Various systems of a company are prone to viral attacks. This means starts any company must be ready at all times to respond and mitigate the dangers arising from such attacks. This study has identified various methods and steps that a company can follow in order restore an attacked finance system. For the team to respond to an incident, predetermined groups will be involved according to characteristics of the incident.
¶ … Finance and Accounting Application that provides finance and accounting operations require all the possible computer security measures to be adopted. In this case, two patterns call for an incident response plan:
The company's computer networks and systems are at a higher risk to threats like intrusions, computer viruses and exposures
Computers are widespread through the company; the company depends heavily on computers and cannot afford service denial
Therefore, the following security incidents will be an essential:
A computer virus might be copied to a LAN server; within seconds, thousands of other computers will be infected. This will require the efforts of different people and several days to achieve recovery.
Back-ups can be infected with viruses resulting in re-infection of other systems; recovery will require more expenses and time
System intruders could copy passwords and distribute them across large networks
Outbreaks of system or virus penetrations will cause embarrassment and possible loss of public confidence (Taylor, 2013).
These incidents can cause the company to confront unwanted expenses in productivity, damage to their reputation and significant damage to systems. Clearly, there is a pressing need to take action before suffering the impacts of a massive computer security problem. This necessitates the incident response plan to draw needed resources together in an organized manner to handle any adverse events related to the security and safety of the companies, and its clients. The adverse events could be unauthorized access to the company's systems, a malicious code attack, hoaxes and denial of service attacks (Vacca & Rudolph, 2010).
Responding to an incident
In this case, there are six stages of response:
Preparation - An incident response team must know how to respond to an incident before it happens as this could save valuable effort and time
Identification -- it is important to identify whether the incident has occurred or not. In case it has occurred, then the response team must take appropriate actions
Containment -- it entails limiting the magnitude and scope of the incident. Because so many incidents involve malicious codes, they can spread rapidly. This could precipitate enormous loss and destruction of information. As soon as the response team recognizes an incident, it must immediately begin to work on containment (Vacca & Rudolph, 2010).
Eradication -- one of the most difficult processes is the removal of the cause of the incident. It involves conviction of perpetrators, virus removal, and dismissing employees
Recovery - it is essential to restore a system to its normal business operations. After the restoration, it will be important to verify that the restored operations are successful and the system is functioning as expected.
Follow-up -- some incidents demand substantial effort and time. After terminating an incident, there must be interest to devote more effort to the incident. However, conducting follow-up activity is one of the most crucial activities in the response process. Follow-ups could support any efforts to prosecute employees and other individuals who violated the law. It encompasses changing adjusting company policies, which might require changes (McCarthy, 2012).
Organization
For the team to respond to an incident, predetermined groups will be involved according to characteristics of the incident. Since the situation is likely to develop leading to more significant impacts, the response team will call various groups to help in solving the problem. The figure below shows the organization of incident response.
Figure 1: Incident Response Organization
The Incident Response Process
This is an escalation process because the impact of the incident is widespread or significant, which increases the response level. As a result, it brings more resources to bear on the issue at hand. The team members at all levels will be informed about the incident and will respond appropriately.
Incident Response Management
1.
Directs the Incident Response Coordinator team to:
Strengthen communications between all members of the incident response team in the field
Assume the command center position
Install an incident voice mailbox for messages to be placed to record and the status of the company personnel
2.
Establish if the threat has been mitigated to an acceptable level,
Extended Team
1.
Contacting local authorities where possible
2.
If local authorities are called in, these members must initiate arrangements for them to enter the command center
3.
Ensure that all the required information has been gathered to support financial restitution or legal action
Incident Response Coordinator
1.
Continues to maintain the Chronological pattern of Event
You’re 80% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.