Business Continuity Plan (BCP) That Addresses the Mission Needs And Systems For Recovery Of The Whole Enterprise In The Face Of A Cyber Attack Event

To help ease the concerns of the CISO and other executive officials tied into cyber operations, the chief technology officer (CTO) is asking for processes and procedures regarding exposed systems. You created a security baseline of your nation team's systems in Project 1, and that is a necessary part of determining mission priorities and identifying critical systems in the event of a cyber incident. You've also completed several steps that will provide an assessment of the software life cycle and development, including a development matrix.

Now, as a team, and in accordance with your team agreement, you will create an eight- to 10-page Business Continuity Plan (BCP) that addresses the mission needs and systems for recovery of the whole enterprise in the face of a cyberattack event. This BCP will be used to help the CISO identify current systems and timelines that will be used to bring systems back online and the sequence of events that occur during BCP operations. Make sure that all citations are in proper APA format.

Refer to the following documents to assist you in creating the final portion of the BCP:

Your team's security baseline from Project 1

Contingency Planning Guide for Federal Information Systems for examples of what to include in your BCP

Best Practices for Creating a BCP

Consider and include the following as you develop your BCP:

The BCP should include the software development life cycle assessment and the software development matrix you completed in prior steps.

The BCP should describe the normal operation standards, practices, and procedures for operating systems, including critical systems. Develop standard operating procedures based on what the team identifies as the most critical to least critical to continue business operations. Included in the standard operating procedures and best security engineering practices should be operating system fundamentals, operating system security, management of patches, and operating system protections.

All partner nations at the summit have maintained that there will possibly be the use of an ad-hoc wireless network. The nations' CISOs will have to determine differences between rogue access points and authorized service set identifiers (SSID) and authorized access points. These considerations will have to be included in the BCP.

Limit the scope to communications systems.

The BCP should be tailored to recover from a ransomware attack. Include leadership decision-making options for payouts, such as Bitcoin, which uses block-chain technology. Based on the recent outbreaks of ransomware attacks, identify key components of the given topology and describe how a ransomware incident would be contained or identified if an event occurred inside the given topology. What are the network security threats for a ransomware attack? Include these vectors as scenarios in the BCP and address remediation paths.

The BCP should also include an incident response plan, IR response flow for DDoS, malware, insider threatsóin case of a need to execute the plan, documentation will be used for identified parties to follow to ensure proper communication channels and flow of information/triggers are understood so breakdown does not occur.

When you and your team members have finished, your designated team member should submit the BCP for review and feedback.

Links have Been Edited

Business Continuity Plan (BCP) That Addresses the Mission Needs And Systems For Recovery Of The Whole Enterprise In The Face Of A Cyber Attack Event

  • Order

  • Payment

  • Processing

  • Delivery

Validation error occured. Please enter the fields and submit it again.
Thank You ! Your email has been delivered.