Please enable JavaScript.
Coggle requires JavaScript to display documents.
LO4 Understand how to manage cyber security incidents (4.2 : Cyber…
LO4 Understand how to manage cyber security incidents
4.1 : Responding to an incident
Responsibilities: who is involved? What are their responsibilities
Who to contact
Procedures: What are they? When? What order? Why are they important
Extent of the incident; Impact - hardware, software, data, network
Contain the incident
Eradicate the incident
Reduce the impact and recovery
4.2 : Cyber security incident report
Incident title and data
Target of the incident
Incident Category
Critical : Not able to provide critical services, lives may be lost
Significant : Loss of reputation, Disruption to services and financial loss
Minor : Inconvenience, loss of efficiency
Negligible : Minimal impact
Description of incident
Type of attacker
external
Internal
Individual, Group or government
Purpose of the incident
Techniques used
Capability of the attacker : How effective the attacker was
Impacts of the attack on : business, data, recovery time