That seems to be the first time the iPremier was attacked due to their desperate situation. They did not know how to handle it, which explains the lack of training and emergency procedures. The company was more focused on profit than protecting their customer's information. If I were Bob, I would avoid panic and stay focused; assemble a team and start the incident response plan; start an investigation to define the details on the extent and nature of the attack; analyze and assess the origins of the violation; draw up a plan for the incident in question; disclose the incident to the parties involved and notify the authorities; and review the incident response plan, strategy, and security policies.
We can say that there was no company’s operating procedures due to the fact that their binder, which was supposed to have all the information on how to proceed in these situations, was outdated. They should have a good incident response plan that defines the process steps that
…show more content…
Positive points should be exalted and adopted as recommended procedures for future use, while negative points should be pointed out and repaired.
They should invest in technology and host their own computer equipment. Qdata was not investing fast enough in advanced technology and had experienced difficulty in retaining staff. In addition, a good practice is to have good analytical skills and intelligence.
They need to have mechanisms to obtain information during or after a data breach to be able to understand the damage. Furthermore, having an incident response team that is trained and ready for the scenario of a violation. Just as your children at school do fire simulation, you should simulate violations, so if you do, you already know that one person is going to be in charge, another is going to give statements to the
However, some people trying to fix the attack did an adequate job considering the problems the company had. Joanne and Leon Ledbetter did everything in their power to restore the website and protect the customer data, which even included running red lights. Leon was so new that he didn’t know exactly what to do. Training for an emergency would have proven useful. The CIO, Bob Turley, knew of the emergency protocol and out of date manuals, but never did anything to alleviate these problems. This put the company in a significant disadvantage, and created a bigger problem than what was necessary. Faced with this problem, Turley was able to facilitate direction for the company as best as he could, which ended with the security breach stopping.
The departments of a company that are holding personal information are required to have adequate security measures in place. Those include technical measures (such as firewalls) and organisational measures (such as staff training).
Immediately bring down any affected systems shut them down and power down switches and/or routers to entire segment that were hacked. The servers that were hacked need to be immediately reset meaning passwords, backup system and its applications. But before doing this to any system the company should take an image of the affected systems for forensic investigation, this will be the evidence against the hacker. Virus software needs to be run as soon as possible and security patches need to be installed on the entire company’s network system. The computers that were hacked need to be shut down and retrieve specially the one from the employee that hacked the system. Reroute network traffic to back up servers. This will help the company to minimalize the incident from reoccurring. The company should also remove/reset accounts and/or backdoors left on hacked systems.
Without proper security controls in place to monitor and secure these privileged accounts, organizations are increasing the risk of a data breach.
Issue 4: Information Security officials failed to effectively trigger appropriate notifications and begin an investigation of the stolen data. The information security official’s incident report contained omissions and significant errors. This resulted in missed opportunity to re-create the contents of the laptop and external drive and to recognize the severity of the potential loss of data. The cybersecurity operations officials failed to ensure a timely investigation and notifications were made regarding the severity of the lost data (Opfer, 2006).
Data security is the responsibility of the information system team. Three responsibilities of this team are making sure the data is accurate, protecting the data from unauthorized users, and correcting the data if it is damaged. This includes protecting the system by firewalls, gouging phishing, and protecting data from a hardware or software loss.
In the current society, business, organizations and government are very dependent on computers and Internet. Adequately protecting an organization 's information assets is a requisite issue. Many organizations have deployed security software or devices, such as firewalls or intrusion detection systems, to help protect their information assets and to quickly identify potential attacks. IBM Systems Journal states that "some organizations came to realize that one of the best ways to evaluate the intruder threat to their interests would be to have independent computer security professionals attempt to hack into their computer systems" (IBM 2001). This might be a good way to evaluate the system vulnerability. However, to allow a penetration test team break into their systems, the organization may have faces some risks. For example, the penetration test team may fail to identify significant vulnerabilities; sensitive security information may be disclosed, increasing the risk of the organizations being vulnerable to external attacks (The Canadian Institute of Chartered Accountants). Some organization even send their system administrator to be trained Ethical Hacking as a career course in Tertiary
Then the team needs to investigate the issue clearly as fast as possible because time is as
Confidentiality must be met in the storage, processing, and transmission of data in an organization. For example, we are going to look at a major recent data breach. On March 8, 2017, the US department of homeland security sent Equifax and notice to patch a vulnerability in versions of the Apache Struts software. On March 9, Equifax dispersed the information to applicable personnel. Although told to apply the patch, Equifax security team did not find
The CEO and the board are responsible for “good business judgment” in guarding against the threat. So Paul’s first mistake was to dismiss the original e-mail message. All IT threats should be taken seriously, and he would have let Jacob Dale know about no IT system is “bulletproof.” Sunnylake should have had a workable, fully tested backup system to ensure uninterrupted patient service and protect everyone affected. Doctors and nurses are trained to diagnose, problem solve, and dynamically treat their patients. IT systems facilitate, but are not substitutes for, patient treatment. The fact that the hospital did not have up-to-date security software installed, or a reliable security outsourcer and an emergency plan in place, is inexcusable.
In the case of data breach or any disruptions companies should be forthright yet strategic. It’s important for companies not to be presumptive about breaches or how customers are impacted. The iPremier case is a good example of how a lack of communication plan exacerbates a situation. When Turley got the call to “pull the plug” because of threat to customer data, the clock was already ticking. A well-crafted contingency plan and disaster recovery program includes a communication plan that distributes key messages to stakeholders in an efficient manner. Pringle outlines some tips for managing a cyber-attack, while iPremier case was on smaller scale, I think the same rules applies.
Every business and organization can experience a serious incident which can prevent it from continuing normal operations. This can happen any day at any time. The potential causes are many and varied: flood, explosion, computer malfunction, accident, grievous act... the list is endless.
Strategy 1a: Inform all employees about the hack, detailing exactly what happened and informing them how to respond when asked about it.
iPremier’s procedures were absolutely deficient. They had an outdated emergency manual that employees couldn’t find, and almost couldn’t access the data center. Additional measures they could have implemented long before the attack include revising the emergency procedure and making sure all employees know how to follow it. 3. Now the attack has ended, what can the iPremier Company do to prepare for another such attack?
IPremier during this time it was going through a series of internet attacks, had really come into a lot of problems from many difference source who assumedly help the company constructed their fortune of wealth.IPremier from the beginning had only two primary owners to design the website to sale the items.The attack first acknowledged was by a phone called made to a hotel,which the message was from a female employee to inform Turley one the issue about the business.The message said it was