Abstract

This
paper explains about the key Incident Response Plan which is developed for my
Company. Mainly includes the key stakeholders who are part of this Incident
Response Planning Committee. The roles and responsibilities of individual
stakeholder, when is the exact time for each team to respond depending on the
incident criticality. Also about various key business activities being impacted
as part of any security incident in the company. I also stated why these
stakeholders are considered as key role with respect to Incident Response. Also
expressed my views how do a company can overcome from security incidents.

Keywords:
Incident Response Planning (IRP), Protected Personal Information (PPI), Human
Resources (HR), Public Relations (PR).

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Incident
Response Planning is a combination of different steps which are designed in
order to recover a company’s business activities to normal state after unexpected
incident which halts the regular business processes. IRP is planned and
designed by a team which is formed from different business areas in the
company. IRP is available with almost every company in order to detect the
future cyber-attacks, data breaches, internal data theft risks and other issues
which will be analyzed by IRP team upfront so they can come up with a strategy
to handle all this issues. The IRP developed by me for my company will have a
planning committee with important stakeholders as below

1.     Information
Technology Services

2.     Security
Management

3.     Legal
Team

4.     Human
Resources

5.     Public
Relations

Information Technology Services:
This includes Database, Development, Testing and Networking teams which will
handle all the Business Applications in the company. Each team is important
such as database team is crucial in protecting our costumer’s data, developers
are responsible to write code logic in order to protect from invalid data input
which we can expect from some cyber attackers and in parallel testers are need
to test the business applications robustly. Company websites also connects to
external suppliers networks where our Network Admins play an important role in
hosting all such external websites n a secured way.

Security Management: This
team is part of IR planning committee as it will have an overall knowledge
related to company’s security. With coordinating with security management team we
can secure our costumers data from any kind of data breaches. As part of IR
plan they suggest us how to overcome data theft by providing valid
authentication to all the business users based on their roles. They do also
provide retention policy to be followed in such a way to get rid of documents
which will have PPI data. This team manages all the security access to
company’s building and also any information related to security.

Legal Team: It
is very important to have legal team
member as part of IR Planning committee who can suggest the real incident to be
reported in case of any incident in the company. Legal team member should be
technical expert who can analyze the incident in a right way and come up with a
resolution so that cannot impact the business activities in a minimal way.

Human Resources: In
most of the scenarios users are the responsible for security issues but not in
all the cases, users sometimes share their personal data to fraud tele
communications which could lead to security issues. In such scenarios HR team
is responsible to handle such sensitive situation without making costumers
panic and also without losing their business, this is little bit challenging
situation for HR team to manage smoothly. So, in order to get rid of such
situations HR team member should be part of this IR planning committee.

Public Relations: This
team plays their role when company’s incident response team has decided to announce
about  the incident to public to make
sure that public do not get shocked. It is needed for any company to consider
this situation as high priority to make sure that IR team members coordinate
with PR team so that message which is going into public conveys in a right
manner. This team should work hard enough to validate that IR team is sending
communication out about incident information to public accurately.

By
considering importance of all the stakeholders as stated above IRP committee
should have one or more primary member from each team. A good planning upfront
could save company from many unknown incidents in the future. As part of
planning we should also consider about how to overcome in case of any
unpredictable incidents. This IRP states how to evaluate the root cause of
Incident and then steps to be followed in order to recover the incident.
Important steps to be followed are identify the departments which are impacted
by this Incident and alert the IR team to work with them, send out the right
communication strategy depending on the type of Incident.

Conclusion: As
I explained above 5 key stakeholders are important which can be part of
Incident Response Planning committee so that we can incorporate a strategy
which will minimize our efforts to recover the business activities in case of
any type of incidents. If these stakeholders are part of IR planning which will
reduce the chance of being impacted by any kind of incidents. To have a good
and progressive business running in a company we need a well-organized and
robust Incident Response Planning.