Reflection on Knowledge Gained and Critical Actions in Incidence Response

Task1: Knowledge gained in Computer Science-Operations Security

Operations security entails the development and implementation of all security measures to protect the sensitive information of an organization from being accessed by an unauthorized person ( The management should ensure that they can identify possible threats to breach of data and strategize on how to overcome those challenges. Every employee in an organization must also adhere to the policies and regulations on information security to ensure all secrets and sensitive information is safe from the threats ( A person can gain so much knowledge from Operations Security, and one of them understands the role of OPSEC and the processes involved to ensure the security of sensitive data.

The knowledge will be helpful in an employment opportunity such as being an OPSEC program manager. The primary objective of OPSEC is controlling the information and visible actions of the organization’s capability and, the limitations as well as the approaches to protect data from getting to the hands of the unauthorized person ( I can use this knowledge as a foundation and guidance throughout other activities involved in ensuring the security of data in an organization.

I also have also acquired essential knowledge on the process of OPSEC.  There are five steps involved in the OPSEC process, and the first one can identify critical information ( As the future OPSEC program manager, I should be able to differentiate all information in the organization to prevent and categorize the information depending on the cycle of the program such that an attacker may not be aware of the activities that go on and the proposed plan for the program. Keeping every detail safe makes the organization safe from the possible attack of public criticism and destruction of an organization’s reputation.

The next step is analyzing the threats, and as the future OPSEC program manager, I should determine the capability of the attacker to have access to the information and the possible areas they might use the information ( I must thus ensure that I can explore every potential threat and become aggressive to offer protection of the information. The next step is analyzing the vulnerabilities since the organization might still have weaknesses despite protecting its information. The attackers could identify a specific method of accessing valuable information from the organization ( It is thus essential that I will also aid in the development of policies and regulations and communicate them to other staff to eliminate any path used by attackers to access the organization’s sensitive data.

Another essential step is assessing the risks. It involves comparing the threats and vulnerability and determining the likely risk that the attacker can execute. Therefore, as the future OPSEC program manager, it is essential that I will be able to ensure that I have strategies put in place to protect the organization from loss of valuable information ( One I will have identified the possible risk and strategize on various measures to implement for the protection of information. I will ensure that I choose the most effective but cost-effective action. I understand that there will be several alternatives, but I would not want to go for the most expensive approach for an insignificant threat. I guide the need to consider other factors of the chosen=n countermeasure before its implementation. Not every measure will react to a specific threat thus the need to understand the different risks and how to respond to them to protect the security of information in an organization.

Generally, the knowledge of the role and process of OPSEC is essential in my future career.  Once I have background knowledge on the issues of protection of the organization’s information. I will ensure that I work with my colleagues to provide the most efficient and cost-effective solution thus the success of the organization.

Task 2: Critical Actions in Incidence Response

It is the responsibility of an organization to plan and prepare adequately for any incidences and disasters that may halt normal operations. Early planning and adequate preparedness put an organization at a better place to handle significant incidences that may arise such as data breaches. The incidence response team is instrumental in ensuring that an organization bounces back to its feet by containing the situation, preserving areas not affected, and eradication the problem. However, it is also imperative that employees together with the management fulfill their roles and responsibilities in togetherness for the organization to stand a better chance of recovery (Whitman et al., 2013).

When calamity strikes in an organization, whether an attack on systems or a natural one, normal operations cease and emergency protocols take over. However, employees are not to sit back and wait for the management and response teams to sort all their problems. More often than not, the first people who notice a change in usual activity are junior employees. In light of this, it is their responsibility to act swiftly and follow relevant procedure’s to notify the administration. It is central to this cause these individuals to use emergency channels to send their messages to prevent the interception of information in case the incident is human-made.

High-level incidences may be messy and cause panic among employees. Others may get hurt and lost while others may suffer shock. This disruption unless handles swiftly may increase the overall number of casualties and damages. It is the role of the workers to keep one another safe by remaining calm and, following laid out emergency procedures to create a system of orderliness to mitigate risks as much as possible. Supervisors and others in the position of leadership should collect relevant data such as the number of absentees and, any additional information that may lead to the successful containment of the situation (Moore et al., 2019). Junior and senior employees should also be ready to offer support to the management when needed to do so.

On the other hand, the management has the responsibility of providing all the necessary resources to the incidence response team immediately after the confirmation and declaration of the disaster. After an even becomes official, the management will rely upon the staff to provide all relevant information about the incidence; whether it is an attack on the integral parts of the security systems if it is natural or human-made, the areas affected among other crucial pieces of information. This assessment will enable the company to preserve uncompromised facilities and initiate actions that aim towards eradication of the problem and the swift recovery of the organization.

After determining the scope, through the steady stream of updates and preventing any further damage through backups or outsourcing for extra support, the management should then ensure that all employees and their families are safe from danger (Moore et al., 2019). Additionally, this determination will allow the executive team to decide on if there is a need for the use of protective equipment especially if an attack appears coordinated, that is affecting multiple systems. It is solely the responsibility

The next critical action for the administration would be determining how best to support impacted customers and calculate compensation as soon as possible to avoid any conveniences that might arise due to the disaster. This move will mostly be strategic if the incident was an attack on the security systems, as it would be vital if the company can retain its most loyal clients. Supervisors and should then contact insurance companies to process claims on damage on systems to ensure that the company bounces immediately. All teams should also report every relevant information on the incident to ensure that the organization learns from it and improves all security systems, and updates its response plan.


References Operations Security. Intelligence Threat Handbook. Retrieved on March 17, 2019, from

Moore, S., Borkar, P., & Matthews, T. (2019). The Three Elements of Incident Response: Plan, Team, and Tools. Retrieved from

Whitman, M. E., Mattord, H. J., & Green, A. (2013). Principles of incident response and disaster recovery. Cengage Learning.