Elizabeth Chan is the CEO of a 1 year old electronics company. The company designs, develops and manufactures the Micro Midget Widget – this is Elizabeth’s own invention and it is a small but important component in a wide range of complex video and other specialised hardware. Elizabeth is an engineer but she has no modern technical understanding of IT security issues.
Elizabeth has had no problems with IT Security until very recently when the Company’s network was subject to a series of attacks. In the period of 3 days, the company’s website was defaced, a serious virus infected the company e-mail and large quantities of data were corrupted.
Elizabeth’s IT security risk management concerns are wide ranging. She needs to determine whether the same hackers are likely to hack the company again. She believes the recent attacks suggest the hackers were interested in either proprietary theft of sensitive information for personal and/ or financial gain or, to disrupt the affected company in such a way as competitors have an edge. There is also an evidence of a previous disgruntled employee planning for revenge against Elizabeth.
Elizabeth has become very worried about cyberterrorism and is concerned that she may inadvertently allow her unprotected system to be the launch pad for a major denial of service attack on the Australian NII. She is also very concerned about becoming a victim of e-crime. She believes that her company ought to develop a Forensic Readiness plan so as to be prepared for possible action against the hackers who have been attacking her company. Since the company is relatively new she can build whatever security controls and purchase whatever new hardware you recommend.
0 comments:
Post a Comment