In: Computer Science
Assignment Requirements
You have been working as a technology associate in the information systems department at Corporation Techs for almost three months now. Yesterday, you got an e-mail, which specified that a security breach has occurred in your company. The other members of your team also received such e-mails. You checked the firewall logs and it confirmed the security breach.
Later, your team took corrective actions in the environment. They isolated the incident and assessed the damage. Today, your manager calls you and asks you to create an executive summary report detailing the events to be presented to executive management. You need to include a summary of corrective options, which may be in the form of architectural adjustments or other configuration changes that will prevent the reoccurrence of this incident in the future.
Tasks
You need to create a post-incident executive summary report that addresses a security breach. Include an overview of actions taken at each phase of the incident response. Also include suggestions for corrective modifications that would prevent the incident from reoccurring.
Security breach has been observed in the organisation and these
are the summary steps taken after observing the attack.
1)The source of the breach has been observed and had been contained
from spreading to the other departments and layers in the
organisation. This include reset passwords, disconnecting the
network access to the affected systems.
2)After containing the breach the steps are taken to stop it from
further damage.
3)Assessed the damage and causes for the damage.
4)Notified to those who are affected in the damage like customers
or vendors.
5)Consulting a security audit to assess the current security
architecture and preparation for future attacks has been
made.
Some other suggestions for corrective modifications that would
prevent the incident from reoccurring are:
1)Enforcing strong passwords for the employees.
2)Monitoring of data through extra-net and limiting the downloads
from it.
3)Educate the employees about the current cyber security
threats,actions and Train them in required areas accordingly.
4)Encrypting the data.
5)All vulnerabilities in the system has to be detected and
patched.
6)Update the software being used.
7)A breach plan has to be made.