IT Incident Response - PowerPoint PPT Presentation

About This Presentation
Title:

IT Incident Response

Description:

IT Incident Response www.bestitdocuments.com The goals How to achieve this Policies Standards Architecture People Process & Technology What can we really do ... – PowerPoint PPT presentation

Number of Views:245
Avg rating:3.0/5.0
Slides: 10
Provided by: besti1
Category:

less

Transcript and Presenter's Notes

Title: IT Incident Response


1
IT Incident Response
  • www.bestitdocuments.com

2
What we really need
The goals
How to achieve this
People Process Technology
Architecture
Policies
Standards
What can we really do
Management by in
Standards Guidelines Procedures
System Safeguard
Security Internet architecture
3
What we really need
The goals
Security Policies sets the stage for standards,
guidelines and procedures
Define what behavior is not allowed
Policies
Standards
Communicates consensus amongst governance
stakeholders
Facilitates the Good neighborly philosophy for
networking
Management by in
4
What we really need
Security Policies must be
Implementable and enforceable Concise and
ambiguous Balance protection productivity Balanc
e protection productivity
The goals
Security Policies should
Policies
Standards
State reasons why policy is needed Describe the
coverage who, what where and how Define
contacts responsibilities Define how violations
will be handled
Management by in
5
Policy Definitions
  • Program Policy
  • Used to create IT security program
  • Sometime referred to as departmental or company
    security policy
  • Issue-Specific Policy
  • Addresses issues of concern (what-ever)
  • System-Specific Policy
  • Focuses on decisions to protect a particular
    system
  • Procedures, standards, Guidelines are used to
    describe how policies are implemented

6
Tools to implement policy
  • Operational Standard
  • Specify uniform use of specific technologies
    organization wide ID badges
  • Guidelines
  • Recognize that IT systems vary and that
    safeguards may be implemented in many ways
  • Procedures
  • Detailed steps to be followed (set-up user
    accounts)
  • Strategies
  • Broad direction on implementation
  • Directions
  • Focused implementation Instructions

7
Enforceability
  • Policies
  • In some jurisdictions, adherence to policy may
    be the only legal enforceable document
  • Guidelines, standards, procedures should probably
    have a very specific tractability reference to
    policy check with legal department

8
IP Service Categories
9
Enterprise Wide Collaboration on Incidents
Technical Collaboration
Operation Collaboration
Incident Handling (Operational)
Incident Handling (Technical)
Incident Handling Forensic Analysis Criminal
Investigation
Write a Comment
User Comments (0)
About PowerShow.com