Create First Draft of IRP

If you will recall, your new employer, EZ Crypto, is an international company. Your first assignment was to summarize New York’s data privacy rules. Your boss was really impressed with your summary and wants you to think about the policies that would need to be in place especially given the recent cybersecurity and data privacy issues:

  1. Scammers on the platform – fake profiles, impersonating users, social engineering scams
  2. Hacks – thefts of cryptocurrencies, including EZ Coin
  3. Data Protection – Theft of Personal Information
  4. Regulatory Compliance – right to be forgotten vs document retention requirements; and appointment of data privacy officer in Kenya, for example.

(Note that many of these risks are related, not isolated. For instance, scammers on the platform frequently attempt to invoke their GDPR-related right to delete all of their personal information when they suspect that the authorities are coming close to apprehending them.) Because of the spate of such incidents, EZ Crypto is under investigation by authorities in several jurisdictions with respect to the adequacy of its systems and procedures.

Directions: This week you will need to begin to draft your Incident Response Plan (IRP) because in light of the various issues, there is a growing concern EZ Crypto may be attacked at any time in the immediate future. Review the sample IRPs below and create your own first draft based on what you know about US Data Privacy rules and GDPR.

Cyber Incident Response Plan (IRP).doc

Download Cyber Incident Response Plan (IRP).doc 

STATE FARM IRP.docx

 

Directions: This week you will need to begin to draft your Incident Response Plan (IRP) because in light of the various issues, there is a growing concern EZ Crypto may be attacked at any time in the immediate future. Review the sample IRPs below and create your own first draft based on what you know about US Data Privacy rules and GDPR.

Download STATE FARM IRP.docx 

Leave a Comment