Time
2 hours 23 minutes
Difficulty
Beginner
CEU/CPE
3

Video Transcription

00:01
Hello and welcome to this I t Security Policy Training from Cyber Eri.
00:05
This is Porter module to the Security Incident Policy with myself. Troy Lemaire
00:11
The learning objective for this is going to be about confirming an incident,
00:15
the incident response team and ownership and responsibilities.
00:24
Looking at this data breach response policy, it was created by sand. So it's another template that you can use to modify as needed
00:32
and the purpose of the policy.
00:34
It's established goals and vision for the breach response process
00:38
in a clear to find who applies it under what circumstances include the definition of a breach, staff roles and responsibilities
00:45
till the
00:47
organizations information security, intention for publishing a data breach response to focus significant attention on data security and data security breach and how the organization's established culture open distrust integrity should respond to such activities.
01:00
Is committed to protecting the employees, partners and the company from illegal or damaging action about individuals either knowingly or unknowingly.
01:11
Looking at the background. The policy mandates that any individual who suspects that a theft breach our exposure of protected data has occurred must immediately provide a description of what occurred. The email to and in this case you have the help desk, e mail and a phone number,
01:26
and you would want up update this information with the information that is relevant to your organization.
01:34
At that point, it says, the team will investigate all reported theft state reaching exposure to confirm if it has actually occurred.
01:40
If it has occurred, the Iast Security Administration will follow the appropriate procedures in place
01:47
with the scope of this policy applies to all who collect access, maintain information. Basically, anybody within an organization that is handling any type of P I or personal identifiable information r P h I personal health information.
02:06
Hey, so now that we're coming to actually the
02:10
verification of a breaches happen. Okay, Assumes the theft
02:15
has happened
02:15
has identified process removing all access that resource for began. The executive director will chair an incident response team to handle the breach
02:23
team will consist of these members. So again, this would be something that you would update for your organization to match with your
02:30
managers, directors, executives, whatever would be the highest level that you can have to put on this team.
02:38
If there is a confirmed theft, executive Derek will be notified of the theft
02:43
along with the designated forensic team and they were analyzed the breach exposure to determine the root cause.
02:50
Working with forensic investigators has provided by an organization Cyber Insurance, which if you don't have cyber security insurance,
02:55
I was highly, highly recommended. It will be what covers you and provide you with expertise that you need in the event of a breach.
03:04
But in this case, it says, then sure will need to provide access forensic investigators and experts that will determine how the breach occurred, the type of they'd involved. A number of individuals and systems that were impacted and then analyzed the breach and exposure. Determine the root cause.
03:21
Develop communication plan. Work with communications team, legal team and human resource is designed how to communicate the breach.
03:29
Now get in tow ownership in responsibilities So
03:31
your sponsors are the members of the community that our primary responsibility for maintaining any type of information resource
03:39
it could be designated by the executive in connection with the administration Respond responsibilities.
03:46
Information Security Administrator is that member of the organization,
03:50
UM provides administrative support for the implementation. Oversight of coordination of security procedures
03:55
usually include virtually all members of the organization
03:59
and the Incident Response Team shall be chaired by an executive management John Clue Bo not be limited to the following departments,
04:05
and this again is someplace that you would modify. What are the departments that you would want to be involved with this incident response team?
04:15
Any personal found in violation policy may be subject to disciplinary actions up to including termination of employment
04:20
in the third party partner company. Found violation may have their network connection terminated,
04:26
but these are the things that you want to put inside of your incident response plan.
04:33
So in summary in today's lecture, we discussed confirmed incident,
04:39
the Incident Response team and then ownership and responsibilities.
04:45
The Security and
04:46
incident policy. Recap Question. Who should you work with? Want to breach has occurred,
04:51
and that would be your insurance carrier and or your forensic investigators.
04:57
Next policy Recap Question. Who should chair the incident response team,
05:02
and this would be a member of executive management or as highs up as you could get within the organization to where it has the
05:11
leadership advisory
05:14
able to be able to look at the incident and be aware of it
05:18
looking far. Next lecture. We're going to cover another general policy. The disaster recovery policy.
05:25
If you have any questions for clarification about this policy or any of the training on cyber Harry, you can reach me on cyber. A message. My user name is that Troy Lemaire and thank you for attending this training on Cyber Eri.

Up Next

Introduction to IT Security Policy

Introduction to IT Security Policy, available from Cybrary, can equip you with the knowledge and expertise to be able to create and implement IT Security Policies in your organization.

Instructed By

Instructor Profile Image
Troy LeMaire
IT Security Officer at Acadian Ambulance
Instructor