Cybersecurity assignment | Information Systems homework help

Propose an incident response plan to prepare an organization (Sony Pictures Entertainment) in the event of an attack

If you are completing your ongoing project on Sony Pictures Entertainment, you are required to create an incident response plan that the organization should have followed in light of the 2014 hack. For example, detail the detection, analysis, and containment strategies it should have employed, the crisis communications plan it should have adhered to, and recommendations for successful eradication and recovery. 

Introduction 

It is important for your incident response strategy to meet the requirements of Sony Pictures context. Write a short introduction summarizing your type of organization Sony Pictures Entertainment), and an overview of the business-critical assets Sony Pictures Entertainment relies on.  What are Sony’s Critical infrastructure / Assets?

(Approx. 150 words) 

Step 1: Prevention

Describe the measures Sony Picture Entertainment will take to protect against a cyberattack from both a technical and non-technical perspective. 

(Approx. 150 words)

Start writing here: 

Step 2: Planning 

List the individuals involved in your incident response team and their roles (SPE). Ensure that the roles, responsibilities, and structure of your team meets the requirements of your organizational context. 

A cyber crisis communication plan is compiled in this phase, but in this incident response plan, include your plan under Step 7: Communication.  

(Approx. 200 words) 

 Start writing here: 

Step 3: Preparation 

You are required to detail one training exercise the incident response team will undergo. Include specific examples of scenarios or questions, and explain why you have chosen it. 

(Approx. 150 words) 

Start writing here: 

Step 4: Detection

List the tools Sony Pictures Entertainment would use to detect a breach. 

(Approx. 150 words) 

Start writing here: 

Step 5: Analysis 

Explain how Sony Pictures Entertainment would analyze whether an incident is a cyberattack. Also describe how you would categorize and prioritize cyberattacks in Sony Pictures Entertainment.

(Approx. 200 words) 

Start writing here: 

Step 6: Containment 

Describe how your SPE would prevent a cyberattack from spreading further.

(Approx. 200 words) 

Start writing here:

 

Step 7: Communication 

As per Section 4 of the Unit 2 notes, compile a cyber crisis communication plan detailing the internal and external stakeholders SPE would need to communicate to in the event of a breach. Describe what communication channels would be used to communicate with these stakeholders. 

(Approx. 250 words) 

Start writing here: 

Step 8: Eradication 

Provide insight into the approaches and decisions the team will take to remove the threat from Sony’s internal system.

(Approx. 150 words)  

Start writing here: 

Step 9: Recovery

Describe what steps SPE will take to return to its normal operations. 

(Approx. 150 words) 

Start writing here: 

Step 10: Post-event analysis 

List the processes that would need to be followed to ensure that lessons learned are implemented. 

(Approx. 150 words) 

Start writing here: 

Note: 

The word counts for each question serve as a guide; your submission should not exceed 2,000 words in its entirety.  

Note: 

The incident response plan is a central part of an Sony’s cyber risk mitigation strategy. Please consult the grading breakdown in the Orientation Module course handbook for more information.  

Your ongoing project submission will be graded according to the following rubric:

Very poor Poor Satisfactory Very good Exceptional

Adherence to brief 

All sections in the template are completed. 

Answer falls within the prescribed word count (2,000 words). 

No submission.

OR

Student fails to address any element of the brief. (0)

Some key elements are not addressed. Most information provided is irrelevant.  

OR 

Answer does not fall within the prescribed word count (100 words over the word count). (5.5) Student adheres to most of the brief. Sufficient information is provided and is mostly relevant. (7) Student adheres to almost all elements of the brief. Almost all information is provided and is relevant. (8.5) Student fully adheres to the brief. All information provided is comprehensive and relevant. (10)

Organizational context and preventative measures 

Student clearly outlines the context of their chosen organization, and the business-critical assets this organization relies on.

Student accurately describes the measures the chosen organization will take to prevent a cyberattack from both a technical and non-technical perspective. 

Student thinks critically and incorporates learnings from the content. No submission.

OR 

Student fails to clearly outline the context of their chosen organization and the measures it will take to prevent a cyberattack from occurring. 

There is no evidence that the student has used the content covered in the course to inform their response. (0) Student shows an incomplete understanding of their chosen organization’s context and the measures taken to prevent a cyberattack from occurring. 

There is some evidence that the student has engaged with the content covered in the course, but this is not always accurately applied. (5.5) Student demonstrates satisfactory understanding of their chosen organization’s context and the measures taken to prevent a cyberattack from occurring.  

The student has clearly engaged with the content covered in the course, but a more nuanced answer is required. (7) Student demonstrates a strong understanding of their chosen organization’s context and the measures it will take to prevent a cyberattack from occurring. 

The answer shows a strong grasp of the content. (8.5)   Student demonstrates a thorough and an incisive understanding of their chosen organization’s context and the measures it will take to prevent a cyberattack from occurring. 

The student critically applies their learning from the course. (10)

Planning and preparation

Student lists the individuals that will be involved in their chosen organization’s response team, and their roles.

Student details one training exercise the incident response team will undergo to prepare them for a cyberattack, and provides reasoning for their choice.

Student thinks critically and incorporates learnings from the content. No submission.

OR 

Student fails to clearly identify the individuals who will be included in the incident response team, or the training that will be required to prepare this team for an attack.

There is no evidence that the student has used the content covered in the course to inform their response. (0) Student shows an incomplete understanding of the individuals who will be included in the incident response team, and the training that will be required to prepare this team for an attack.

There is some evidence that the student has engaged with the content covered in the course, but this is not always accurately applied. (5.5) Student demonstrates satisfactory understanding of the individuals who will be included in the incident response team, and the training that will be required to prepare this team for an attack.

The student has clearly engaged with the content covered in the course, but a more nuanced answer is required. (7) Student demonstrates a strong understanding of the individuals who will be included in the incident response team, and the training that will be required to prepare this team for an attack.

The answer shows a strong grasp of the content. (8.5)   Student demonstrates a thorough and an incisive understanding of the individuals who will be included in the incident response team, and the training that will be required to prepare this team for an attack.

The student critically applies their learning from the course. (10)

Detect, analyze, and contain

Student lists the tools their chosen organization would use to detect a breach.

 

Student explains how their chosen organization would analyze whether an incident is a cyberattack, and how they would categorize and prioritize cyberattacks. 

Student describes how their chosen organization would prevent a cyberattack from spreading further.

Student thinks critically and incorporates learnings from the content. No submission.

OR 

Student fails to clearly identify the tools their organization would use to detect a breach, how their organization would go about analyzing, categorizing, and prioritizing an attack, and how their organization would prevent a cyberattack from spreading further.

There is no evidence that the student has used the content covered in the course to inform their response. (0) Student shows an incomplete understanding of the tools their organization would use to detect a breach, how their organization would go about analyzing, categorizing, and prioritizing an attack, and how their organization would prevent a cyberattack from spreading further.

There is some evidence that the student has engaged with the content covered in the course, but this is not always accurately applied. (5.5) Student demonstrates satisfactory understanding of the tools their organization would use to detect a breach, how their organization would go about analyzing, categorizing, and prioritizing an attack, and how their organization would prevent a cyberattack from spreading further.

The student has clearly engaged with the content covered in the course, but a more nuanced answer is required. (7) Student demonstrates a strong understanding of the tools their organization would use to detect a breach, how their organization would go about analyzing, categorizing, and prioritizing an attack, and how their organization would prevent a cyberattack from spreading further.

The answer shows a strong grasp of the content. (8.5)   Student demonstrates a thorough and incisive understanding of the tools their organization would use to detect a breach, how their organization would go about analyzing, categorizing, and prioritizing an attack, and how their organization would prevent a cyberattack from spreading further.

The student critically applies their learning from the course. (10)

Communicate and eradicate

Student compiles a cyber crisis communication plan detailing the internal and external stakeholders their chosen organization would need to communicate to in the event of a breach, and describes what channels would be used to communicate with these stakeholders.

Student identifies the approaches and decisions the team will take to remove the threat from their chosen organization’s internal system.

Student thinks critically and incorporates learnings from the content. No submission.

OR 

Student fails to clearly compile a cyber crisis communication plan, or to describe what channels would be used to communicate with stakeholders during a cyberattack.

Student fails to identify the approaches and decisions the team will take to remove the threat from their chosen organization’s internal system.

There is no evidence that the student has used the content covered in the course to inform their response. (0) Student shows an incomplete understanding of a cyber crisis communication plan and the channels that would be used to communicate with stakeholders during a cyberattack.

Student shows an incomplete understanding of the approaches and decisions the team will take to remove the threat from their chosen organization’s internal system.

There is some evidence that the student has engaged with the content covered in the course, but this is not always accurately applied. (5.5) Student demonstrates satisfactory understanding of a cyber crisis communication plan, and the channels that would be used to communicate with stakeholders during a cyberattack.

Student demonstrates a satisfactory understanding of the approaches and decisions the team will take to remove the threat from their chosen organization’s internal system. 

The student has clearly engaged with the content covered in the course, but a more nuanced answer is required. (7) Student demonstrates a strong understanding of a cyber crisis communication plan, and the channels that would be used to communicate with stakeholders during a cyberattack.

Student demonstrates a strong understanding of the approaches and decisions the team will take to remove the threat from their chosen organization’s internal system.

The answer shows a strong grasp of the content. (8.5)   Student demonstrates a thorough and an incisive understanding of a cyber crisis communication plan, and the channels that would be used to communicate with stakeholders during a cyberattack.

Student demonstrates a thorough and incisive understanding of the approaches and decisions the team will take to remove the threat from their chosen organization’s internal system.

The student critically applies their learning from the course. (10)

Recovery and post-event analysis

Student describes what steps their chosen organization will take to return to its normal operations after a cyberattack. 

Student lists the processes that would need to be followed to ensure that lessons learned are implemented. 

Student thinks critically and incorporates learnings from the content. No submission.

OR 

Student fails to clearly describe the steps their organization will take to recover from a cyberattack, or the processes that will be followed to ensure that lessons learned are implemented. 

There is no evidence that the student has used the content covered in the course to inform their response. (0) Student shows an incomplete understanding of the steps their organization will take to recover from a cyberattack, and the processes that will be followed to ensure that lessons learned are implemented. 

There is some evidence that the student has engaged with the content covered in the course, but this is not always accurately applied. (5.5) Student demonstrates satisfactory understanding of the steps their organization will take to recover from a cyberattack, and the processes that will be followed to ensure that lessons learned are implemented. 

The student has clearly engaged with the content covered in the course, but a more nuanced answer is required. (7) Student demonstrates a strong understanding of the steps their organization will take to recover from a cyberattack, and the processes that will be followed to ensure that lessons learned are implemented. 

The answer shows a strong grasp of the content. (8.5)   Student demonstrates a thorough and an incisive understanding of the steps their organization will take to recover from a cyberattack, or the processes that will be followed to ensure that lessons learned are implemented. 

The student critically applies their learning from the course. (10)

Application of course content to organizational context

Student accurately applies the learnings from the course content to their own organization or Sony’s unique context. No submission.

OR

The student has not made use of their organization’s unique organizational context and constraints to inform their response. (0) Student demonstrates a limited understanding of their organization’s unique context and constraints and context. (5.5) Student demonstrates a satisfactory understanding of their organization’s context and constraints; however, a there is room for deeper engagement with its nuances. (7) There is clear evidence that the student has thought about their organization’s unique context and constraints, and catered for this in their strategy accordingly. (8.5) There is strong evidence that the student understands and thinks carefully about their organization’s unique context and constraints, and has provided recommendations in their strategy accordingly. (10) 

Organization of writing

Answers are structured clearly and logically.

No submission or complete lack of logical structure. (0)

Answer has some logical structure, but not enough to justify a passing grade. (5.5) Answer is structured fairly well in terms of logic and clarity. (7) Answer is structured very well in terms of logic and clarity. (8.5) Answer is structured exceptionally well in terms of logic and clarity. (10)

Total: 80 marks

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more
Open chat
Hello, welcome to our site. Kindly send us a message and we will be in contact with you right away. "We are simply the best"