LEARN MORE...

University of the Cumberlands Operation Security Incident Response Policy for ABC Company Paper

User Generated

Znqquryn

Writing

University of the Cumberlands

Description

Unformatted Attachment Preview

Summary: ABC Company is a manufacturing company that produces new technology that sells online directly to customers and retailers. The system they use is a core transactional Enterprise Resource Planning system called NEDS. NEDS is similar to many core systems that provide integrated applications on a common platform for financials, managing materials, sales distribution, and production planning (similar to Oracle or SAP). NEDS is located in the Netherlands, while ABC Company is located in Florence, Kentucky. On June 15, 2016, James Hurd (ABC’s Global Security Director) was notified that NEDS was burglarized during business hours involving individuals stealing equipment including blackberries, iPhones, laptops and hard drives. Local police were notified and the incident was reported on that date. A police report only included identification of specific hardware that was stolen and several bicycles. The burglary notification that was mailed was sent to a branch office of ABC Company in Mexico. James Hurd was notified by the Mexico office via email which included an attached electronic version of the burglary notification and police report on June 20, 2016. James Hurd recognized that the incident actually occurred 5 days earlier. The letter contained the following information about the incident: • • • The incident occurred in the application area that provides custom application development and reporting for the ABC Company. The area that was impacted involved “potential data” used for sales analysis. Data from the ABC Company had been placed on laptops while some diagnostics were being carried out. Compromised data could have included customer or retailer information from 2002-2014 consisting of names, address, bank account data or credit card numbers, SKU product numbers, descriptions, quantities, Purchase Order numbers, and purchase price. You are James Hurd and need to respond to this incident by taking action immediately. You will need to complete the following: I. Develop an Incident Response Policy for ABC Company that will be used as your reference for your evaluation of this potential data incident (this is an attachment that should be included in your paper and referenced in your presentation). II. - Upon developing ABC Company’s Incident Response Policy, evaluate the incident described above: Summarize the data incident and potential level of risk, include why? Upon identifying the types of data that could potentially be impacted and what laws/regulations could be in violation of non-compliance if this data was breached Develop your action plan to evaluate this data incident (include your rationale for why the steps were necessary) Describe how the Incident Response Policy supported your actions Identify any issues that made the evaluation more difficult - Identify areas of future risk mitigation actions should a similar incident occur (look at the gaps or issues with this scenario) Close the incident (NOTE: The outcome of the incident did not surface any major risks or data breach to the company but it took the evaluation to get to this conclusion) This presentation must be support by the research paper. Please note the following criteria: Research paper: • Research Paper must be in APA Style • Research Paper must have at least 5 works cited of which 2 must be peer reviewed works/articles (note your book can be included as a reference) • Must be at least 5 double-spaced pages • The Policy will be an Attachment and not count toward the 5 Page requirement • Graphs, illustrations and spreadsheets are allowed, but will not count toward the 5 Page requirement Grading criteria will include the following as this represents 60% of your grade: Presentation will be 100 points and based on the following: Completeness of the Topic (Policy, Processes, Action, Conclusion) Presentation Delivery Alignment of policy - Meets Standard Criteria Completeness/content Incident Risk Policy as Attachment Logic of Processes and Actions (Thoroughness) Alignment of the Incident Risk Policy components in completing and supporting the evaluation
Purchase answer to see full attachment
Explanation & Answer:
5 pages
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

there are all the files buddy. Please take a look at them and give me a good review..I have attached an outline for your convenience tooGoodbye for now

Running head: INCIDENT EVALUATION

Incident Evaluation
Name
Course
Tutor
Date

INCIDENT EVALUATION

2
Incident Evaluation

Data Incident
ABC is a manufacturing company, located in Kentucky that is characterized by the production of
new technology and selling it online to customers as well as retailers directly. With the nature of
operations, the company requires a security system that can protect them from various incidents
that may arise from cyber-related risks (Von Solms, 2013). Therefore, for planning and security
purposes, the company uses a core transactional Enterprise Resource planning system known as
NEDS. Recently, NEDS, which is located in the Netherlands, underwent a burglary and lost a
number of equipment that may have had important data; laptops, hard drives, iPhones, and
blackberries. Upon this burglary, a notification was made to alert ABC of the occurrences.
However, the notification came 5 days after the incident since it was sent via a mailed letter. The
contents of the letter included a police report of the stolen items; the area of operation impacted,
and data that may have been compromised from the burglary. With the development of this
incident, there was a realization of an inadequate Incident Response Management and therefore
efforts of evaluating and improving old practices are underway. In this case, the data incident
lays out a high potential of risk since information of clients as well as projects of the company
are put at risk of being compromised. This is in regards to the confidentiality required with the
nature of the business that the company employs.
Data that could be impacted
Based on the areas and sectors hit by the burglary, there are a number of data that could be
compromised or affected. These include customer and retailer information from 2002-2014,
company information regarding sales strategies, and some financial information of the company.

INCIDENT EVALUATION

3

For the customer and retailer information, crucial documents such as credit card numbers and
bank account data are put at hand. With the privacy policy that the company thrives on, this
compromise of retailer and customer information violates the laws of the company. On the other
hand, since NED usually stores financial and sales data for the company, this is also an area that
could highly be compromised or impacted. In this case, the information on new sales tactics by
the company may be jeopardized. In addition to this, crucial data regarding ...

Studypool
4.7
Indeed
4.5
Sitejabber
4.4

Similar Content

EU Public Health Financing Process Obesity Paper
Outlining the public health financing process is an intuitive phase. Many public health officials start drafting the progr...
TC The Globalization of The CEMEX Company The CEMEX Way Case Study
Hello, The paper should answer these seven points below and summarize them on 1-2 pages only. Use the question/answer form...
ENG 1302 TUTA Why Are Books Better than Films Discussion
I have attached the document below which has all the requirements to complete this debate paper. My side is "Why are books...
Marx and Harvey Questions: surplus, profit, production, realisation
1. Marx QuestionsIn chapters 4, 5, and 6, Marx is trying to understand where “surplus” and “profit” come from. ...
Turn lab instruction to a summary
I will provide a steps and direction for lab experiment and I want you to write a 8-10 line summary of the experiment usin...
The Road Not Taken Poem Essay
Select a single poem that we have read so far in the class for your paper. Length: At least 2 full pages. Please choose ...
Audit Risk Of Costco
In the field of accounting, auditing is the process of assessing an organization’s financial statements to ascertain cor...
Advertisement Opinion Paper
The advertisement is the process of attracting people to a purchase a particular product in the market. In economics, it i...
Jeannine Critical Thinking
The research paper about blood transfusion was a very interesting topic to learn about simply because it made me learn mor...

Related Tags

information technology Technology & Product Review research computer science disaster recovery CMIT 425 CIS142 research assignment at least 4 years of writing experience networking discussion