Implementation and Evaluation of Controls, Research Paper Example

Introduction

A project plan will specify the implementation and evaluation of controls that are required to protect critical information assets of the organization. Moreover, the protection of the network is essential along with response teams that will follow procedures of how to eliminate a security breach within an organization’s wireless network. Depending on the nature of business, processes can be associated with law enforcement agencies, government institutions, public information providers, information technology etc. in order to handle security incident within the organizations, teams are created that are called as incident response teams. As per network dictionary, “Incident response team refers to a group of people who are responsible for handling information security incidents when they occur.” (Computer emergency response team.2007). Incident handling is an essential process as security incidents that are initiated in organizations, breach wireless networks and then penetrate to other areas of the network containing confidential and mission critical data and disrupt business processes. The impact of these incidents provides severe losses in terms of organization reputation in the market, trust in customers and credibility.

This plan is constructed based on a questionnaire and will highlight solutions for minimizing incident handling and security breaches related to a wireless network in an organization. The effective incident management approach will minimize issues related to security breaches and other possible threats that a wireless network may counter. The information provided in this project plan is handled with strict confidence. The objectives for this project plan demonstrate:

7 steps for Contingency Planning defined by NIST

• The first step is to create a contingency planning policy statement that provides the ability and supervision for developing an efficient contingency plan.
• The second step is related to business impact analysis (BIA). BIA is implemented to classify and prioritize components and information systems that are vital for business functions and contribute to organization’s mission. Moreover, an outline is provided, for user assistance.

• The third step is to identify preventive controls.
• The fourth step is associated with creating contingency strategies.
• In the fifth step, information technology contingency plan is developed.
• The sixth step involves training, testing, and exercise.
• A maintenance plan document is developed, in the seventh step.
• The recommended standard approach to the process is to combine the both system development and life cycle (SDLC) risk management contemplation for the process of contingency planning.

Incident Response Planning Steps

The incident response planning is associated with a detailed set of processes and procedures, which mitigate, detect and foresee the scope of an unexpected event directly influencing information resources and assets.

Incident Detection

Identifying the incident to determine whether the incident has occurred due to routine operations or it is the occurrence of an actual incident. The identification of incidents, also known as incident classification, is related to analyze the originality of an actual incident. However, reports from system administrators, including intrusion detection systems, anti-virus software may facilitate to incident classification.

Incident Response

After the identification of an actual incident, the incident response personnel follow with a responsive approach. Likewise, the responsive approach includes informing to key personnel, allocating tasks and documenting the incident.

Incident Escalation

If the incident response team cannot contain the incident, the impact of the incident is significantly out of reach. Prioritizing business processes as per business impact is essential. For instance, (fraud risk management server) in a bank stops responding, the business impact will be ‘most critical’.

Incident Recovery

After the containment of the incident, the process of incident recovery initializes. The incident response team must comply with “What to do to recover from the incident.” The team must restore services, backup data, continuously monitor the effected system etc.

Risk Management

It is the process in which, the implementation of safeguards and controls is conducted and the controls are constantly monitored. Risk Management process identify information assets and their vulnerabilities for ranking them as per the need for protection.

Risk Identification

It is the process consisting of self-examination. Managers identify the critical information assets at this stage. The important assets may include people, data, network components, software components, and hardware components.

Risk Classification & Prioritization

Risk classification of the assets defined in the risk identification process is than allocated, in to useful groups with priorities depending on the business impact of each asset. The organization should answer these questions:

• Information asset that contributes to the success of an organization
• The most revenue generating information asset in an organization
• The highest profit generating information asset in an organization
• Information assets associated with high cost to replace in the organization
• Information assets that are costly to protect in an organization
• Extremely important information asset that an organization cannot afford to lose or damaged

It is vital for the organization to identify the valuable assets related to core business process. A list of crucial assets is defined, along with vulnerabilities, which may affect them; as a result, overall organization will be effected due to disruption in core business processes. Each asset will not be considered, as it will make the project too complex and time consuming. Vulnerabilities are defined as the specific possibilities, which can threat agents to deploy an attack to the information assets of the organization.

Information Assets Evaluation

In order to evaluate assets, three examples are shown to demonstrate the likelihood of each vulnerability within a wireless network along with its value, current controls and uncertainty.

Asset A:

The wireless network of the organization has risks of exposing the network to other wireless networks. It is susceptible to be hacked at a likelihood of 0.2 and is subject to an SNMP buffer overflow attack at a likelihood of 0.1. The wireless access point has an impact rating of 90 and

Asset B:

Electronic transaction on the wireless network are not safe as they by sending it invalid Unicode values that may also affect the critical assets on the network.  The likelihood of that attack is estimated at 0.1. The server has been assigned an impact value of 100, and a control has been implanted that reduces the impact of the vulnerability by 75%. There is an 80% certainty of the assumptions and data.

Asset C:

In order to monitor the performance and activities related to the wireless network, monitoring software is in place without any passwords equipped with it. It has no passwords and is susceptible to unlogged misuse by the operators. Estimates show the likelihood of misuse is 0.1. There are no controls in place on this asset; it has an impact rating of five. There is a  90% certainty of the assumptions and data.

References

Computer emergency response team. (2007). Network Dictionary, , 115-115.