of the cloud computing for the proper data management. For the proper management of the data by the use o the cloud computing the employees should be trained in a proper manner. The use of the features of cloud computing technology such as IAM role and snapshot may be made for the purpose of security. If these features are not properly used then the system may be prone to vulnerabilities of attack.
Business Continuity
The back- up of the data is stored in the various external devices such as the hard disks or the system of the organization. If the information is stored in these locations then there are chances of the loss of information by the attack of the unauthorized users. The most convenient method for the storage of the information is the use of cloud computing. This allows the organization to protect the data by the use of the private key provided by the cloud technology.
The most primary risk is the attack on the information that may be involved due to the storage of information in the systems of the organization. The storage of the information in the hard disk or the system may lead to the attack from the unauthorized users. If there is any form of attack on the information of the system and there is not enough security then the information may be lost. The use of the keyloggers are made by the hackers in order to get into the systems and get hold of the valuable information. The attacks are generally carried out by the rival organizations in order to get the confidential information.
The other risk that may be involved are the improper storage and the management of the data. If the information or the data is not managed properly then it is vulnerable to the attacks from the hackers. The improper management or storage refers to the data being stored in an unstructured format. This makes the information more easily accessible to the outside unauthorized users.
As the information is backed up only once in a month and there is no alert for the occurrence of any form of data loss or the attack on the information the people responsible for the handling of the information has no knowledge regarding any form of attack. An alert may be set for the detection of the attacks on the information. The employees are doing the back- up of the information in a manual format. The process would have been more effective and efficient if the storage of the information is being done in an automated manner.
For the prevention of the risk of attack on the systems by the hackers, the use of the cloud computing technology can be made. The cloud computing technology allows the users to prevent the hackers from getting the access of the system. This is done by the use of the private keys concept. The use of private keys enables the access of the systems only to those users who are a part of organization and have the login details. The use of the cloud computing technology aklso prevents the keylogger from fetching the confidential information by the use of the concept of IAM role.
The risk of the vulnerabilities involved due to the unstructured format of information is removed by the use of the technology of big data. The big data not only helps in the proper storage of the information but also in the management of the data in the proper format. The use of big data technology helps in the management of both structured and unstructured information and can handle data of any length. The structured data is easier to handle and is less vulnerable to attack.
Problems with the current situation of ISMC Ltd
The risk of the not receiving of any alert during the attack by the hackers can be done away with the use of alerts on cloud. The use of the alerts helps in the alerting the employees in any form of attack. The use of alert also helps in taking of the necessary steps to prevent the attack on the information. The strategic information system is another technology that helps in the prevention of the attack on the information of the system. The use of strategic information system helps in the providing of the alert in an automated format and is more efficient than the storage done ij the manual form.
By the policies of the incident management and business continuity, the verification of the incident that has occurred is needed. After the verification is done, the organization proceeds with the business continuity plan while the issue is brought to the operational level in the background. In the background the cause that led to the incident has to be identified and the impacts of the issue on the future events is recognized. The security is then improved in accordance. The final results are applied in order to do away with the security issue that has occurred. In the front end the main processes are performed by the help of business continuity process.
Conclusion:
From the report it can be concluded that the important information should be protected in order to put the organization at a better place. Proper information management can contribute in the pacing up of processes for the organization. The report presents the various threats and the vulnerabilities that may be present in the protection of the information of the organization. The report also presents the various risks that are involved with the current technology that is used in the ISMC Ltd. The current technology has been presented in the case study. The solutions to the risk arising due to the current situation is also presented in the report. The use of the incident management and business continuity report helps in the recognition of the various risks that are present and helps in the elimination of the risks.
Allen, D.K., Karanasios, S. and Norman, A., 2014. Information sharing and interoperability: the case of major incident management. European Journal of Information Systems, 23(4), pp.418-432.
Almorsy, M., Grundy, J. and Müller, I., 2016. An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107. Almorsy, M., Grundy, J. and Müller, I., 2016. An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.
Flin, R., Lauche, K. and Crichton, M.T., 2017. Learning from Experience: Incident Management Team Leader Training. In Naturalistic Decision Making and Macrocognition (pp. 129-146). CRC Press.
Mahajan, P., Gaba, G. and Chauhan, N.S., 2016. Big Data Security. IITM Journal of Management and IT, 7(1), pp.89-94.
Rittinghouse, J.W. and Ransome, J.F., 2016. Cloud computing: implementation, management, and security. CRC press.
Setiawan, A., Wibowo, A. and Susilo, A.H., 2017, August. Risk analysis on the development of a business continuity plan. In Computer Applications and Information Processing Technology (CAIPT), 2017 4th International Conference on(pp. 1-4). IEEE.
Terzi, D.S., Terzi, R. and Sagiroglu, S., 2015, December. A survey on security and privacy issues in big data. In Internet Technology and Secured Transactions (ICITST), 2015 10th International Conference for (pp. 202-207). IEEE.
Thota, C., Manogaran, G., Lopez, D. and Vijayakumar, V., 2018. Big data security framework for distributed cloud data centers. In Cyber Security and Threats: Concepts, Methodologies, Tools, and Applications (pp. 589-607). IGI Global.
Wallace, M. and Webber, L., 2017. The disaster recovery handbook: A step-by-step plan to ensure business continuity and protect vital operations, facilities, and assets. AMACOM Div American Mgmt Assn.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
