Incident Management Roles

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
3 hours 39 minutes
Difficulty
Intermediate
CEU/CPE
4
Video Transcription
00:01
Mulele 3.18 Incident management roles
00:06
during this module will analyze key roles in incident management and explore functions of key roles during an incident,
00:14
key roles required for an instant
00:16
note privacy team members may not be included in an incident response team.
00:22
Now
00:23
that is okay considering an incident response team, members could include an employment oversteer tech lee communications, internal external social media, customer support, corporate counsel, accounting, risk advisory and or an insurance agency.
00:39
If you're not included in this incident team yet, you are in your privacy program. It's important you're part of the process, especially if P is impacted.
00:50
No, not all incidents
00:52
me
00:53
involved
00:54
P. I. Or a breach of PE
00:59
accounting may have to be included in the event. A payment needs to be made quickly.
01:03
Also, they may have to be included in the event. A fine
01:07
could potentially be levied against an organization in the event P. I. Has been breached.
01:11
It's important to note that with modern threats today, in regard to ransomware or hacks,
01:19
that bad actors may request payment via Cryptocurrency.
01:23
Some accounting departments and some organizations do not have accounts that are readily available with Cryptocurrency as a form of payment.
01:32
Most law enforcement organizations
01:34
will's recommend highly you do not pay a ransom.
01:38
However, some organizations have decided to do this and in order to do it in a timely way to meet the demands of a bad actor. You may have to do it quickly via Cryptocurrency
01:53
incident levels. Consider adopting levels of criticality for instance, to guide roles during an incident,
01:59
for example, radio agreed or red is being severe and green is being normal
02:02
Or level one through 5 where one being minor and five being severe.
02:07
Having these types of levels
02:08
can help the incident response team
02:12
know who to include and how quickly they need to move in the event an incident occurs.
02:20
There may also be some overlap in roles. If an incident occurs,
02:23
consider other groups to determine if certain incident functions can be streamlined.
02:28
Also help desk business continuity vendors, disaster recovery, internal audit, cybersecurity and facilities
02:34
could also play a role with an incident response. Remember not all incidents could involve data.
02:42
It could involve access to facilities or access to areas where sensitive information is kept into their paper or media.
02:54
Quick question and answer the report. And this report that potentially exposes several 1000 employee user names and passwords should be considered a blank incident.
03:04
one severe to moderate or three normal.
03:12
The answer is severe
03:14
in this case if there are thousands of employees and their pastors have been compromised and are available.
03:20
Two
03:21
bad actors.
03:22
One would classify this as a severe incident.
03:25
In this module we discussed key roles in incident management and repeat functions of key roles when responding to incidents.
Up Next