1. Analysis
The overall situation is that the company is being hit with a DOS attack. They are not prepared so it leaves everyone to run around panicking. The procedures are out of date so if the new night shift employee had looked at them he still would have been lost. The third party security company is not detecting this attack so they never stepped in. The biggest problem is that most of the executives are more concerned with PR than fixing the problem. Finally when the personnel from our company get to the third party security center they will not let her in because she is not on the list. Then when she finally gets in they try and stop the attack, but for every request rejected the hacker pops up 10 more to take its place. They are overwhelmed by the attacker and then he just stops the attack. The company is trying to figure out whether to shut down and clean the system or to just let it continue to run. The main argument
…show more content…
Risk management is a key part because the company has to figure out how they want to minimize the risk of the attack. They completed a risk assessment when fighting off this DOS attack. The assessment started with classifying the attack, then they looked at the threat of losing credit card information. Then they looked at the supposed impact of the attack and since they had not detected anything the executives thought the countermeasures to fix the server was not necessary. The problems in the information security and risk management domain are that their procedures are not up to date and that most of the time the company was not worried about fixing the problem but trying to stop bad PR. Also, another problem is that they need to train their security professional by letting him work with a more experienced professional and not by himself. They could have potentially done better or responded quicker if they had trained personnel with him to
To give alternative courses of action and to recommend the best alternative to improve the company’s operations.
...ed on how to respond to information security breaches. Regardless of an organization size, there is always the risk of information breaches.
Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what
This has helped the company. By the time the attack was made at the top layer the security team was alerted and before it could do any further damage they took care of the issue thus minimizing the damage. With this course I have learned in detail how each layer in an OSI model works and what measures can be taken to avoid or mitigate the issue on every layer. This has helped understand the outcome how important it is for an organization to build a information security system that takes care of issues like
In this case, a large health services organization (HSO) in Florida, that has a world-renowned AIDS treatment center had information breach of 4,000 HIV+ patient records, and the list was sent to newspapers, magazines, and the internet. Consequently, this issue was featured in every media vehicle in the world and as CEO, you are requested by the board of trustees to come up a better management information system (MIS) to resolve all information security issues or you will face termination. After hiring an undercover computer security consultant to help determine where the security leak came from, she quickly identifies numerous breaches in computer security and provides a report with the issues identified. The report furnished by the consultant revealed that facility had major problems with the MIS and the staff. In order to determine how to address the issues, the CEO must first answer the following questions: what law is being violated by the employees, why was this law enacted, what are the penalties for such violations, what are the penalties for sharing celebrity information, and should he be updating his resume and looking for another job (Buchbinder, 378).
The points of weakness identified in the hack on TJX included lack of encryption in processing, vulnerability to wireless attacks, vulnerable USB ports, lack of processing logs, weak compliance practices, and auditing failures. In order to minimize its risk to a hack, TJX should have followed the COBIT or COSO frameworks for cyber security. Both frameworks outline how to plan and organize company values, assess the risk, implement control activities, and maintain and monitor its system to make sure the company’s IT system is as secure as possible. Either framework would have identified the weakness TJX faced when leaving credit card information unencrypted for a time as well as storing unencrypted information. If credit cards could not be processed
In the first place, many companies are currently on the same shape as International Produce, because they did not have a plan which can deal with confidentiality, integrity, and availability (CIA) related incidents. Not only, International Produce has no regulatory requirements that would have made incident response planning a priority, but also this company needs to understand that Incident response is not a standalone item, but must rest on a foundation of policies and an ability to properly determine what an incident is and when one has occurred. Furthermore, “The purpose of security incident response is to bring needed resources together in an organized manner to deal with an adverse event known as an “incident” that is related to the safety and or security of the information system. The security incident response process is centered on the preparation, detection and analysis, containment, investigation, eradication, recovery, and post incident activity surrounding such an incident” (Johnson, 2013). Moreover, planning and preparedness must come before the incident, but in the case of International Produce is too late since the increase in networking traffic was not perceived as problematic until it was noticed that the traffic was not coming from Mongolia to Boston but was instead traveling from Boston to Mongolia. Given these points, an incident response consultant should assist to review available resource to solve this incident, organize step to take in order to properly assess the situation, and mitigate all legal arrangements involving theft of intellectual property.
Program will use a risk management approach to develop and implement Information Security policies, standards, guidelines, and procedures that address security objectives in tandem with business and operational considerations. The Information Security Program will develop policies to define protection and management objectives for information assets. The Information Security Program will also define acceptable use of PCS information assets. The Information Security Program will attempt to reduce vulnerabilities by developing policies to monitor, identify, assess, prioritize, and manage vulnerabilities and threats. The management activities will support organizational objectives for mitigating, responding to and recovering from identified vulnerabilities and threats.
Within the last decade, the internet has proven to be the most efficient way to complete tasks in today’s society. Every major business in today’s society relies on the internet to conduct business. Though the internet is a useful tool, our reliability on it opens up the door for cyber-attacks that can be detrimental to business as a whole. One example of a cyber-attacks that have recently started becoming more prevalent are DDoS attacks. Recently, DDoS attacks have been a rising issue for businesses owners who run their own servers, such as video game companies and other high profile web servers, including banks and other credit card payment gateways.
Strategic Crisis Management is a collaborative effort that requires participation from all members of the organization (Porter-O’ Grady & Malloch, 2015). Furthermore, in Strategic Crisis Management, all members are empowered to identify and respond to crises that impact their ability to carryout the organizaitons mission (Porter-O’ Grady & Malloch, 2015). A crisis as described by Taneja, Pryor, Sewell, & Recuero (2014), “is a series of unforeseen events that launch a group, team or an organization into a downward spiral that is quick and will have long term effects if the situation is not rapidly handled effectively and efficiently” (p. 78). The unforseen loss of key executive leader, a major security breach, damange to a critical piece of equipment, or a sudden threat to the organization’s reputation are just some of the crises organizations may encounter and must be prepared to respond to (Taneja et al.,
Solution: The organization should put in place a competent incident response team, continuously update their security
One particular crime that could be committed by employees who use the internet at work is hacking. Hacking is one of the most well-known types of computer crimes, in this context, the term refers to the unauthorized access of another’s computer system (HG.org Staff, 2015). This means that if the employee in not allowed to use the internet, for personal use, than there is a possibility that they could get charged for such crime. Because the policy will state they do not have the authority to access the organizations computer system for personal use. In addition, they must know that all use of computers systems while at work will be monitor, including e-mails. Piracy and cyber terrorism are other crimes that one can face when using a computer
As the Department of Homeland Security continues to improve cyber security across all critical information sectors as well as in cyber infrastructure and network they are not effective. This lack of effectiveness comes from the overwhelming work load that is being put on one department which can cause one purpose to fail more than another and as a result the purpose fails as a
"Risk management is the part of analysis phase that identifies vulnerabilities in an organization's information system and take carefully reasoned steps to assure the confidentiality, integrity, and availability of all components in the organization's information system" (Management of Information Security - second Ed, Michael E. Whitman and Herbert J. Mattord)