LAW6827 MOD5 DBP 06
.docx
keyboard_arrow_up
School
St. Petersburg College *
*We aren’t endorsed by this school
Course
LAW6827
Subject
Law
Date
Jun 11, 2024
Type
docx
Pages
3
Uploaded by mrphensley
LAW6827 MOD5 DBP 06.06.2024
You are a risk manager at Secure-Your-Files, Inc., which provides “a safe environment for storing sensitive customer, intellectual property, and trade secret information.”
o
Most Secure-Your-Files, Inc.'s storage clients are hospitals and Silicon Valley technology startups.
You are charged with cybersecurity risk management and report directly to the board of directors.
As part of your duties, you drafted the company’s Incident Response (IR) plan.
You have just been informed that the company’s intrusion detection system has detected certain anomalies, malware, and the potential exfiltration of data from the server, which stores customer, IP, and trade secret information for the company’s clients.
Assignment: The board of directors of Secure-Your-Files has asked you to review the NIST CSF 2.0, the Respond Function, and the Govern Function
.
TASK: You are to explain how you would apply the Respond Function and its 4 Categories
to the breach experienced by the company.
Respond Function
Incident Management (RS.MA) Category
Incident Analysis (RS.AN) Category
Incident Response Reporting and Communication (RS.CO)
Incident Mitigation (RS.MI)
TASK
: You must choose one of the Govern Function Categories for Secure-Your-Files and describe how that Govern Function Category can help put this company in a better cybersecurity posture for potential future breaches.
Govern Function
Organizational Context (
GV-OC
) Category
Risk Management Strategy (
GV-RM
) Category
Roles, Responsibilities, and Authorities (
GV-RR)
Category
Policy (
GV
-
PO
) Category
Oversight (GV-OV) Category
Cybersecurity Supply Chain Risk Management (
GV
-
SC
) Category
My DBP Post 06.08.2024.
1. The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 2.0 provides a structured approach to managing and mitigating cybersecurity risks. It has five
main functions that can be applied to a detected cybersecurity incident, using the functionality that best fits the security risk. The Respond Function
is one of the five core functions of the NIST CSF 2.0 and focuses on developing and implementing appropriate activities for a cybersecurity incident. Below, I will explain each of the four response functions and how they would work when applied to Secure-
Your-Files company in a breach incident. 1. Response Planning (RS.RP)
: I will create an incident response plan for Secure-Your-Files outlining the necessary steps to take when a breach is detected. This plan will include roles and responsibilities for your company's delegated employees to communicate the protocols and procedures for an adequate recovery. Secure-Your-Files should take proactive steps to ensure a timely response to detected cybersecurity events, such as conducting regular drills and updating the response plan based on lessons learned from past incidents and evolving threats.
2.
Communications (RS.CO):
As the law requires, Secure-Your-Files
would use this function when reporting the breach to company stakeholders and relevant regulatory bodies. The delegated employees will advise the legal, IT, and management teams on the steps needed, such as contacting cybersecurity firms to assist in notifying Secure-Your-Files
potential customers and clients affected by the breach and the measures to take to protect themselves.
3. Analysis (RS.AN):
I will apply this function to assess the breach’s impact on Secure-Your-
Files operations, customer data, intellectual property, and trade secrets. I will thoroughly analyze the detected anomalies, malware, and data exfiltration to get to the scope of the entry point, affected systems, and data compromised.
4. Mitigation (RS.MI):
I will apply this function to resolve the incident and contain the breach with Secure-Your-Files
, preventing further damage to the incident by isolating the affected systems and blocking the malicious factors.
2.
Secure Your Files company's cybersecurity risk management would benefit from this govern function as it helps to inform, improve, and adjust the risk management strategy by using results gathered from organization-wide cybersecurity risk management activities and performances by applying the three sub-functions (listed below) of Oversight GV-OV.
1.
GV-OV-01:
Cybersecurity risk management strategy outcomes are reviewed to inform and adjust strategy and direction.
2.
GV-OV-02:
The cybersecurity risk management strategy is reviewed and adjusted to ensure organizational requirements and risk coverage.
3.
GV-OV-03:
Organizational cybersecurity risk management performance is evaluated, and we reviewed for adjustments needed.
References
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help