Business Continuity Planning and Incident Handling

¶ … Business Continuity Planning Incident Handling Incident response refers to an organized approach used to manage and address the security breach aftermath of the attack. The goal of incident response is to limit the damages to the network infrastructures as well as reducing costs and time employed for recovery of critical data. The paper does not suggest that the organization should shut down the network systems because they may lose a substantial market values by implementing this tactic.

Moreover, shutting down the network system may hinder a full investigation of the cause of the incidents. The following steps should be employed for the incident response. First, the organization should coordinate an IT team who will be in charge of updating the security measures to respond to network and computer security incidents correctly and quickly. The next stage is to identify where the incident has occurred.

Typically, the IT team should identify whether the attacker uses the virus or worm for the attack and the strategy to eliminate the tool used for the attack from the company information systems. The IT team should identify the affected devices and systems and take steps to prevent further damages. The team should investigate the origin of the incidents, the root cause of the incidents, and all the traces of malicious codes.

The team should also take a step to recover data from the database and ensure that the files are cleaned to ensure that the systems are free of vulnerabilities. Moreover, the IT team should beef up the security of the information systems to prevent future occurrence. The paper also suggests that the company should use the service of digital forensic experts to investigate the origin of the incidents. By identifying the origin of the incidents, the organization will be able to take appropriate step to eliminate the incidents.

More importantly, the paper suggests using the Dell SecureWorks software, which is an effective software, to carry out the incident response as well as digital forensic practices. The software is an effective tool to minimize the duration of the threats. The fig 1 below reveals the summary of the incident response plan. Fig 1: Incident Response Plan Topic 2 - Business Continuity Planning A business continuity plan refers to a plan to continue business operations in case an organization is affected by incidents.

In other words, a business continuity plan is an IT document containing the critical information that assists an organization to remain in business despite the adverse events. An effective strategy to enhance business continuity is to carry out data backup where the critical data are stored at the remote location far away from the organization business location.

The difference between the business continuity plan and incident recovery plan is that the business continuity plan has already taken a step to recover critical data and continue business operations in case of incidents. However, incident recovery plan has not taken a step to recovery the critical data in case of the incidents. It is after the incidents has occurred that the incident recovery team will take a step to recover the critical data. An organization intending to carry out an incident continuity plan should include the following critical information.