When cyber-attacks hit organizations, the consequences can be costly for years to come. Costs related to mitigation and recovery, corporate branding, and market share are often impacted after a major brief and (as reflected by the Target and Home Depot breaches, for example) a quick and effective response can help minimize the loss.
Having a systematic approach to incident detection and response can also provide a company with information they can use to strengthen the enterprise and address legal issues that may arise as a result of the attack. During this exercise, we will review two documents that examine response efforts.
Read the following documents and respond to the discussion question below.
Creasey, J. & Glover, I. (2000). Cybersecurity incident response guide. Retrieved from https://www.crest-approved.org/wp-content/uploads/2014/11/CSIR-Procurement-Guide.pdf
Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012). Computer security incident handling guide. Retrieved from http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf
SWOT analysis 1: Looking outside for threats and opportunities. (n.d.). Harvard Business School. Retrieved from https://inside.artcenter.edu/ed/file.php/26283/SWOT_Analysis_1_Loooking_Outside.pdf
Zeltser, L. (2008, August 29). SWOT matrix for describing security posture. Retrieved from https://isc.sans.edu/forums/diary/SWOT+matrix+for+describing+security+posture/4939/
Respond to the following:
Select one or two topics on incident response from the documents above and do a SWOT analysis of the topic(s).
Describe and explain why the topic(s) is/are an important component of incident response?
Are there challenges that should be considered in regard to implementation of the topic?