Cybersecurity Incident Managementt
• Please prepare a formal report, including the basic sections like introduction, body of the report, conclusion and references.
In this assignment, students are required to perform the followings:
• Study the assessment of a company from newspaper reports which suffered from a recent cybersecurity incident and caused significant disruption to the organization. You should identify a relevant cyber incident for this assignment. Read the following relevant articles that would help you to identify your case study/scenario.
o “An approach to cyber resiliency: unifying cybersecurity incident response and
o “Business Continuity Management: Preparing a Business Continuity Plan, Oz Saddlery (an example case study for your reference, you must not include this case study)”.
• Based on your identified case study and cyber incident, describe the environment that the organization operates in and develop a Business Continuity Plan (BCP) to be able to cope with any recur of such attack/incident in the future.
• Include business and technical measures to incident response, appropriate response and cause related to legal and regulatory requirements, Business Impact Analysis (BIA), Disaster Recovery Plan (DRP), Crisis Communication Plan (CCP), and so on.
Draft a 2000-word equivalent report about the use of appropriate business continuity plan to ensure the continuity of critical business processes/operations during the time of emergency/disaster. How to investigate?
• Describe the real-life case study/scenario (cybersecurity-related emergency or disaster, based on your identified case study).
• Risk Severity.
• And many more (please go through the example case study).
Assignment : what to include?
• Include businesses and technical measures to incident response
• Include Business Continuity Plan (BCP) to meet the emergency
• Business Impact Analysis (BIA)
• Disaster Recovery Plan (DRP)
• Determine response and cause related to legal, organizational and regulatory requirements
• Crisis Communication Plan (CCP)
• Recovery Time Objectives (RTO)
• Recovery Point Objectives (RPO)
• Standards like ISO, NIST, ISACA, and so on