Introducing

Prezi AI.

Your new presentation assistant.

Refine, enhance, and tailor your content, source relevant images, and edit visuals quicker than ever before.

Incident Response Policy 2

KnowItAll Ninja

Updated July 15, 2018

Transcript

Incident Response Policy 2

Protecting Evidence

Evidence must be protected in case the business prosecutes the attacker.

There should be two backups made of the evidence, one used as evidence & another for data recovery.

Once backups are made the original hard disk should be removed and kept secure for later forensic analysis.

Only once this is done can we wipe & restore compromised systems.

Notifying External Agencies & Recovery of System

Notifying External Agencies

We may need to contact certain external agencies to inform them of the incident.
Law enforcement - to launch investigation for prosecution
External security & virus experts - to get expert support to allow faster recovery.

Before contacting the external agency you must first consult your legal representatives to ensure you don't make the business vulnerable.

Recovery of System

We should now be able to restore our system using backups.

We must be sure on how long ago the incident actually occurred.

Only backups from before the incident should be restored.

It is very important we archive old backups as it may take months to notice an incident.

Compiling and Organising Incident Evidence

After an incident we must compile all evidence.

Documentation should show:
A clear description of the incident itself
Details of the actions taken by the CSIRT in resolving the incident

Data should be organised in chronological order.

This is very important for potential prosecutions.

Reviewing Outcomes

We should review all evidence to identify how to prevent or respond to incidents better in future.

We need to look at all documentation to see strengths and weaknesses.

This can be used to update policies & improve training.

Choose a template

Hiking Journey (AI Assisted)

Elevate your presentations with our immersive Hiking Journey Prezi AI-assisted presentation template, meticulously crafted to showcase the beauty of your adventures, from scenic trails to breathtaking landscapes, providing a visually compelling experience for every outdoor enthusiast.

Science - Cranium (AI Assisted)

Unleash your creativity and captivate your audience with our Cranium Prezi AI-assisted presentation template, designed to stimulate innovative thinking and deliver a visually engaging experience for any intellectual endeavor.

Whiteboard (AI Assisted)

Unleash creativity and collaboration with our Whiteboard Prezi AI-assisted presentation template, seamlessly combining the simplicity of a traditional whiteboard with the power of digital innovation for dynamic and interactive visual storytelling.