Media loves to tell the horror stories of disasters after security breaches. IS
ID: 3872639 • Letter: M
Question
Media loves to tell the horror stories of disasters after security breaches. IS professionals must pro-actively plan countermeasures and continually study and learn from past events. Select a past news story of a failure caused by one of these events to provide an analysis of the failed system using some of the countermeasures you have learned in this unit. Recommend strategies to minimize the loss of IS services/data in those events as if you had been on the IT team during this event. Keep in mind that the focus of this assignment is the response to a crisis - after the event (not preventing the event).
Countermeasures to consider for your responses:
Fix known exploitable software flaws
Develop and enforce operational procedures and access controls (data and system)
Provide encryption capability
Improve physical security
Disconnect unreliable networks
Explanation / Answer
Let us discuss the steps that we can take to countermeasure a crisis:
Fix known exploitable software flaws: Once a software flaw has been identified, the team should quickly find the exact issue and what is causing the issue. First, they should disable the functionality to stop further issues, and quickly work on fixing it, testing it thoroughly and then enabling the feature again.
An expert team should always be on standby so that if any disaster happens they would be able to countermeasure it.
Develop and enforce operational procedures and access controls (data and system): A procedure should be setup and in place which depicts what process should be followed in case of an crisis. This process should clearly give the steps as to what to be done and what not. Also after crisis who all should be granted access and who’s access should be revoked in the system, these things should also de determined.
Provide encryption capability: Data encryption should be in place in case of an crisis so that data theft does not occur in case of data leakage.
Improve physical security: Physical aspects like network, router and firewall should be more strict, so that it can handle the inflow and outflow of data packets.
Disconnect unreliable networks : A system maybe be connected to lots of network, some of which may be unliable , so when a crisis happens the unliable connections to a network should be terminated so that no malwares, viruses, unathorized acess to network can enter the network.
I have solved your question. Please do not forget to give a positive like to the answer. Thank you.