Cybersecurity Assignment
Propose an incident response plan to prepare an organization (Sony Pictures Entertainment) in the event of an attack
If you are completing your ongoing project on Sony Pictures Entertainment, you are required to create an incident response plan that the organization should have followed in light of the 2014 hack. For example, detail the detection, analysis, and containment strategies it should have employed, the crisis communications plan it should have adhered to, and recommendations for successful eradication and recovery.
Introduction
It is important for your incident response strategy to meet the requirements of Sony Pictures context. Write a short introduction summarizing your type of organization Sony Pictures Entertainment), and an overview of the business-critical assets Sony Pictures Entertainment relies on. What are Sony's Critical infrastructure / Assets?
Step 1: Prevention
Describe the measures Sony Picture Entertainment will take to protect against a cyberattack from both a technical and non-technical perspective.
Step 2: Planning
List the individuals involved in your incident response team and their roles (SPE). Ensure that the roles, responsibilities, and structure of your team meets the requirements of your organizational context.
A cyber crisis communication plan is compiled in this phase, but in this incident response plan, include your plan under Step 7: Communication.
Step 3: Preparation
You are required to detail one training exercise the incident response team will undergo. Include specific examples of scenarios or questions, and explain why you have chosen it.
Step 4: Detection
List the tools Sony Pictures Entertainment would use to detect a breach.
Step 5: Analysis
Explain how Sony Pictures Entertainment would analyze whether an incident is a cyberattack. Also describe how you would categorize and prioritize cyberattacks in Sony Pictures Entertainment.
Step 6: Containment
Describe how your SPE would prevent a cyberattack from spreading further.
(Approx. 200 words)
Step 7: Communication
As per Section 4 of the Unit 2 notes, compile a cyber crisis communication plan detailing the internal and external stakeholders SPE would need to communicate to in the event of a breach. Describe what communication channels would be used to communicate with these stakeholders.
Step 8: Eradication
Provide insight into the approaches and decisions the team will take to remove the threat from Sony's internal system.
Step 9: Recovery
Describe what steps SPE will take to return to its normal operations.
Step 10: Post-event analysis
List the processes that would need to be followed to ensure that lessons learned are implemented.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also include a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also Include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.