select an arbitrary organization. You may choose one with which you are familiar, but you do not need to disclose its identity. Assume you are the IT security manager. You frequently find traffic to and from suspicious websites which could indicate malware, a configuration problem, or misuse. You think that, as a starting point, having an incident response plan in place would be beneficial. You decide to submit a proposal to your CEO. Based on your readings and through additional research write a 4- to 6-page proposal to the CEO. Use this as an outline for your proposal: Begin your proposal by briefly describing the organization and its nature of functions. Again, if it is one with which you are familiar, you do not need to identify it. Your proposal should include the following sections: Incident Response Plan Details: Explain the benefits of an incident response plan. Identify and explain with reasonable details the steps to isolate, respond, and recover after an attack (incident) is discovered. Identify the teams that should be involved in the incident response process. Explain their roles. Incident Communication Requirements: Identify and explain the type of communication and reporting to different internal stakeholders that will be necessary after you have discovered an attack. What are the legal, ethical, and other considerations if personal customer data has been stolen? Considering the breach laws in your home country, at which point would you disclose such a breach to law enforcement and communicate with customers?
