Mile2 Cybersecurity Certifications

OCU C)SP A Week 01 Lesson 02 Discussion

Tagged: 

Viewing 3 reply threads
  • Author
    Posts
    • #86565
      Manny Varela
      Keymaster

      Discuss some of the policies that should be in place for a competent incident response within a company/organization.

    • #88113
      Marcena Davis
      Participant

      Companies need to be ready for unexpected issues, especially in today’s digital age, where cyber threats are a real concern. It’s all about preparing for the “what ifs” and having a plan in place.

      1. Clear Communication: In any situation, especially crises, communication is essential. Companies should have clear channels of communication so that when something goes wrong, the right departments are notified immediately. Being on the same page can make a world of difference.

      2. Defined Roles: Every individual in the incident response team should know their specific responsibilities. Clarity ensures swift action without overlapping efforts or missed steps.

      3. Regular Training: Having a plan is one thing, but practicing it regularly ensures that the team is always ready. Drills should simulate real-life scenarios to make sure everyone knows their roles by heart.

      4. Documentation: Detailed records are vital. Each incident should be meticulously documented, helping to determine the root cause and ensure that such mishaps can be avoided in the future.

      5. Analysis After the Fact: Once things are under control, it’s essential to sit down and evaluate the incident. Analyzing what happened, its implications, and how it was handled can provide insights for future preparedness.

      6. Stay Updated: The world of cybersecurity and risks is ever-evolving. To ensure optimal preparedness, companies should keep abreast of the latest threats and update their protocols accordingly.

      7. External Support: Sometimes, an outside perspective can provide valuable insights. Expert consultants or third-party firms specializing in incident responses can offer guidance and highlight areas for improvement.

      In essence, incident response is about foresight, preparation, and continuous improvement. With the right policies in place, companies can navigate challenges efficiently and bolster their resilience against future threats.

      Reference:
      https://mile2.com/m2-courses/csp/version-00/ebooks/index.html#p=3

      • #88622

        Marcena,

        Thanks for sharing this great information including the URL.

        Yes, there should be SOPs (Standard Operating Procedures) that departments and employees know their roles and responsibilities as incidents occur. There should be on-going training on those procedures so that people remember them even when they are feeling the pressure of an incident or vulnerability. There should also be an outline of the separation of duties, acceptable use policies, and aawreness by users. There could also be target goals to get systems back online or back up strategies for server failures.

        • #88679
          Marcena Davis
          Participant

          I fully agree with the importance of SOPs. Just like in my police work, clear procedures help ensure swift and effective responses. Continuous training is essential to keep everyone prepared, and I appreciate your emphasis on it. The mention of target goals and backup strategies is crucial for timely recovery and maintaining operations.

      • #88628
        Syerra Metzler
        Participant

        Hello Marcena,
        I like the detail that you put into this post. I think that the policy that you pointed out that I did not even consider was Analysis After the Fact. It is very important that everyone understands why the incident happened in the first place, what was done to resolve the problem, and what can be done in the future to prevent it from ever happening to the company again. Learning from past incidents is one of the best things that any serious company can do to prevent the same incident from ever happening again. Great work.

        • #88678
          Marcena Davis
          Participant

          Thank you for your insightful feedback. I’m glad you found the “Analysis After the Fact” point significant. Drawing from my experience as a police officer, I can attest to the importance of post-incident analysis. In the police department, competent incident responses are paramount. After every significant event, we typically conduct debriefings to analyze what transpired, what could have been done differently, and what we can learn for future situations. It’s this rigorous commitment to continuous learning and refining our methods that helps us serve our community effectively. Just as in business, understanding and learning from past incidents in law enforcement ensures we are better prepared for the future. Thanks again for your thoughts.

    • #88627
      Syerra Metzler
      Participant

      Some of the security policies that should be in place for a competent incident response within a company or organization are the separations of duties, least privilege, and ongoing security. Separations of duties is a great way to split up the work between a group of people so that not only one person is taking on the burden of securing the company or organization. The other benefit of the separations of duties is that there are multiple people looking at the best way to secure the business or if there was an incident that need to be addressed, then the team would be able to work together in order for the crisis to be averted efficiently and quickly. Least privilege is another great way to make sure that only the people that need to know of the incident are able to work with the team to fix the issue. Least privilege allows only the qualified people who need to know of the issue to be able to result the issue without the whole company getting distracted or working on different things to solve the one incident. Finally, having ongoing security before, during, and after an incident is the best security policy that a company can implement because of it is a great way to prepare for an incident and getting the company back on task. Ongoing security should always important so that the company has less of a risk of getting attacked and an incident ever occurring.

    • #88680
      Marcena Davis
      Participant

      I completely agree with your points. The concept of separations of duties reminds me of teamwork in policing, where distributing roles ensures efficiency and thoroughness. The principle of least privilege is vital to keep sensitive tasks limited to those specifically trained. And yes, ongoing security is the foundation—it’s always better to be proactive. Your breakdown is spot-on for any organization aiming to enhance their security. Great points!

Viewing 3 reply threads
  • You must be logged in to reply to this topic.

SUPPORT

Please Note:

The support ticket system is for technical questions and post-sale issues.

 

If you have pre-sale questions please use our chat feature or email information@mile2.com .