First and foremost my name is XXXXXXXXX and I am the Senior Manager here at Gem Infosys. Here at Gem Infosys we are dedicated to protecting our organizations from attacks such as malware, adware, viruses and DDOS. Here at Gem Infosys we have also implemented some security protocols and a security policy for all our employees to adhere too as well. Under this incident response policy there will be the steps necessary to prepare, detect, contain and eradicate, recover, and reduce the network down time if any future incidents occur.
The first thing we have to do is to determine the point of contact. Once that is determined, we will assemble an incident response team. The team will consist of a team leader, a network/security analyst, an internal and/or external subject matter expert, a legal counsel, a public affairs officer, and a security office contact. Once a team is assembled, the team will need to acquire the equipment necessary to detect, contain, and recover from an incident; establish the procedures and guidelines for the use of the equipment obtained; and train those who will use the equipment (Conklin, 2010). Once the suspected incident has occurred, the team must determine what type of incident has occurred, to ensure that it wasn’t a user error. All incidents will be handled as a possible security threat until they can determine whether it is or isn’t.
Once the incident response team has determined that an incident most likely has occurred, they must attempt to quickly contain the problem and restore operations as quickly as possible. The threat must be contained and eradicated as quickly as possible. There might be certain circumstances, such as if specific regulations or laws require us to report the incident, management staff will be required to follow specific procedures needed to obtain potential
