Title: ISACA’s CISM Domain 4: Information Security Incident Management
1ISACAs CISM Domain 4 Information Security
Incident Management
www.infosectrain.com sales_at_infosectrain.com
2www.infosectrain.com sales_at_infosectrain.com
3- CISM Domains
- Information Security Governance
- Information Risk Management
- Information Security Program Development and
Management - Information Security Incident Management
- In this blog, let us discuss the fourth domain of
ISACAs CISM, Information Security Incident
Management. - Before directly jumping into incident management,
let us first discuss what a security incident
actually is. Why do security incidents occur? And
then, we will go to the Security Incident
Management process and its best practices. So go
through this blog thoroughly to understand
Security Incident Management.
www.infosectrain.com sales_at_infosectrain.com
4Security Incident An information security
incident is a successful, attempted, imminent, or
suspected threat of an unauthorized breach,
access, destruction, disclosure, or modification
of information. In simple terms, an incident is
an event that compromises the confidentiality,
integrity, and availability of an information
asset. Why do security incidents occur? There
are many reasons why security incidents occur,
but here are a few very common ones Social
Engineering Social Engineering is a very common
attack style used by many cyber attackers. Social
Engineering is a widespread technique because
attackers need to follow a few simple steps to
get into the target system. Lets say they can
get into the targets system just by creating a
convincing malicious email. Or just by physically
standing beside the target when they are entering
their passwords. And if we are not careful enough
when clicking email links and entering passwords
in public places, this may be the biggest reason
why incidents occur.
www.infosectrain.com sales_at_infosectrain.com
5Too many permissions If you dont limit who can
have access to what in your organization, youre
giving the hacker the most valuable gift. Because
if you give too many irrelevant permissions to
all the employees and users, a hacker can easily
mask himself as one of your users and exploit
your organizations information. Malware Malware
, both direct and indirect, is becoming more
popular. Malware is defined as harmful software
installed without the users knowledge and allows
a hacker to exploit a system and maybe other
linked systems. So, be aware of visiting
websites that arent what they appear to be or
receiving emails from someone you dont know,
since these are common ways for malware to
propagate. Insider threats Keep your friends
close and your enemies closer is an apt motto
these days. Rogue employees, disgruntled
contractors, or simply those not bright enough to
know better already have access to your data.
What would keep them from stealing it, modifying
it, or copying it? I think nothing. So, be aware
of who you are dealing with, act quickly when
something goes wrong, and make sure that every
procedure and process is backed up with training.
www.infosectrain.com sales_at_infosectrain.com
6We can now take a closer look at the definition
of Security Incident Management. Security
Incident Management The process of recognizing,
monitoring, documenting, and evaluating security
risks or occurrences in real-time is known as
security incident management. It aims to provide
a thorough and comprehensive analysis of any
security vulnerabilities that may arise in an IT
system. An active threat, an attempted incursion,
a successful penetration, and a data leak are all
examples of security incidents.
www.infosectrain.com sales_at_infosectrain.com
7Information Security Incident Management
process As the volume and sophistication of
cyber threats rise, organizations must adopt
practices that will help them identify, respond
to, and mitigate cyber incidents, become more
resilient, and protect themselves from future
attacks. Managing security incidents uses
appliances, software systems, and human
investigators. In general, security incidents are
managed by alerting the incident response team
about the incident. After investigating the
incident, incident responders will assess the
damage and develop a mitigation
plan. https//youtu.be/L37UE1J9E_Y
www.infosectrain.com sales_at_infosectrain.com
8- A multifaceted strategy for security incident
management must be implemented to ensure the IT
environment is truly secure. According to ISO/IEC
Standard 27035, a security incident should be
managed by following a five-step process - Prepare to trade in a variety of situations.
- Through monitoring, identify possible security
incidents and report any instances. - Assess the occurrences that have been identified
in order to determine the best next measures for
risk mitigation. - Contain the incident, investigate it, and come up
with a solution (based on the outcome of step 3). - Every occurrence should be used to learn and
document critical lessons.
www.infosectrain.com sales_at_infosectrain.com
9- Why InfosecTrain?
- InfosecTrain allows you to customize your
training schedules our trainers will provide
one-on-one training. - You can hire a trainer from Infosec Train who
will teach you at your own pace. - As ISACA is our premium training partner, our
trainers know how much and what exactly to teach
to make you a professional. - One more great part is that you will have access
to all our recorded sessions.
That sounds exciting, right? So what are you
waiting for? Enroll in our CISM course and get
certified. Here you can get the best CISM domain
training.
www.infosectrain.com sales_at_infosectrain.com
10About InfosecTrain
- Established in 2016, we are one of the finest
Security and Technology Training and Consulting
company - Wide range of professional training programs,
certifications consulting services in the IT
and Cyber Security domain - High-quality technical services, certifications
or customized training programs curated with
professionals of over 15 years of combined
experience in the domain
www.infosectrain.com sales_at_infosectrain.com
11Our Endorsements
www.infosectrain.com sales_at_infosectrain.com
12Why InfosecTrain
Global Learning Partners
Access to the recorded sessions
Certified and Experienced Instructors
Flexible modes of Training
Tailor Made Training
Post training completion
www.infosectrain.com sales_at_infosectrain.com
13Our Trusted Clients
www.infosectrain.com sales_at_infosectrain.com
14(No Transcript)
15Contact us
Get your workforce reskilled by our certified and
experienced instructors!
IND 1800-843-7890 (Toll Free) / US 1
657-221-1127 / UK 44 7451 208413
sales_at_infosectrain.com
www.infosectrain.com