On the Alert: Crafting an Effective Incident Response Plan (IRP)

Stemming from fiduciary responsibilities, an Information technology (IT) leader’s information systems related due-care drives appropriate information security due-diligence activities. Administrative due-care redresses activity responsibility, whereby due-diligence includes continuously promoting compliance. Interpretively, an organization’s information systems should represent resources committed to collecting data, processing transactions, and communicating operational results within defined legal limits. Consequently, an enterprise’s management must ensure due-diligence is exercised by all individuals involved in the development as well as the deployment of information systems.

There are a variety of potential IT service threats that can convert to intentional or unintentional incidents requiring adequate IT service support. If restoring service normalcy as swiftly as possible and minimizing adverse impacts on entity operations are the primary incident management process goals, then IT support personnel achievement of expected performance levels ensures maintaining the highest possible service quality and availability levels.

• Identify threats that need an Incident Response Plan
• Differentiate the most effective response methods
• How to develop an effective and comprehensive Incident Response Plan
• Proven processes to manage detection and remediation of lost data
• The critical actions companies often fail to execute following a breach
• Identify internal and external communication needs.
• List the responses needed in your company
• Isolate operational challenges and counter-actions.

• Summary of the current data privacy and security landscape
• Understanding data breach response
• Critical components of Cyber Incident Response Plans
• Building an effective internal Incident Response Team
• Communications development before and during an incident
• Recommendations on analyzing your solution providers plan
• How a Cyber Incident Response Plan differs from a Disaster Recovery Plan
• Challenge of incident response in today’s volatile threat landscape 
• Key elements of data breach prevention and response
• Integrating Incident Response into security operations and Development Operations 
• Required people, processes, and technologies

IT is entirely secure when resources are utilized and accessed as intended under all circumstances. Through delegation, every enterprise manager assumes responsibility for maintaining an adequate control system that safeguards assets. However, typically charged with responding to intrusions negatively impacting organizational information assets are information security managers. Thus, security incursions transform information security managers into chief threat firefighters directing resources to extinguish security breach flames. To competently perform this security service, two critical incident response elements are necessary: information and organization.

In today’s world, every organization no matter how large or small needs an Incident Response Plan in place to quickly manage and address the consequences of a breach. How your business responds to a security incident can have a profound impact on its ability to recover from the attack and prevent a future occurrence. The volatility of today’s threat landscape makes an incident response (IR) more challenging than ever. It is no longer sufficient to image hard drives and restore from backups. You must eradicate security breaches before they spread.

This presentation will provide you with valuable insights into building a dynamic and agile IR program. In this Incident Response Webinar, information systems management expert Dr. Robert E. Davis, CISA, CICA will advise users on how a well-designed, pressure-tested Incident Response Plan can save your organization from significant financial, reputational, and regulatory issues.

• Payments professionals
• Accountant
• Operations personnel
• Vendor Managers
• Disaster Recovery professionals
• Call center personnel
• Incident response team members
• Information security analyst
• Chief Security Officer
• Risk Manager
• Chief Information Officer
• Chief Operations Officer
• Information Security Manager
• Chief Executive Officer
• Chief Financial Officer
• Technology Manager
• Auditor

Dr. Robert E. Davis obtained a Bachelor of Business Administration in Accounting and Business Law, a Master of Business Administration in Management Information Systems, and a Doctor of Business Administration in Information Systems Management from Temple, West Chester, and Walden University; respectively. Moreover, during his twenty years of involvement in education, Dr. Davis acquired Postgraduate and Professional Technical licenses in Computer Science and Computer Systems Technology. Dr. Davis also obtained the Certified Information Systems Auditor (CISA) certificate — after passing the 1988 Information Systems Audit and Control Association’s rigorous three hundred and fifty multiple-choice questions examination; and was conferred the Certified Internal Controls Auditor (CICA) certificate by the Institute for Internal Controls.

Since starting his career as an information systems (IS) auditor, Robert has provided data security consulting and IS auditing services to corporations as well as other organizations; in staff through management positions. Before engaging in the practice of IS auditing and information security consulting; Robert (as a corporate employee) provided inventory as well as general accounting services to Philip Morris, USA, and general accounting services to Philadelphia National Bank (Wells Fargo). Furthermore, he has prior experience as a freelance writer of IT audit and information security training material.

Dr. Davis received recognition as an accomplished, energetic auditor, author, and speaker with a sound mix of experience and skills in monitoring and evaluating controls. Based on his accomplishments, Temple University's Fox School of Business and Management Alumni Newsletter, as well as The Institute for Internal Controls e-newsletter featured Dr. Davis. Furthermore, he is an Advisory Board Member of The Institute for Internal Controls, the first and inaugural Temple University CISA in Residence and a founding Temple University Master of Science in IT Auditing and Cyber-Security Advisory Councilmen. Last, he accepted invitations to join Delta Mu Delta International Honor Society, the Golden Key International Honour Society, the Thomson Reuters' Expert Witness List, the IT Governance LTD expert panel, as well as the International Association of IT Governance Standards honorary membership group.