Security breaches and incident handling in organization Research Proposal

Security breaches and incident handling in organization - Research Proposal Example nctions Interest of management to gain control for the security of business functions along with cost These three factors need to be handled to provide better security. In order to tackle all three factors, Christian Fruhwirth, recommended an event based intrusion detection system in 2008. The system will support these three factors by (, SWBC - Thesis: Improving security incident management in multination IT service providers - Software Business Community): Advanced tools incorporated with IDS to detect intrusions and eliminate attacks Standardized frameworks to handle legal compliance Efficient security management application tools to handle the management. Moreover, an article was published related to compromise recovery and incident handling. The article highlighted mishaps from concerned security administrators for installing default programs from a compact disc. These stored programs on a compact disc facilitates hackers to breach security by storing porn contents, configuring an illegal server, initiating attacks on other information assets and breaching server on the network. In order to eliminate all these threats and vulnerabilities, reviewing and learning the functionality of threats is essential. This will certainly reduce the probability of security incident in organizations (Compromise Recovery and Incident Handling. 2003). One more research was conducted related to a Proposed Integrated Framework for Coordinating Computer Security Incident Response Team. Conventionally, computer security incident response teams (CSIRT) are responsive for viruses, hacking and unauthorized access of employees. The CSIRT is defined as â€Å"Computer security incident response team (CSIRT) is a term used by the CERT Coordination Center (CERT/ CC) to describe a service... This will certainly reduce the probability of security incident in organizations (Compromise Recovery and Incident Handling. 2003). One more research was conducted related to a Proposed Integrated Framework for Coordinating Computer Security Incident Response Team. Conventionally, computer security incident response teams (CSIRT) are responsive for viruses, hacking and unauthorized access of employees. The CSIRT is defined as â€Å"Computer security incident response team (CSIRT) is a term used by the CERT Coordination Center (CERT/ CC) to describe a service organization that responds to computer security incidents† (Computer Security Incident Response Team. 2007). The research transformed these teams in to efficient tools that will maintain efficiency of business operations, compliance along with new regulations and homeland security. Those organization possessing incident response teams follows a systematic approach and steps to recover the system efficiently from any securi ty breach or incident. Moreover, the existence of teams, eliminates loss or information theft and service disruption. Furthermore, the information gained by detecting and resolving an incident, facilitates support teams to be more efficient for handling future incidents (, Central Washington University - Networks: Incident Handling).Likewise, these teams are called security incident response teams (SIRT). They are triggered when a security breach shows its existence within the network of an organization. However, these teams conduct investigation of suspect workstations and servers.