Phases of Incident Response Plan in Cybersecurity

An Incident response plan contains a series of phases that address a suspected data breach. Each phase contains some set of instructions that should be followed while implementing an incident response plan.

Phases of Incident Response Plan 

Phases of Incidence Response Plan

1. Preparation 

This is the first phase of the incident response plan. In this phase, we ensure that the employees are properly trained and ready to deal with any security incident. We assign incidence response roles and responsibilities to each employee according to his skill. Also, in this phase, we conduct mock security, incidents in order to evaluate the capabilities of employees.

2. Identification

In this phase, we identify the security incident on an organization's computer system. We also check how many systems are affected and their severity level. We also try to find out the source of that attack and analyze its degree of input on our computer systems and network.

3. Containment

In this phase, we ensure that the breach does not spread and cause further damage to the organization. This is ensured by isolating the affected computer system from the network and securing the other systems on the network. We also create a backup of the file so that the data does not get lost forever.

4. Eradication

Once the security incident is identified and the affected system is isolated, we eradicate the malware or code injected into it. We take help from the antivirus which detects and remove the malware from the system. We also apply patches in the security and update the systems.

5. Recovery

This is the process of restoring and returning affected systems and devices back into the business environment. During this time, it's important to get the systems and business operations up and running again without fear of another breach.

6. Lesson learned 

This is the last phase of the Incident response plan in which we hold meeting with all incident response teams and discuss the findings and lessons learned from the security breach. Here, we also analyze and document everything about the breach.

Popular Posts

Conducting Polymers: Definition, Examples, Properties and Applications

Image
What are Conducting Polymers? As the name suggests organic polymers that conduct electricity are known as conducting polymers. They are also known as intrinsically conducting polymers (ICPs) and they have alternating single and double bonds along the polymer backbone (conjugated bonds) or that are composed of aromatic rings such as Phenylene, naphthalene, anthracene, pyrrole, and thiophene which are connected through carbon-carbon single bonds. Examples: Polyacetylene, Polypyrrole, Polyaniline, etc What is the reason behind conducting nature of these polymers? Conducting polymers comes in two forms that are doped conducting polymers and non-doped conducting polymers. The conductivity of non-doped conjugated polymers is due to the existence of a conductivity band similar to a metal. In a conjugated polymer, three of the four valence electrons form strong sigma bonds through sp² hybridization where electrons are strongly localized. The remaining unpaired electron of each carbon atom re
Read more

Crime Scene: Definition, Types and Characteristics

Image
What is a Crime Scene ? A place where the crime is committed or where the maximum physical evidence related to crime is found is known as a crime scene. A crime scene is a starting point of the investigation which provides information about the suspect and the victim. This helps to reconstruct the crime and fast resolution of the case. It is noted that the crime scene is not limited to a single place but may extend to a wider area depending upon the nature of the crime committed. For example, In a murder case where murder is done at one place and the body is disposed on another place. In this case, we have two crime scenes that give information about the crime. Types of Crime Scene Based on evidence found on the crime scene: 1. Primary Crime Scene The crime scene where the actual crime occurred or where more usable pieces of evidence were found is known as the primary crime scene. For example, A murder scene, theft, assault, etc. 2. Secondary Crime Scene The crime scene which is some
Read more

Raman Spectroscopy: Principle, Instrumentation and Applications

Image
What is Raman Spectroscopy? Raman spectroscopy was given by an Indian Physicist Sir C.V Raman , which is based on inelastic scattering of monochromatic light with the sample. The resulting light will have a different frequency than incident light due to this inelastic scattering.  This technique is widely used to analyze vibrational, rotational, and other low-frequency interactions in the molecule. This significantly helps in the elucidation of molecular structure, identifying functional groups, etc. Principle of Raman Spectroscopy Raman spectroscopy is based on the inelastic scattering of electromagnetic radiation with the molecule. We have two types of scattering that are elastic and inelastic scattering.  Elastic scattering obeys the Rayleigh law that states that there will be no loss of energy and momentum of the incidence radiation and scattered radiation. That's why this scattering is also known as Rayleigh scattering. Whereas, there will be some conditions (1 in million
Read more