SlideShare a Scribd company logo

Incident report-final

M
MichaelRodriguesdosS1

post-mortem from microsoft atp course

Technology
1 of 4
Download to read offline
Information Security Incident Report Form Name: Email address: Telephone/Mobile number: Date of report: Incident detection date: Has the incident been resolved (yes/no) Organization name and address: Incident Overview Location of incident (site) Nature of Incident (select all that apply) (a) Suspicious system and network activities (b) Compromise of sensitive information (c) Unauthorized access or attempts to access a system (d) Emails with suspicious attachments or links (e) Denial of service attacks (f) Suspected tampering of electronic devices (g) Malware infection • Cryptlocker • Coin miner • Remote access trojan • Credential harvesting malware • Botnet • Other malware (describe) (h) Reconnaissance (scanning/probing) (i) Social engineering (j) Account compromise Incident Severity (a) None/Negligible (suspicious activity only) (b) Minor (Impacts single computer, non-privileged account) (c) Moderate (Impacts part of the organization’s infrastructure) (d) High (impact’s organization’s entire infrastructure/privileged accounts) (e) Very High (has impact beyond the organization) How did the organization become aware of the incident? Provide a general description of the incident:
Incident Report Incident Impact (select all that apply) (a) Loss of access to services (b) Loss of productivity (c) Loss of reputation (d) Loss of revenue (e) Propagation to other networks (f) Unauthorized disclosure of data/information (g) Unauthorized modification of data/information (h) Unknown/Other (please describe) What steps were taken to investigate the nature and severity of the incident? What systems were impacted? • IP addresses of affected systems: • FQDN of affected systems: • Role of affected systems (Domain controller/DNS/DHCP/Web Server): • Operating systems of affected systems: • Patch level of affected systems: • Security software on affected systems: • Physical location of affected systems: • Additional details: Which applications were impacted? What unauthorized data access occurred? Which privileged user accounts were impacted?
Which unprivileged user accounts were impacted? Which third parties were impacted (Vendors/Contractors/Partners) Sensitivity of Compromised Data (select all that apply) (a) Confidential/Sensitive data (b) Non-sensitive data (c) Publicly available data (d) Financial data (e) Personally identifiable information (PII) (f) Intellectual property (g) Critical infrastructure/key resources (h) Other (describe) What would the consequences be of the data that was accessed in an unauthorized manner becoming public? What is the time frame of the incident? Suspected initial date/time of compromise: Detection date/time: Incident remediation date/time: How did the breach occur? (select all that apply) (a) DDoS (b) Malware (c) Misconfiguration (d) Phishing (e) Vulnerability exploit (f) Unknown Suspected perpetrators: (a) Insider (b) Former staff (c) Other (d) Unknown Estimated total cost incurred: (Cost to contain incident, restore systems, notify stakeholders) What steps have been taken to remediate the cause of and vulnerabilities related to the incident?
What additional controls should be in place to prevent the incident reoccurring? Do any authorities need to be notified about the details of the incident? Additional impact information:

Recommended

Kingdom Living 1
Kingdom Living 1Kingdom Living 1
Kingdom Living 1Jesus College
 
Cartaz para apresentar os funcionários aos moradores do condomínio
Cartaz para apresentar os funcionários aos moradores do condomínioCartaz para apresentar os funcionários aos moradores do condomínio
Cartaz para apresentar os funcionários aos moradores do condomíniosindiconet
 
Carta troca de sindico
Carta troca de sindicoCarta troca de sindico
Carta troca de sindicosindiconet
 
Modelo de carta de apresentação do novo síndico
Modelo de carta de apresentação do novo síndicoModelo de carta de apresentação do novo síndico
Modelo de carta de apresentação do novo síndicosindiconet
 
Modelo carta de apresentacao novo sindico atualizado
Modelo carta de apresentacao novo sindico atualizadoModelo carta de apresentacao novo sindico atualizado
Modelo carta de apresentacao novo sindico atualizadosindiconet
 
Modelo de carta de apresentacao do novo sindico
Modelo de carta de apresentacao do novo sindicoModelo de carta de apresentacao do novo sindico
Modelo de carta de apresentacao do novo sindicosindiconet
 
Building a World in the Clouds: MMO Architecture on AWS (MBL304) | AWS re:Inv...
Building a World in the Clouds: MMO Architecture on AWS (MBL304) | AWS re:Inv...Building a World in the Clouds: MMO Architecture on AWS (MBL304) | AWS re:Inv...
Building a World in the Clouds: MMO Architecture on AWS (MBL304) | AWS re:Inv...Amazon Web Services
 
Lets Encrypt!
Lets Encrypt!Lets Encrypt!
Lets Encrypt!Joerg Henning
 

Recommended

Kingdom Living 1
Kingdom Living 1Kingdom Living 1
Kingdom Living 1Jesus College
 
Cartaz para apresentar os funcionários aos moradores do condomínio
Cartaz para apresentar os funcionários aos moradores do condomínioCartaz para apresentar os funcionários aos moradores do condomínio
Cartaz para apresentar os funcionários aos moradores do condomíniosindiconet
 
Carta troca de sindico
Carta troca de sindicoCarta troca de sindico
Carta troca de sindicosindiconet
 
Modelo de carta de apresentação do novo síndico
Modelo de carta de apresentação do novo síndicoModelo de carta de apresentação do novo síndico
Modelo de carta de apresentação do novo síndicosindiconet
 
Modelo carta de apresentacao novo sindico atualizado
Modelo carta de apresentacao novo sindico atualizadoModelo carta de apresentacao novo sindico atualizado
Modelo carta de apresentacao novo sindico atualizadosindiconet
 
Modelo de carta de apresentacao do novo sindico
Modelo de carta de apresentacao do novo sindicoModelo de carta de apresentacao do novo sindico
Modelo de carta de apresentacao do novo sindicosindiconet
 
Building a World in the Clouds: MMO Architecture on AWS (MBL304) | AWS re:Inv...
Building a World in the Clouds: MMO Architecture on AWS (MBL304) | AWS re:Inv...Building a World in the Clouds: MMO Architecture on AWS (MBL304) | AWS re:Inv...
Building a World in the Clouds: MMO Architecture on AWS (MBL304) | AWS re:Inv...Amazon Web Services
 
Lets Encrypt!
Lets Encrypt!Lets Encrypt!
Lets Encrypt!Joerg Henning
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfPriyanka Aash
 
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)WAJAHAT IQBAL
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness courseAbdul Manaf Vellakodath
 
Why My E Identity Needs Protection
Why My E Identity Needs ProtectionWhy My E Identity Needs Protection
Why My E Identity Needs Protectionecarrow
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingKeith Brooks
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for businessDaniel Thomas
 
Securing GIS data
Securing GIS dataSecuring GIS data
Securing GIS dataJoachim Van der Auwera
 
Hacking and protecting yourself from hackers .
Hacking and protecting yourself from hackers .Hacking and protecting yourself from hackers .
Hacking and protecting yourself from hackers .Preethi T G
 
Using Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsUsing Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsZivaro Inc
 
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CK
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CKPennington - Defending Against Targeted Ransomware with MITRE ATT&CK
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CKAdam Pennington
 
Computer security
Computer securityComputer security
Computer securityMahesh Singh Madai
 
Security and Privacy.PDF
Security and Privacy.PDFSecurity and Privacy.PDF
Security and Privacy.PDFChetanmalviya8
 
Regan, Keller, SF State Securing the vendor mr&ak
Regan, Keller, SF State Securing the vendor mr&akRegan, Keller, SF State Securing the vendor mr&ak
Regan, Keller, SF State Securing the vendor mr&akDET/CHE Directors of Educational Technology - California in Higher Education
 
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdfonlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdfjainutkarsh078
 
Online security and payment system
Online security and payment systemOnline security and payment system
Online security and payment systemGc university faisalabad
 
Threats to system power point 1
Threats to system power point 1Threats to system power point 1
Threats to system power point 1Rebecca Jones
 
CH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfCH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfWajdiElhamzi3
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSebastien Deleersnyder
 
Introduction to Cyber Crime
Introduction to Cyber CrimeIntroduction to Cyber Crime
Introduction to Cyber CrimeDr Raghu Khimani
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5sabtolinux
 
Post naval thesis in cyber security
Post naval thesis in cyber securityPost naval thesis in cyber security
Post naval thesis in cyber securityMichaelRodriguesdosS1
 
Ims16 thesis-knabl-v1.1
Ims16 thesis-knabl-v1.1Ims16 thesis-knabl-v1.1
Ims16 thesis-knabl-v1.1MichaelRodriguesdosS1
 

More Related Content

Similar to Incident report-final

Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfPriyanka Aash
 
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)WAJAHAT IQBAL
 
Why My E Identity Needs Protection
Why My E Identity Needs ProtectionWhy My E Identity Needs Protection
Why My E Identity Needs Protectionecarrow
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for businessDaniel Thomas
 
Hacking and protecting yourself from hackers .
Hacking and protecting yourself from hackers .Hacking and protecting yourself from hackers .
Hacking and protecting yourself from hackers .Preethi T G
 
Using Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsUsing Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsZivaro Inc
 
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CK
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CKPennington - Defending Against Targeted Ransomware with MITRE ATT&CK
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CKAdam Pennington
 
Security and Privacy.PDF
Security and Privacy.PDFSecurity and Privacy.PDF
Security and Privacy.PDFChetanmalviya8
 
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdfonlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdfjainutkarsh078
 
Threats to system power point 1
Threats to system power point 1Threats to system power point 1
Threats to system power point 1Rebecca Jones
 
CH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfCH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfWajdiElhamzi3
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSebastien Deleersnyder
 
Introduction to Cyber Crime
Introduction to Cyber CrimeIntroduction to Cyber Crime
Introduction to Cyber CrimeDr Raghu Khimani
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5sabtolinux
 

Similar to Incident report-final (20)

Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
 
Why My E Identity Needs Protection
Why My E Identity Needs ProtectionWhy My E Identity Needs Protection
Why My E Identity Needs Protection
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for business
 
Securing GIS data
Securing GIS dataSecuring GIS data
Securing GIS data
 
Hacking and protecting yourself from hackers .
Hacking and protecting yourself from hackers .Hacking and protecting yourself from hackers .
Hacking and protecting yourself from hackers .
 
Using Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsUsing Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced Threats
 
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CK
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CKPennington - Defending Against Targeted Ransomware with MITRE ATT&CK
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CK
 
Computer security
Computer securityComputer security
Computer security
 
Security and Privacy.PDF
Security and Privacy.PDFSecurity and Privacy.PDF
Security and Privacy.PDF
 
Regan, Keller, SF State Securing the vendor mr&ak
Regan, Keller, SF State Securing the vendor mr&akRegan, Keller, SF State Securing the vendor mr&ak
Regan, Keller, SF State Securing the vendor mr&ak
 
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdfonlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
 
Online security and payment system
Online security and payment systemOnline security and payment system
Online security and payment system
 
Threats to system power point 1
Threats to system power point 1Threats to system power point 1
Threats to system power point 1
 
CH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfCH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdf
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 seba
 
Introduction to Cyber Crime
Introduction to Cyber CrimeIntroduction to Cyber Crime
Introduction to Cyber Crime
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5
 

More from MichaelRodriguesdosS1

More from MichaelRodriguesdosS1 (12)

Post naval thesis in cyber security
Post naval thesis in cyber securityPost naval thesis in cyber security
Post naval thesis in cyber security
 
Ims16 thesis-knabl-v1.1
Ims16 thesis-knabl-v1.1Ims16 thesis-knabl-v1.1
Ims16 thesis-knabl-v1.1
 
Convolutional Neural Networks
Convolutional Neural Networks Convolutional Neural Networks
Convolutional Neural Networks
 
Bitcoin Crime Investigation
Bitcoin Crime InvestigationBitcoin Crime Investigation
Bitcoin Crime Investigation
 
Malware Analysis
Malware Analysis Malware Analysis
Malware Analysis
 
AWS Pentesting
AWS PentestingAWS Pentesting
AWS Pentesting
 
Investigation in deep web
Investigation in deep webInvestigation in deep web
Investigation in deep web
 
Hipaa basics
Hipaa basicsHipaa basics
Hipaa basics
 
Iot developer-survey-2019
Iot developer-survey-2019Iot developer-survey-2019
Iot developer-survey-2019
 
Securing io t_with_aws
Securing io t_with_awsSecuring io t_with_aws
Securing io t_with_aws
 
Incident Response
Incident ResponseIncident Response
Incident Response
 
Incident report-final
Incident report-finalIncident report-final
Incident report-final
 

Recently uploaded

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 

Incident report-final

  • 1. Information Security Incident Report Form Name: Email address: Telephone/Mobile number: Date of report: Incident detection date: Has the incident been resolved (yes/no) Organization name and address: Incident Overview Location of incident (site) Nature of Incident (select all that apply) (a) Suspicious system and network activities (b) Compromise of sensitive information (c) Unauthorized access or attempts to access a system (d) Emails with suspicious attachments or links (e) Denial of service attacks (f) Suspected tampering of electronic devices (g) Malware infection • Cryptlocker • Coin miner • Remote access trojan • Credential harvesting malware • Botnet • Other malware (describe) (h) Reconnaissance (scanning/probing) (i) Social engineering (j) Account compromise Incident Severity (a) None/Negligible (suspicious activity only) (b) Minor (Impacts single computer, non-privileged account) (c) Moderate (Impacts part of the organization’s infrastructure) (d) High (impact’s organization’s entire infrastructure/privileged accounts) (e) Very High (has impact beyond the organization) How did the organization become aware of the incident? Provide a general description of the incident:
  • 2. Incident Report Incident Impact (select all that apply) (a) Loss of access to services (b) Loss of productivity (c) Loss of reputation (d) Loss of revenue (e) Propagation to other networks (f) Unauthorized disclosure of data/information (g) Unauthorized modification of data/information (h) Unknown/Other (please describe) What steps were taken to investigate the nature and severity of the incident? What systems were impacted? • IP addresses of affected systems: • FQDN of affected systems: • Role of affected systems (Domain controller/DNS/DHCP/Web Server): • Operating systems of affected systems: • Patch level of affected systems: • Security software on affected systems: • Physical location of affected systems: • Additional details: Which applications were impacted? What unauthorized data access occurred? Which privileged user accounts were impacted?
  • 3. Which unprivileged user accounts were impacted? Which third parties were impacted (Vendors/Contractors/Partners) Sensitivity of Compromised Data (select all that apply) (a) Confidential/Sensitive data (b) Non-sensitive data (c) Publicly available data (d) Financial data (e) Personally identifiable information (PII) (f) Intellectual property (g) Critical infrastructure/key resources (h) Other (describe) What would the consequences be of the data that was accessed in an unauthorized manner becoming public? What is the time frame of the incident? Suspected initial date/time of compromise: Detection date/time: Incident remediation date/time: How did the breach occur? (select all that apply) (a) DDoS (b) Malware (c) Misconfiguration (d) Phishing (e) Vulnerability exploit (f) Unknown Suspected perpetrators: (a) Insider (b) Former staff (c) Other (d) Unknown Estimated total cost incurred: (Cost to contain incident, restore systems, notify stakeholders) What steps have been taken to remediate the cause of and vulnerabilities related to the incident?
  • 4. What additional controls should be in place to prevent the incident reoccurring? Do any authorities need to be notified about the details of the incident? Additional impact information: