Incident Response Plan Presentation
Consider this scenario: A cyber-attack occurred in a healthcare organization resulting in significant data loss. You have been called as an information security management consultant to create recommend an incident response plan for this incident and will need to present it to the executive board of the healthcare organization.
Develop a 10- to 12-slide multimedia-rich presentation of your recommended incident response plan to mitigate or reduce impact to the organization.
- Define incident response plan goal and scope for this cyber attack.
- Analyze the impact and severity of the cyber-attack by applying a business impact analysis (BIA) to the organization including mission performance, regulatory requirements, and compliance.
- Identify the communication requirements including criteria for escalation and relation to organization reporting and regulatory requirements.
- Explain the process for responding to this incident.
- Describe the relationship with other organization processes and methods, such as disaster recovery planning and business continuity planning (BIA).
- Recommend prioritization, resource requirements, and any opportunity created by the event.
Use appropriate images and charts where applicable. Include a slide with APA-formatted references
Follow below suggestions for success in this assignment:
Submit a presentation that shares your recommended incident response plan for a cyber-attack that occurred at a healthcare organization. The audience of the presentation is the healthcare organization’s executive board. The goal of the incident response plan is to mitigate or reduce the impact of the cyber-attack to the organization.
In your PowerPoint, ensure you address the assignment requirements and rubric. This will be accomplished with a mix of content on the slides and in the speaker Notes sections of PowerPoint. Remember: the slides are what the audience will see and read; the Notes section shows what you’d be saying while they look at the slides. Slides and notes should go together, but not be strictly repetitive (i.e. you would not want to read slides to your audience).
Rubric requirement 7 states that the presentation must “creatively incorporate appropriate images and charts to support the plan.” So, as you’re putting together your presentation and addressing all of the other content requirements, be sure there are appropriate and effective images, charts, SmartArt, or figures that illustrate the content requirements and help show the content that you are explaining.
Start the presentation with a title slide that includes words of introduction in the Notes section. Then, the presentation should address the following sections in the body of the presentation:
Goal and Scope
The rubric requires that the presentation “clearly defines the goal and scope of the incident response plan.” To do this, ensure you have a stated goal for the incident response plan, and then identify and describe the scope of that plan. This will set a sort of overview of the plan for the rest of the presentation.
Impact and Severity
The rubric requires that the presentation “fully analyzes the impact and severity of the cyber-attack with a business impact analysis (BIA).” To do this, include:
- Provide a Business Impact Analysis (BIA)
- Describe the impact of the cyber-attack on the organization
- Explain how sever the cyber-attack was for the organization
The rubric requires that the presentation “accurately identifies the communication requirements including criteria for escalation and organization reporting and regulatory requirements.” To do this, ensure that you:
- Identify who the organization must communicate with
- Explain how the organization must communicate with them
- Show and explain the criteria for how the information about the cyber-attack must be escalated within the organization and outside the organization
- Identify and explain what the organization’s requirements are for reporting to authorities
- Identify and explain what the organization’s requirements are for complying with regulatory requirements
The rubric requires that the presentation “thoroughly explains the process for responding to this incident.” This means you need to illustrate and explain the process steps that the organization needs to follow to respond to the cyber-attack. Show the process and explain all the steps of the process.
Relationship with Other Organization Processes
The rubric requires that the presentation “thoroughly describes the relationship with other organization processes.” To accomplish this, you need to:
- Identify other organizational processes that are related to and/or intersect with the cyber-attack response process
- Describe how those other processes intersect or have a relationship with the cyber-attack process
The rubric requires that the presentation “provides insightful recommendations for prioritization, resource requirements, and opportunities created by the incident.” To accomplish this, you must:
- List and explain your recommendations about what the organization must prioritize in their response to the cyber-attack
- List and explain your recommendations for what resources will be required for the organization to respond to the cyber-attack
- List and explain your recommendations for what opportunities the cyber-attack creates for the organization
Have a slide that sums up the key points and asks the audience for questions.
Have a slide that lists the reference entries for any sources that you quoted, paraphrased, and cited in the presentation.