Describe procedures sharing information with outside parties

Assignment: Computer Science- Incident Response Plan

Background:

You were just hired as the new chief information security officer for Multiple Unite Security Assurance (MUSA) Corporation whose security posture is low. The first thing your chief executive officer tells you is that they have recently seen a presentation by one of the information security team members emphasizing the importance of having a security awareness program. As a result, you have been asked to develop a security awareness program for MUSA Corporation based on the following 10 security gaps:

A. No annual cyber security awareness training, which is causing high phishing and social engineering attacks
B. No configuration change management policy (to reduce unintentional threats)
C. No intrusion detection/prevention system
D. Logs are not being collected or analyzed
E. No media access control policy
F. No encryption or hashing to control data flow and unauthorized alteration of data
G. Vulnerability assessment is conducted every three years; unable to assess the security posture status
H. High turnover and low morale among the employees (due to lack of employee readiness programs and work planning strategy)
I. High number of theft reports and security incidents; possible unethical/disgruntled employees
J. No segregation of duties or mandatory vacation policies (to mitigate intentional threats)

To that end, you will make recommendations for enhancing security policies, practices, and processes that are currently contributing to a dysfunctional security culture. Your chief goal is to build a program that will foster a healthy security culture and ensure continuous improvement.Your task is to develop a security awareness program that consists of four major components:

1. Proposal Introduction
2. Security Policies Development
3. Continuous Monitoring Plan
4. Communication Plan

Prompt

In the Case Document, one of the security gap analyses indicated a high number of laptop thefts and a high number of security incidents. Because of this recent increase in theft and security incidents, the chief information security officer asks you to develop an incident response plan. Submit a plan including the eight basic elements of an incident response plan, and procedures for sharing information with outside parties. See the Oregon state incident response template as a sample, but all work should be original.

Specifically, the following critical elements must be addressed:

A. Include the eight basic elements of an incident response plan.

B. Describe procedures for sharing information with outside parties.