Consolidated Electronics Group, Inc. is a manufacturer and supplier of avionics equipment to various airlines across the continental United States. Recently, the company has laid off several employees, which left many in the company in a disgruntled state. Now, the information technology (IT) staff has reported to management a significant spike in network attacks numbering in the thousands. Reports from the intrusion detection system (IDS) indicate that two of these potential attacks may have compromised highly classified plans for a new prototype avionics switchboard, which is expected to revolutionize the market. The IT staff suspects that the attacks and potential security breach may have something to do with the recently laid off staff.
The U.S. National Institute of Standards and Technology (NIST) is a recognized authority for providing security standards, guidelines and procedures. NIST provides a large array of other security related documents, which are of great value to information security professionals.
For this assignment, you are asked to use NIST SP 800-61 Rev. 2 http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf
While this document is quite large, you will find Section 3 starting on page 21 helpful for this assignment.
Using the guidance from this NIST document, craft an incident response plan that includes:
- A description of the specific measures that would be taken to investigate a security breach
- An explanation of steps taken to prevent future attacks and to secure the companyâ€™s information systems
- A communication plan to disseminate the results and findings of this event to the organization
Your plan should be two to three pages long and adhere to the APA and writing guidelines.