construct an incident response plan
Greiblock Credit Union (GCU) is a $5 billion financial services firm with a central office located in Chicago, Illinois, and approximately 100 branch offices located throughout the Midwest. The central office provides primary technical services for the all of the corporate locations including branch offices. This is done through a centralized architecture housed in the Chicago data center. Because of security considerations, no IT services are outsourced.
GCU has been the victim of an increasing number of security situations including fraud, identity theft, and cyber attacks. The GCU Board of Directors has charged you with ensuring that proper policies and procedures are in place to proactively address these situations. They ask that these policies and procedures be developed with a set of metrics so that their effectiveness can be determined. These metrics should include what is to be measured, how measured, and what actions will be performed with the information. Specific areas that you must address include dynamic vulnerability analysis, intrusion detection, and incident response.
These policies and procedures should include one technical and one social aspect for each of the three areas (dynamic vulnerability analysis, intrusion detection, and incident response). These policies and procedures should be in the following format: 1) Purpose, 2) Scope, 3) Policy, 4) Enforcement, 5) Metrics. Incorporate subtopic areas as appropriate i.e., 1.1, 1.2, etc.
Deliverables:
need to design policies, procedures, and metrics to address the following areas: dynamic vulnerability analysis, intrusion detection, and incident response. The description should include the critical aspects of each area in measurable terms, as well as the role various technologies play in executing the policy and procedure strategy. Your paper should have a title page, table of contents, overview with references, followed by the policies and procedures in following format: 1) Purpose, 2) Scope, 3) Policy, 4) Enforcement, 5) Metrics. Note that the policies and procedures should be delivered in an applied business policy format for GCU, not as an academic paper explaining general polices.