Elizabeth Chan is the CEO of a 1 year
old electronics company. The company designs, develops and manufactures the
Micro Midget Widget – this is Elizabeth’s own invention and it is a small but
important component in a wide range of complex video and other specialised
hardware. Elizabeth is an engineer but she has no modern technical
understanding of IT security issues.
Elizabeth has had no problems with IT
Security until very recently when the Company’s network was subject to a series
of attacks. In the period of 3 days, the company’s website was defaced, a
serious virus infected the company e-mail and large quantities of data were
corrupted.
Elizabeth’s IT security risk
management concerns are wide ranging. She needs to determine whether the same
hackers are likely to hack the company again. She believes the recent attacks
suggest the hackers were interested in either proprietary theft of sensitive
information for personal and/ or financial gain or, to disrupt the affected
company in such a way as competitors have an edge. There is also an evidence of
a previous disgruntled employee planning for revenge against Elizabeth.
Elizabeth has become very worried
about cyberterrorism and is concerned that she may inadvertently allow her
unprotected system to be the launch pad for a major denial of service attack on
the Australian NII. She is also very concerned about becoming a victim of
e-crime. She believes that her company ought to develop a Forensic Readiness
plan so as to be prepared for possible action against the hackers who have been
attacking her company. Since the company is relatively new she can build
whatever security controls and purchase whatever new hardware you recommend.
0 comments:
Post a Comment