Media loves to tell the horror stories of disasters after security breaches. IS professionals must pro-actively plan countermeasures and continually study and learn from past events. Select a past news story of a failure caused by one of these events to provide an analysis of the failed system using some of the countermeasures you have learned in this unit. Recommend strategies to minimize the loss of IS services/data in those events as if you had been on the IT team during this event. Keep in mind that the focus of this assignment is the response to a crisis – after the event (not preventing the event).
Countermeasures to consider for your responses:
- Fix known exploitable software flaws
- Develop and enforce operational procedures and access controls (data and system)
- Provide encryption capability
- Improve physical security
- Disconnect unreliable networks