Discuss the two (2) topics you learned the most about during this course. Discuss how these topics can help you in your current job, or a job that you hope to have in the future. Do not simply copy topics from the book or from previous work. I want your personal reflection of what you have learned and how this course has benefited you!
I am adding my classmate’s response for the above question. You will have to write response for each post in 100 words. No references needed.
Discussion 1:
I currently work as a System Administrator at American Electric Power (AEP). As part of my role, I manage all the security role groups, user access, system configuration settings, and overall maintenance of the system from a System Administrator view-point. I have learned several things from this course, which directly relates to my current work responsibilities.
Firstly, after analyzing the Citibank backup tape lost incident, I learned about the various contingency planning processes. There are three contingency planning processes – Business Continuity Planning (BCP), Incident Response Planning (IR), and Disaster Recovery Planning (DRP). We do follow Incident Response planning for all security related incidents. It helps in preparing an effective response to a security (or cybersecurity) incident. This incident response plan also feeds into the risk management plan depending upon the severity and priority of the issue/incident. An Incident response plan also tracks the activities which were performed in that incident, and hence it is a useful tool/process for an organization to have an incident response plan. The next key process is the Business Continuity planning (which was lacking by Citibank in their backup tape lost incident). Our company (AEP) has a documented Business Continuity plan, which we test it annually, and ensure that the company’s operation can run smoothly in-case of a disaster. BCP is the most important component of Disaster Recovery planning.
Secondly, I learned the importance and value of Incident Reporting. As part of my job, I work on resolving several incidents, and I truly understand the significance of the incident details provided by the user. Also, it is very crucial to report an incident timely and the user should not share their personal and emotional feelings while describing an incident. A screenshot of the error message/issue can be very beneficial in tracking and analyzing an incident. In our organization (AEP), there are monthly training sessions for all users in order to educate them regarding incident reporting best practices. Also, our company uses Service-Now tool, which has been customized in order to make it more user friendly, so the incident reporting can be easier, timely, and efficient (Norman, 2020).
Discussion 2:
Final Reflection – Disaster Recovery
The primary aim of this course is understand the best practices for the industry to minimise the impacts of uncertain incidents on the business and protect the vital asserts by taking the right recovery plans. Since business continuity is most important to face the disasters, it is most important to work on all the key practices to quickly resume the business operations followed by the disasters and minimise the severity of the incidents. In the current course, several topics covered so far which help to improve the recovery plans and limit the challenges regarding the disasters in the organizations.
All the topics covered in the given course helps to manage the overall outcomes for the business and two most important topics I believe is:
1. Role of end users in the incident reporting
2. Network intrusion attacks
In the recent days, security professionals are taking the assistance from the end users so that they can thoroughly work on the recovery strategies and look for the better ways to manage the overall outcomes of the business. In order to handle the potential services and look for the netter ways, companies are working on the best security programs and minimising the challenges.
After taking this course, able to understand the importance of recovery strategies for the business and how to protect the major assets from the uncertain impacts. Since risk and uncertain situations in the workplaces are unavoidable, it is most important to work on the business recovery policies and minimise the challenges in the possible ways. In order to handle the challenges and look for the new ways, it is important to understand the role of DR in the business and minimise the major challenges which may affect the overall strategic business outcomes. I glad to be a part of disaster recovery course.