Handling Information Security Incidents: A Model for Marriott International Inc.
Added on 2022-12-30
14 Pages4482 Words23 Views
Security, Audit and
Compliance
1
Compliance
1
Executive Summary
This report is aimed at researching various models and frameworks of handling
information security incidents within a company. Marriott International Inc. is taken as company
for projecting an information security incident handling model in the wake of recent data security
breach in the company. This report includes discussion on the frameworks including ISO/IEC
27035-2:2016: Information Security Incident Management, National Cyber Security Centre
(NCSC), NIST 800-61: Computer Security Incident Handling Guide, CERT: Handbook for
Computer Security Incident Response Teams (CSIRTs) that company can adopt to handle
information security incidents. Then, NIST 800-61: Computer Security Incident Handling Guide
is chosen out of all and a model is developed for the company on its basis to handle the incidents.
Events and Incidents are defined to initiate the plan and based on the incidents defined, Incident
Response Policy, Plan and procedure are created. In it, incident response policy, incident
response plan, procedure elements, sharing information with related outside parties and incident
response team structure are discussed. Then, relationship of the information security incident
response with other information security processes are discussed. Along with a discussion on
role of audit in providing assurance about the effectiveness of incident handling process and the
governance and compliance issues raised and the professional roles involved in managing them.
In the final part, concluding summary of the report is provided followed by the recommendations
made to management regarding regular cyber security processes required to observe and the
flexible cyber security plan it needed to develop and should also provide training to its
employees so that they are able to identify that information of company is being compromised.
2
This report is aimed at researching various models and frameworks of handling
information security incidents within a company. Marriott International Inc. is taken as company
for projecting an information security incident handling model in the wake of recent data security
breach in the company. This report includes discussion on the frameworks including ISO/IEC
27035-2:2016: Information Security Incident Management, National Cyber Security Centre
(NCSC), NIST 800-61: Computer Security Incident Handling Guide, CERT: Handbook for
Computer Security Incident Response Teams (CSIRTs) that company can adopt to handle
information security incidents. Then, NIST 800-61: Computer Security Incident Handling Guide
is chosen out of all and a model is developed for the company on its basis to handle the incidents.
Events and Incidents are defined to initiate the plan and based on the incidents defined, Incident
Response Policy, Plan and procedure are created. In it, incident response policy, incident
response plan, procedure elements, sharing information with related outside parties and incident
response team structure are discussed. Then, relationship of the information security incident
response with other information security processes are discussed. Along with a discussion on
role of audit in providing assurance about the effectiveness of incident handling process and the
governance and compliance issues raised and the professional roles involved in managing them.
In the final part, concluding summary of the report is provided followed by the recommendations
made to management regarding regular cyber security processes required to observe and the
flexible cyber security plan it needed to develop and should also provide training to its
employees so that they are able to identify that information of company is being compromised.
2
Table of Contents
Executive Summary.........................................................................................................................2
Introduction......................................................................................................................................4
Main Body.......................................................................................................................................4
Proposed model – model selection..............................................................................................4
Proposed model – explanation....................................................................................................7
Discussion and evaluation of security incident response with other processes of the company
...................................................................................................................................................10
Conclusion and recommendations.................................................................................................11
References......................................................................................................................................13
3
Executive Summary.........................................................................................................................2
Introduction......................................................................................................................................4
Main Body.......................................................................................................................................4
Proposed model – model selection..............................................................................................4
Proposed model – explanation....................................................................................................7
Discussion and evaluation of security incident response with other processes of the company
...................................................................................................................................................10
Conclusion and recommendations.................................................................................................11
References......................................................................................................................................13
3
Introduction
In today's age, almost data and information of an organisation are maintained on
computer system and data servers over internet. Information security is therefore, critical to the
company to maintain (Sabillon, R. and et.al., 2017). This report is aimed at researching,
proposing, evaluating and applying a suitable model for handling information security incidents
within a company. Marriott International Inc. is taken as company for projecting an information
security incident handling model in the wake of recent data security breach in the company. It is
an American multinational hospitality company which operates and franchises hotels and other
lodging facilities. This report includes discussion on the frameworks that company can adopt to
handle information security incidents. Then, an appropriate framework is chosen out of all and
developed for the company to handle the incidents. Also, discussed below are the relationship of
the information security incident response with other information security processes such as risk
management, role of audit in providing assurance that the incident handling process is effective
and the governance and compliance issues raised and the professional roles involved in
managing them. In the final part, strengths and weaknesses of the model are presented as
conclusion along with the recommendations to the management and the impact of any likely
developments in next few years.
Main Body
Proposed model – model selection
An information security incident is an interference with standard information technology
operations of an organisation or in other words, it can be said as a significant violation of
responsible use of information management policy of an organisation (Donaldson and Aslam,
2015). It is a threat of unauthorised access, breach, modification or destruction of information
whether successful or only suspected and attempted. In March 2020, Marriott International
disclosed a security breach which had resulted in data compromise of more than 5.2 million hotel
guests using their loyalty applications (5 Biggest Data Breaches of 2020, 2020). It was assumed
that hackers had obtained credentials of company employees by phishing or credential stuffing to
steal personal information of guests like names, birth-dates, telephone numbers, travel
information, loyalty program information, etc. Even earlier in 2018, hotel had suffered a data
breach. This shows loopholes in information security management of the company.
4
In today's age, almost data and information of an organisation are maintained on
computer system and data servers over internet. Information security is therefore, critical to the
company to maintain (Sabillon, R. and et.al., 2017). This report is aimed at researching,
proposing, evaluating and applying a suitable model for handling information security incidents
within a company. Marriott International Inc. is taken as company for projecting an information
security incident handling model in the wake of recent data security breach in the company. It is
an American multinational hospitality company which operates and franchises hotels and other
lodging facilities. This report includes discussion on the frameworks that company can adopt to
handle information security incidents. Then, an appropriate framework is chosen out of all and
developed for the company to handle the incidents. Also, discussed below are the relationship of
the information security incident response with other information security processes such as risk
management, role of audit in providing assurance that the incident handling process is effective
and the governance and compliance issues raised and the professional roles involved in
managing them. In the final part, strengths and weaknesses of the model are presented as
conclusion along with the recommendations to the management and the impact of any likely
developments in next few years.
Main Body
Proposed model – model selection
An information security incident is an interference with standard information technology
operations of an organisation or in other words, it can be said as a significant violation of
responsible use of information management policy of an organisation (Donaldson and Aslam,
2015). It is a threat of unauthorised access, breach, modification or destruction of information
whether successful or only suspected and attempted. In March 2020, Marriott International
disclosed a security breach which had resulted in data compromise of more than 5.2 million hotel
guests using their loyalty applications (5 Biggest Data Breaches of 2020, 2020). It was assumed
that hackers had obtained credentials of company employees by phishing or credential stuffing to
steal personal information of guests like names, birth-dates, telephone numbers, travel
information, loyalty program information, etc. Even earlier in 2018, hotel had suffered a data
breach. This shows loopholes in information security management of the company.
4
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Security Incident Handling: NIST 800-61 Modellg...
|12
|3803
|48
Security, Audit and Compliance for Marriott Internationallg...
|12
|3474
|52
Computer Cyber Crime and Data Breachlg...
|37
|8250
|57
Computer Information Systemlg...
|6
|1088
|212
CYBER SECURITY.lg...
|3
|415
|7
Cyber Security Part 3lg...
|9
|2221
|135