Below is an article, Please summarize it in your own words. 2-3 paragraphs!
COMMUNICATION PLAN
The SOC should have a standard communication plan above and beyond what we have already talked about in daily operational management calls or critical bridges. This communication plan should detail all the different scenarios where distinc- tive people should be contacted and what their contact information is when specific events or incidents occur. Organizations should work hard to establish the best IR communication plan as possible and it should be reviewed on a regular basis to en- sure that lessons learned and organizational changes are accurately reflected.
The communications plan should include an easy to read table of contents that list specific types of incidents and page numbers or tab number. Each incident listed should have a short description of the event along with conditions in which an analyst would execute the communications procedure.
The procedure should be a list of functions or roles of people in the organization or outside the organization that would need to be contacted. Some of the communications would be through email where as more critical notifications would be direct phone call. Each incident would have its own listing of who gets emails versus who would get the phone call. The variation of who gets what would be listed on a case by cases basis based on the incident as different incidents would have different importance’s to differ- ent departments or groups. The plan may just list the departments or individual rolesthat an analyst is to call, such as V.P. of IT Infrastructure or Security liaison to Legal, external marketing or communications. The plan should not list individual’s names in the description or procedure portion, instead the specific names and contact informa- tion should be included as an easy reference in the back of the plan. This way the plan does not need to be updated every time someone changes phone numbers or positions.
Each person assuming a role in the organization that would have incident or breach notifications should have a simple record of contact information in the back of the procedure book. The information to include is basic:
Name
Title
Phone #
Alternate phone #
Email address
The number of people that can be included in the communications plan can be extensive, it may be more manageable to split the contacts up into different groups. For example, the first group could just be general SOC and IT management along with other closely interested people. For example, if you had an internal incident that was a violation of policy you may want to include SOC and IT management and also HR, but it may not necessarily be appropriate to contact legal right away. Instead you may want to save notification to legal as a secondary escalation. Then if legal believes that the person should be arrested or if there is going to be an external agency brought in then you may want to include public affairs as a third level of escalation notifications.
Additionally your notifications may not necessarily be just to individuals that are assuming roles in your plan. You may also want to reach out to vendors or third parties that may need to get involved to help or provide services. This could be an IR team as part of your managed security services, or just your Internet provider that can help you block specific types of unwanted traffic. If your SOC has a relationship with local law enforcement you may want to include them as well.
Here are some of the people you may want to consider being part of your communications plan:
SOC manager
Incident handler
Legal affairs
MSSP
Privacy officer
CIO or CISO
Public affairs
Internet service provider
Internal audit local law enforcement
Local FBI
Bank
Human resources
REGULAR WORKSHOPS
Once you have established your incident processes and communication plans you need to get on a program of continually improving upon the program and making sure everyone is up to date. You cannot just sit back and feel good that it is done be- cause sometimes as soon as it is done you will find its time to update it.
note- Please Leave a THUMBS UP if it helps you.It also helps me. I appreciate that...thank you..
This Article tells us about importance of having a Effective communication plan in place at SOC. Communication plan would help management and its stakeholders to communicate or we can say get in touch with each other if any incident happen in the organization. The communication Plan will help Management to know the people, their roles, their contacts etc so that they can know what should action they should take inside or outside the organization. The Effective Communication plan will help management to clear roles and responsibilities of people like CIO, COO, HR, Marketing ,Public affairs etc.
Organization faces incidents or events which are not in favor of company and its management so there should be a plan. In this context, Incident process management with integrated communication plan would help each department at SOC to get connected not internally but externally as well to prevent incidents at small or large scale.The plan should have continuous updatation and improvement to make it effective because if Management at SOC is focused on communication plan and relaxed without doing any changes in future then there is no benefit of having Incident process and communication plan at place. SOC should make necessary changes according to situation and people in and out of the organization.
Below is an article, Please summarize it in your own words. 2-3 paragraphs! COMMUNICATION PLAN The...