1 / 24

Fundamentals of Information Systems Security Chapter 8 Risk, Response, and Recovery

Fundamentals of Information Systems Security Chapter 8 Risk, Response, and Recovery. Learning Objective. Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems. Key Concepts.

maren
Download Presentation

Fundamentals of Information Systems Security Chapter 8 Risk, Response, and Recovery

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Fundamentals of Information Systems Security Chapter 8 Risk, Response, and Recovery

  2. Learning Objective • Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems.

  3. Key Concepts • Quantitative and qualitative risk assessment approaches • Business impact analysis (BIA) • Business continuity plan (BCP) • Disaster recovery plan (DRP) • Elements of an incident response plan

  4. DISCOVER: CONCEPTS

  5. BCP • A plan designed to help an organization continue to operate during and after a disruption • Covers all functions of abusiness: IT systems,facilities, and personnel • Generally includes onlymission-critical systems

  6. BCP Elements • Purpose and scope • Assumptions and planning principles • System description and architecture • Responsibilities

  7. BCP Elements (Continued) • Notification or activation phase • Recovery and reconstitution phases • Plan training, testing, and exercises • Plan maintenance

  8. DRP • Includes the specific steps and procedures to recover from a disaster • Is part of a BCP • Important terms: • Critical business function (CBF) • Maximum acceptable outage (MAO) • Recovery time objectives (RTO)

  9. DRP Elements • Purpose and scope • Disaster or emergency declaration • Communications • Emergency response and activities

  10. DRP Elements (Continued) • Recovery steps and procedures • Critical business operations • Recovery operations • Critical operations, customer service, and operations recovery

  11. BIA • A study that identifies the CBFs and MAOs of a DRP • Studies include interviews, surveys, meetings, and so on. • Identifies the impact to the business if one or more IT functions fails • Identifies the priority of different critical systems

  12. BIA Elements Scope • It is affected by sizeof the organization. • For small organization,scope could includeentire organization. • For larger organizations,scope may include onlycertain areas. Objectives

  13. Computer Incident Response Team (CIRT) Plan • Outlines steps taken during a response effort and the roles and responsibilities of the team • Includes the five Ws + H: • Who launched the attack? • What type of attack occurred? • Where the attack occurred? • When the attack occurred? • Why the attack occurred? • How the attack occurred?

  14. DISCOVER: PROCESS

  15. Overview of Risk Management

  16. The Risk Equation and Three Phases of Risk Management

  17. Risk Assessment • A process used to identify and evaluate risks • Risks are quantifiedbased on importanceor impact severity • Risks are prioritized

  18. Risk Assessment Steps

  19. Risk Assessment Approaches

  20. Quantitative Risk Assessment • Single loss expectancy (SLE) • Total loss expected from a single incident • Annual rate of occurrence (ARO) • Number of times an incident is expected to occur in a year • Annual loss expectancy (ALE) • Expected loss for a year SLE X ARO = ALE

  21. Qualitative Risk Assessment • Probability • Likelihood a threat will exploit a vulnerability • Impact • Negative result if a risk occurs Risk level = Probability X Impact

  22. DISCOVER: RATIONALE

  23. Importance of Risk Assessments • Is part of the overall risk management process • Helps you evaluate controls • Supports decision making • Can help organizations remain in compliance

  24. Summary • You can protect data and business functions with a BCP, DRP, BIA, and incident response plan. • Risk assessments include quantitative and qualitative approaches.

More Related