Question Description

paper should include the following sections :

    • Conduct research to establish ROI
      • Find examples of cybersecurity incidents in similar organizations
      • To identify the total cost of an incident, consider the direct costs of manpower, equipment, and lost production time, and also other indirect costs, such as the potential cost of lost business and damage to the company’s reputation and brand image.
  • Mission and vision statement for the CSIRT
  • Identify key stakeholders that the CSIRT will serve, and how you will
  • Determine the scope and levels of service the CSIRT would provide
  • Staffing Recommendations – identifying and procuring personnel, equipment, and infrastructure requirements for the CSIRT
    • Identify and utilize existing information security technical staff and resources to support the CSIRT activities (when needed)
    • Identify any needed external resources needed
  • Develop what you believe are the top 5 key CSIRT policies and procedures (based on best practices and everything you have reviewed and learned in this course, and any additional resources needed) that should guide all other policies and processes, given iFinance’s industry, size, structure, etc.
  • Define the CSIRT reporting structure, authority, and organizational model to ensure that the team has the access, funding, and a clear mandate
  • Estimate the amount of additional funding needed to implement and maintain the CSIRT
  • Communications plan to make security a priority for iFinance’s many employees in offices distributed throughout 25 states
  • Establish a proposed timeline for implementing the CSIRT