StudentShare solutions
Triangle menu

Information Systems Security Incident - Essay Example

Not dowloaded yet

Extract of sample
Information Systems Security Incident

This paper describes the types of logs that are maintained at B-Concepts, the log management system and discusses the advantages of security logs.
Three types of security logs are maintained at B-Concepts: Security process logs are records of the security procedure and security policy application. These logs are recorded in the normal condition. Security fault logs are recorded in absence of security policy and risk management strategy. Security breach logs are the records of security policy breach.
The CONcept of OPerations on information security incident is based on the severity and impact of the incident. "An incident can be thought of as a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices" (GRANCE, KENT & KIM, 2004).
"ISO 17799 refers to hundreds of best-practice information security control measures that organizations should consider to satisfy the stated control objectives" (ISO 17799, 2005). The standards propose that an organization must identify the information assets and make a risk assessment for these assets. The computer security incident response policies for B-Concepts are defined in the security policy document based on the function/business and infrastructure of the organization.
All members of the CIRT are prepared to interact with medi...
Computer Incident Response Team (CIRT)
CIRT structure can be based on any of the 3 models:
1. Central Incident Response Team - a single team to handle incidents throughout the organization.
2. Distributed Incident Response Team - multiple teams for handling incidents of particular logical or physical segments of the organization.
3. Coordinating Team - A team that provides guidance and advice to individuals or department wide teams.
The CIRT team can be partially/fully outsourced or staffed with internal employees.
B-Concepts CIRT1
Roles and responsibilities:
All members of the CIRT are prepared to interact with media. One member of CIRT is nominated as POC for media and law enforcement. The members of CIRT are accessible to anyone who suspects or discovers a computer security incident that involves organization interest (GRANCE and et al., 2004).

Fig 1. Incident Response Lifecycle (GRANCE and et al., 2004)
The responsibilities of CIRT in the incident lifecycle are:
Preparation requires acquiring tools & resources, for incident handling, making a jump-kit1 and risk assessment of systems and applications for incident prevention.
Detection: incident categorization based on type2 and signs (precursor3 or incident4). Analysis is done by profiling5 and understanding the network systems behavior, studying the logs and security alerts. CIRT must create a centralized logging system & log policy, it must be able to correlate events, conduct research to gain information, collect data by packet sniffers and data filtering. CIRT is also responsible for the documentation of incident information, incident prioritization to determine the impact on affected resources and notification to the concerned authorities.
Containment: physical isolation of the affected resource, ...Show more

Summary

To fulfill this mission the operational framework for security of the software, hardware and data associated with information systems is defined based on ISO 17799. CONOP outlines the key players, their roles and responsibilities in the event of information security incident…
Author : ernesthuels
Information Systems Security Incident essay example
Read Text Preview
Save Your Time for More Important Things
Let us write or edit the essay on your topic
"Information Systems Security Incident"
with a personal 20% discount.
Grab the best paper

Related Essays

Information Security Management
BIA is implemented to classify and prioritize components and information systems that are vital for business functions and contribute to organization’s mission. Moreover, an outline is provided, for user assistance. The third step is to identify preventive controls.
5 pages (1250 words) Essay
Information Security Program Survey
As per 2011 NASA strategic plan, NASA’s mission is to “drive advances in science, technology, and exploration to enhance knowledge, education, innovation, economic vitality, and stewardship of Earth”. Safety, integrity, teamwork, and excellence are the core values of this government agency.
4 pages (1000 words) Essay
Information and Systems Security
It deals with stopping attacks on a network from outer entities such as hackers and from non-intentional attacks. As more and more networks are being introduced every single day, the implementation of network security has become very important. The interconnection of networks has made flow of information easier between organizations or individuals (Curtin, 1997).
3 pages (750 words) Essay
Information Security Master Essay
This thesis is structured in three parts each with sub-divisions. In part 1 (2.0 -- 2.9), we survey and review Information Technology Policies and Acts of Congress, Presidential Executive Orders on IT , Office of Management and Budget (OMB) Circulars on IT.
42 pages (10500 words) Essay
Concepts of Operations Project
(Kovacich, 2003) There should be a framework within which computer security incidents are to be handled to safeguard high level severity. A specific department should be set up to ensure implementation of corrective action at a timely manner. There should be a Misuse Committee incident investigation and recommending measures that is responsible of correct a problem of incident.
4 pages (1000 words) Essay
Information systems security incident
CONOP outlines the key players, their roles and responsibilities in the event of information security incident. The CONOP is defined to control the information & financial loss, for business continuity, security policy review and security awareness program.
8 pages (2000 words) Essay
Information Systems Security
America paid the heaviest price possible for a lack of security with the events of 9/11 as even the Pentagon was unable to avoid carnage. After the attacks however, security became a paramount concern and that included digital security.
3 pages (750 words) Essay
Information Systems Management
BS7799 (BS7799-2:2005), which now has the international number ISO 27001:2005, is the international best practice information security management
8 pages (2000 words) Essay
Information Security
In addition, principles of gaming related to cyber attacks, focusing on anomalous information associated to games and malicious programs resulting to software
15 pages (3750 words) Essay
Information Systems Security Survey
IRS has an information security risk management program that is mainly constructed to balance the company’s security duties alongside other business duties. The company must continue with its operations despite the exposure to
3 pages (750 words) Essay
Get a custom paper written
by a pro under your requirements!
Win a special DISCOUNT!
Put in your e-mail and click the button with your lucky finger
Your email
YOUR PRIZE:
Apply my DISCOUNT
Comments (0)
Rate this paper:
Thank you! Your comment has been sent and will be posted after moderation