Scribd
Upload
84 views22 pages

Cyber Security Lesson 4

Cyber security awareness training and phishing simulations can educate employees to reduce human error and improve an organization's security. An incident management plan outlines response procedures and roles to quickly address incidents. Conducting a root cause analysis after an incident can help identify weaknesses and prevent future occurrences. Effective internal and external communication is important for managing impacts, mitigating damage, and reducing risks when responding to a cyber attack.

Uploaded by

Ushna Abrar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
84 views22 pages

Cyber Security Lesson 4

Cyber security awareness training and phishing simulations can educate employees to reduce human error and improve an organization's security. An incident management plan outlines response procedures and roles to quickly address incidents. Conducting a root cause analysis after an incident can help identify weaknesses and prevent future occurrences. Effective internal and external communication is important for managing impacts, mitigating damage, and reducing risks when responding to a cyber attack.

Uploaded by

Ushna Abrar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 22

Cyber Security

Lesson 4
Education
 Cyber security awareness training
Explain how end
 Speaking about cyber security at company events
users can be
educated and aware  Company updates on number of incidents

of cyber security.  Internal promotion via posters, email reminders etc


 Phishing simulations
 Cyber security awareness training for employees helps
Cyber security to address one of the biggest factors in major
security breaches: human error. By training employees
awareness how to recognize and respond to cyber threats,

training organizations can dramatically improve their security


posture and cyber resilience.
 Phishing simulation is a program that organizations can
Phishing use to send realistic phishing email to employees in
order to gauge their awareness of attacks and what to
simulations do with phishing emails when they receive them.
 Impact on organizations
Evaluate the  Financial loss
impact a cyber-  Reputation damage
attack has to an  Fines
organization  Incident management
 An incident management plan (IMP), sometimes called an
incident response plan or emergency management
Describe the content plan, is a document that helps an organization return to
normal as quickly as possible following an unplanned
of an organizational event.
incident  An IMP can identify weaknesses in a business, mitigate
management plan the impact of a variety of situations, and limit damage to
an organization's reputation, finances and operations.
 Notification procedures are a necessity to address
Notification emergency situations where a system or server may
procedure have stopped operating during the testing.
 An incident management team is dispatched or mobilized
Incident during complex emergency incidents to provide a
command and control infrastructure in order to manage
Management the operational, logistical, informational, planning,

Team economic, community, political, and safety issues


associated with complex incidents.
 This role includes conducting post-incident reviews,
Incident analyzing incident data and logs, and developing

Management preventative measures to stop similar incidents from


happening in the future.
Team  The problem manager also documents the incident for
Responsibilities future reference.
Explain the
importance of  Stakeholder management
internal and  Media engagement
external  Damage mitigation
communication  Reduce risk of re-occurrence
when managing a
cyber-attack.
 It provide mechanisms for rapidly notifying
Explain the stakeholders, coordinating internal and external
importance of stakeholders and monitoring customer sentiment.

internal and These tools improve the organization's ability to respond


and help to minimize reputational damage.
external
 Effectively planned communication channels can assist
communication in easing the operational, reputational, and legal risks
when managing a imposed by cyber events and may even be critical in
cyber-attack. mitigating damage.
 Support teams
 Consultants
Describe the roles  Incident Management Team
and responsibilities  ICT security teams
for incident  Senior Management Team
management.  Suppliers
 Third Parties
• Responsible for planning and coordinating all the activities
required to perform, monitor, and report on the process.
• Remediate deviation of a process for its particular
division/department/school.
• Responsible for communicating with the Incident Process
Roles and Owner.

responsibilities • Point of contact for all Major Incidents.


• Making decisions around which remediation plans to
pursue.
• Tracking decisions and changes
• Communicating decisions and changes
• Leading post-incident review meetings and determining
whether a public post-mortem is necessary.
 There is a nexus between access to information and
communication technology (ICT), cybersecurity and
ICT security human development. ICT provides unprecedented
potential for people to acquire knowledge and skills and
teams use those capabilities for their own interests and for
society as a whole.
 There are four types of information technology
security you should consider or improve upon:
• Network Security.
ICT security • Cloud Security.

teams • Application Security.


• Internet of Things Security.
 A support team member is responsible for assisting and
connecting with the whole department group in
Support teams meeting the company's goals and exceeding
performance expectations.
Incident  This role includes conducting post-incident reviews,
analyzing incident data and logs, and developing
Management preventative measures to stop similar incidents from

Team happening in the future.


 A supplier is a person or business that provides a product
or service to another entity. The role of a supplier in a

Suppliers business is to provide high-quality products from a


manufacturer at a good price to a distributor or
retailer for resale.
 The first step in an effective incident response is
to identify and detect incidents. To do this, IT staff
gathers information from logs, monitoring tools, error
Analyse the messages and intrusion detection systems.

actions to take  The NIST incident response lifecycle breaks incident


response down into four main phases: 
when responding  Preparation; Detection and Analysis;
to an incident Containment(action required to prevent incident),
Eradication(action required to thread of incident ),
and Recovery; and Post-Event Activity.
Analyse the
actions to take
when responding
to an incident
 RCA is a structured facilitated team process to
identify root causes of an event that resulted in an

Root cause undesired outcome and develop corrective actions.

analysis  The RCA process provides you with a way to identify


breakdowns in processes and systems that contributed to
the event and how to prevent future events.
 Types of Root Causes 
 Physical Causes: A physical cause is when a tangible
item fails. For example, if an MRI machine at a hospital
stops working.

Root cause  Human Causes: This type of root cause is when one

analysis person or several team members does something


incorrectly.
 Organizational Causes: An organizational root cause
is when a system or process that an organization uses
to do its jobs is faulty. 

You might also like