You are employed by IM Consulting Services (IMCS), who are an incident management consultancy providing security consulting and assurance services to over 500 clients.
Woking Wheels Transport (WWT) is a regional bus company running services on behalf of the local council in Woking, Surrey. The company recently introduced a new ticket booking system that operates on the internal network only and is used by the employees who take bookings over the phone in the office. The office computers are also connected to the Internet, as are several other company computers located around the companys site, such as the maintenance depot.
An employee was recently caught using the network to download and store pirated software. As there are no incident response (IR) processes in place, the employee was able to delete the contraband files and destroy any evidence against them before any action could be taken. Inquiries to instruct a digital forensic specialist to recover the incriminating files were made, but no action was taken as the quotation for the work was too high.
In light of this experience, management have decided to introduce IM procedures, which include software to monitor for suspicious activity. These changes have raised concerns amongst employees about WWT spying on them.
WWT has approached you and asked you to help educate the employees about IM.
a.Create a PowerPoint presentation that provides an explanation of incident management. The presentation should be no more than 7 slides in total length. Of these 7 slides, 1 must be used for the title and 1 must be used for references, leaving 5 slides to cover your presentation content. The presentation should explain any key definitions, why IM is important, as well as the basic process. (10 marks)
b.To support the presentation, WWT has asked that you draft a single side A4 leaflet to hand out to all employees attending the presentation and to leave on the tables in the staff rest area. The leaflet should cover the key steps they should take when they suspect an incident has occurred. (15 marks)
Further guidance
Your presentation should be designed for someone who is familiar with using computers and such services as email or web browsers, but who has not studied cyber security. The presentation must include the four stages of the NIST Incident Response lifecycle and give at least one example of how each stage might apply to WWT. No audience notes are required.
Creating your presentation
Before starting your presentation, we recommend reading our guide to creating effective presentations that you can download here.
The post You are employed by IM Consulting Services (IMCS), who are an incident management consultancy providing security consulting and assurance services to over 500 clients. Woking Wheels Transport (WWT) is a regional bus company running services on behalf of the local council in Woking, Surrey. The company recently introduced a new ticket booking system that operates on the internal network only and is used by the employees who take bookings over the phone in the office. The office computers are also connected to the Internet, as are several other company computers first appeared on My professonal Blog.
