Step 5: Complete the Executing the Response to a Cyberattack eLearning Module
So far, you have identified potential PII attacks and developed a set of PII solution and prevention alternatives. Before outlining a strategy for breach management, review Executing the Response to a Cyberattack. A response to cyberattack typically includes prevention measures, which you have already considered, but it also includes defense, detection, recovery, and response concerns. These areas should be developed with business considerations and subject to the advice of company leaders.
Now that you have become more familiar with an overview of how to execute a response to a cyberattack, proceed to the next step to outline a breach management strategy.
Step 6: Outline Breach Management Strategy
The next several steps will fit the alternatives into a breach management strategy. Strategic thinking can be challenging in a project environment. A “project” is work- and task-oriented, and it includes specific deliverables produced within a defined timeframe. Such projects have a limited budget and are developed to exact specifications. This project’s charter is to present a strategic view of responding to a potential breach in the area of the system containing PII.
This section of the planning should explore areas other than cyber technology. It is about policies, required and recommended, that expand the project notes you have been creating to address corporate concerns outside of the technology realm, such as legal implications, reporting, etc.
Briefly outline, for use in the next few steps, a strategic approach in response to a breach allowing access to PII—customers and/or employees. Think of the policy aspects that will have to be addressed. You will continue to use the findings determined here and over the next few steps to produce a breach management strategy.
Breach management options will be considered in the next step.
Step 7: Determine Breach Management Options
Using the outline of the strategic approach developed in the previous step, determine both the technical and strategic options available in addressing a breach of PII. The eventual goal is to help senior management understand the level of effort required in an appropriate response to a breach. Take note of these options for future use.
Once complete, you will be ready to research legal issues in the next step.
Step 8: Research Breach Management Legal Issues
With breach management options identified in the last step, begin to research associated legal issues. Breach management in response to exfiltration of PII is well documented in a legal context. Multiple resources are available that address the issue. This section of your research and breach management strategy report should carefully identify all the concerns being raised in the courts surrounding previously documented cases.
The idea is to find evidence of court cases being litigated that are a result of a PII breach—not necessarily the outcomes of those legal proceedings. Identify the issues that your policy strategy should address and draft a discussion. This discussion will be used in a future report. After considering legal issues, move to the next step, which will be a look at cyber insurance.
Step 9: Research Breach Management Cyber Insurance Options
Redirect the research from legal issues in the last step to cyber insurance options in this step. As the number of PII breaches grows, so does the new industry of cyber insurance. Draft several paragraphs that state the options now available for this component of risk mitigation. Be sure to include what is covered by most readily available insurance policies, as well as what is not covered.
As an example: Is the institution covered for a customer PII breach if it is determined the breach was caused by an employee? The intent is not to make you a cyber insurance expert, but to offer senior leadership some of the strategic, big-picture options. This draft will be used in a future report.
In the next step, you will research the regulatory requirements of breach management.
Step 10: Research Breach Management Reporting and Other Requirements
Publicly traded enterprises and health care organizations are subject to governmental regulations and requirements where PII is concerned. In addition, some industries voluntarily impose standards upon their members. This is the section of the breach management strategy to address those issues.
What are the minimum reporting requirements applicable to financial institutions (in this case)? What standards are in place that must be met to prevent additional damage to the institution in the way of fines, warnings, or other sanctions as a result of noncompliance with regulations on reporting the breach?
Actual requirements for other industries could be similar, overlapping, or not, determined by the business sector, inclusion in critical infrastructure classification, and a number of other factors. The financial sector is our example for this project and not to be considered comprehensive or all-inclusive across all sectors.
In the next step, you will compile the report on breach management strategy.
Step 11: Compile the Breach Management Strategy Report
After considering the elements of breach management strategy over the last several steps, compile all drafts and revise into a complete five- to seven-page Breach Management Strategy that will present policies to senior leadership for the response to a PII breach.
You will need to include an overview of your strategic approach, options available, legal issues, cyber insurance, reporting and other requirements, and finally the proposal. Your proposal should identify issues/impacts with mitigation strategies and include regulatory responses where they exist. Note how financial industry reporting requirements differ from health care or other industries.
Submit the Breach Management Strategy for feedback. This report will help complete your work on the final incident response plan.
Step 12: Compose Policy Components of an Incident Response Plan (IRP)
Now that you have a proposed breach management strategy, you are ready to begin development of an incident response plan (IRP) specific to a breach of PII. Compose the key policy components of an incident response plan in a list to be used as a basis for the next step.
Step 13: Itemize the Steps of an IRP
Start at the key policy component list from the last step and add postincident requirements already identified to itemize the actions it will take to accomplish these goals. Keep in mind the level of effort required and time involved to accomplish each element of the IRP.
You now have all the information necessary to create a comprehensive IRP. To get your mind set in the right direction, imagine that a breach affecting PII has occurred. It is the organization’s worst cyber incident. What do you do? How does the organization respond? What steps need to be taken to meet all the requirements you have identified in the Breach Management Strategy?
This step is to create a list or an outline; the use of a spreadsheet is recommended to facilitate subsequent steps in the project. The primary column is all of the actions or tasks that need to be completed in the IRP. As part of this first list, identify what department is responsible for what action by considering the functional areas of a financial institution.
You will build upon this list in the next step by adding the element of time to your spreadsheet documentation.
Step 14: Assign a Typical Timeline for an IRP
As a result of your Breach Management Strategy, are there specific timelines required by the regulatory compliance you referenced? If so, that should be your starting point for creating the IRP timeline. These are referred to as project “milestones.” Look at the list you created in the previous step and put those milestones in a required response time sequence.
When building the timeline, pay attention to elements that depend on previous elements—things that must be completed before a following action can be started. In project management, these are referred to as “critical path” items.
This section of creating the IRP must have all critical path items covered within regulatory milestones. It is not mandatory to assign perfect values to the actual time it takes to accomplish each action item. It is mandatory to show the milestone dates.
As an example, one reporting requirement for a financial institution suffering a PII breach is likely to be to notify all affected customers within 72 hours of the breach. That means you will have a customer notification milestone at three days in the IRP.
After you have added the milestone dates to your spreadsheet documentation, you will plan for implementation of the incident response plan in the next step.
Step 15: Plan for the IRP Implementation
This is the step where you tie together the requirements (milestones), the timeline (critical path), and which department will be responsible for what elements in the plan (accountability). Ensure all of the rows and columns in the spreadsheet are in alignment to accomplish the goal of minimizing the impact of the PII breach. It is the final step in creating the IRP. This spreadsheet will be included in your final IRP.
Now, it is time for the final step, in which you will explain the results of all your hard work on the IRP to senior leadership.
Step 16: Complete the Incident Response Policy Plan (IRP)
The resulting IRP should be a total of 10 to 12 pages that present an actionable plan to fully address a breach of the organization’s PII. It should include a final paragraph on your thoughts about how the recommendations are likely to be received.
This final step is to bring all the work together. Use what has been created in the previous steps as detail to support your completed plan on incident response. Synthesize the material and include all CIO (instructor) feedback received.
Include in your comprehensive IRP the review and findings from a policy approach to maintain or exceed compliance with all regulatory demands. In addition, demonstrate your adherence to the best possible outcome for victims of a PII breach.
Remember, confidence in and approval of the approach is mandatory. It has already been determined that a breach of the organization’s PII is a serious matter. The CEO and the rest of the executives are depending on your expertise to address the situation quickly and effectively. This IRP is that plan of action.
Are you busy and do not have time to handle your assignment? Are you scared that your paper will not make the grade? Do you have responsibilities that may hinder you from turning in your assignment on time? Are you tired and can barely handle your assignment? Are your grades inconsistent?
Whichever your reason is, it is valid! You can get professional academic help from our service at affordable rates. We have a team of professional academic writers who can handle all your assignments.
- Plagiarism free papers
- Timely delivery
- Any deadline
- Skilled, Experienced Native English Writers
- Subject-relevant academic writer
- Adherence to paper instructions
- Ability to tackle bulk assignments
- Reasonable prices
- 24/7 Customer Support
- Get superb grades consistently
Online Academic Help With Different Subjects
Students barely have time to read. We got you! Have your literature essay or book review written without having the hassle of reading the book. You can get your literature paper custom-written for you by our literature specialists.
Do you struggle with finance? No need to torture yourself if finance is not your cup of tea. You can order your finance paper from our academic writing service and get 100% original work from competent finance experts.
While psychology may be an interesting subject, you may lack sufficient time to handle your assignments. Don’t despair; by using our academic writing service, you can be assured of perfect grades. Moreover, your grades will be consistent.
Engineering is quite a demanding subject. Students face a lot of pressure and barely have enough time to do what they love to do. Our academic writing service got you covered! Our engineering specialists follow the paper instructions and ensure timely delivery of the paper.
In the nursing course, you may have difficulties with literature reviews, annotated bibliographies, critical essays, and other assignments. Our nursing assignment writers will offer you professional nursing paper help at low prices.
Truth be told, sociology papers can be quite exhausting. Our academic writing service relieves you of fatigue, pressure, and stress. You can relax and have peace of mind as our academic writers handle your sociology assignment.
We take pride in having some of the best business writers in the industry. Our business writers have a lot of experience in the field. They are reliable, and you can be assured of a high-grade paper. They are able to handle business papers of any subject, length, deadline, and difficulty!
We boast of having some of the most experienced statistics experts in the industry. Our statistics experts have diverse skills, expertise, and knowledge to handle any kind of assignment. They have access to all kinds of software to get your assignment done.
Writing a law essay may prove to be an insurmountable obstacle, especially when you need to know the peculiarities of the legislative framework. Take advantage of our top-notch law specialists and get superb grades and 100% satisfaction.
What discipline/subjects do you deal in?
We have highlighted some of the most popular subjects we handle above. Those are just a tip of the iceberg. We deal in all academic disciplines since our writers are as diverse. They have been drawn from across all disciplines, and orders are assigned to those writers believed to be the best in the field. In a nutshell, there is no task we cannot handle; all you need to do is place your order with us. As long as your instructions are clear, just trust we shall deliver irrespective of the discipline.
Are your writers competent enough to handle my paper?
Our essay writers are graduates with bachelor's, masters, Ph.D., and doctorate degrees in various subjects. The minimum requirement to be an essay writer with our essay writing service is to have a college degree. All our academic writers have a minimum of two years of academic writing. We have a stringent recruitment process to ensure that we get only the most competent essay writers in the industry. We also ensure that the writers are handsomely compensated for their value. The majority of our writers are native English speakers. As such, the fluency of language and grammar is impeccable.
What if I don’t like the paper?
There is a very low likelihood that you won’t like the paper.
- When assigning your order, we match the paper’s discipline with the writer’s field/specialization. Since all our writers are graduates, we match the paper’s subject with the field the writer studied. For instance, if it’s a nursing paper, only a nursing graduate and writer will handle it. Furthermore, all our writers have academic writing experience and top-notch research skills.
- We have a quality assurance that reviews the paper before it gets to you. As such, we ensure that you get a paper that meets the required standard and will most definitely make the grade.
In the event that you don’t like your paper:
- The writer will revise the paper up to your pleasing. You have unlimited revisions. You simply need to highlight what specifically you don’t like about the paper, and the writer will make the amendments. The paper will be revised until you are satisfied. Revisions are free of charge
- We will have a different writer write the paper from scratch.
- Last resort, if the above does not work, we will refund your money.
Will the professor find out I didn’t write the paper myself?
Not at all. All papers are written from scratch. There is no way your tutor or instructor will realize that you did not write the paper yourself. In fact, we recommend using our assignment help services for consistent results.
What if the paper is plagiarized?
We check all papers for plagiarism before we submit them. We use powerful plagiarism checking software such as SafeAssign, LopesWrite, and Turnitin. We also upload the plagiarism report so that you can review it. We understand that plagiarism is academic suicide. We would not take the risk of submitting plagiarized work and jeopardize your academic journey. Furthermore, we do not sell or use prewritten papers, and each paper is written from scratch.
When will I get my paper?
You determine when you get the paper by setting the deadline when placing the order. All papers are delivered within the deadline. We are well aware that we operate in a time-sensitive industry. As such, we have laid out strategies to ensure that the client receives the paper on time and they never miss the deadline. We understand that papers that are submitted late have some points deducted. We do not want you to miss any points due to late submission. We work on beating deadlines by huge margins in order to ensure that you have ample time to review the paper before you submit it.
Will anyone find out that I used your services?
We have a privacy and confidentiality policy that guides our work. We NEVER share any customer information with third parties. Noone will ever know that you used our assignment help services. It’s only between you and us. We are bound by our policies to protect the customer’s identity and information. All your information, such as your names, phone number, email, order information, and so on, are protected. We have robust security systems that ensure that your data is protected. Hacking our systems is close to impossible, and it has never happened.
How our Assignment Help Service Works
You fill all the paper instructions in the order form. Make sure you include all the helpful materials so that our academic writers can deliver the perfect paper. It will also help to eliminate unnecessary revisions.
2. Pay for the order
Proceed to pay for the paper so that it can be assigned to one of our expert academic writers. The paper subject is matched with the writer’s area of specialization.
3. Track the progress
You communicate with the writer and know about the progress of the paper. The client can ask the writer for drafts of the paper. The client can upload extra material and include additional instructions from the lecturer. Receive a paper.
4. Download the paper
The paper is sent to your email and uploaded to your personal account. You also get a plagiarism report attached to your paper.
PLACE THIS ORDER OR A SIMILAR ORDER WITH US TODAY AND GET A PERFECT SCORE!!!