Question

In: Computer Science

Consolidated Electronics Group, Inc. is a manufacturer and supplier of avionics equipment to various airlines across the continental United States.

Consolidated Electronics Group, Inc. is a manufacturer and supplier of avionics equipment to various airlines across the continental United States. Recently, the company has laid off several employees, which left many in the company in a disgruntled state. Now, the information technology (IT) staff has reported to management a significant spike in network attacks numbering in the thousands. Reports from the intrusion detection system (IDS) indicate that two of these potential attacks may have compromised highly classified plans for a new prototype avionics switchboard, which is expected to revolutionize the market. The IT staff suspects that the attacks and potential security breach may have something to do with the recently laid off staff.

Assignment Instructions: The U.S. National Institute of Standards and Technology (NIST) is a recognized authority for providing security standards, guidelines and procedures. NIST provides a large array of other security related documents, which are of great value to information security professionals.

For this assignment, you are asked to use NIST SP 800-61 Rev. 2

http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

While this document is quite large, you will find Section 3 starting on page 21 helpful for this assignment. Using the guidance from this NIST document, craft an incident response plan that includes:

1. A description of the specific measures that would be taken to investigate a security breach.

2. An explanation of steps taken to prevent future attacks and to secure the company’s information systems.

3. A communication plan to disseminate the results and findings of this event to the organization.


Solutions

Expert Solution

Specific measures to investigate the security breach are:

1. Contact information and background check of the laid-off employees

2. Ports and other hardwares used for the security breach

3. Flaws in the access control facilities and gather details of how the attack was performed

4. Check for physical loss of assets like hard drives, printed materials, CD / DVDs.

To prevent future security breaches, specific measures to be taken are:

1. Identify loopholes in security systems and close them

2. Secure assets like CDs, DVDs, etc.

3. Minimize online access to critical hardware like database servers that are not necessary

4. Use stronger encryption and authorization techniques for access to critical data

5. Use of proper malware detection and antivirus softwares across all systems.

The communication plan should be:

1. The head of the organizations like CIO, head of information security, legal department should be briefed in person about the details of the incident

2. Employees of the organization should be made to undergo some trainings on how to mitigate and be aware of such security attacks.


Related Solutions

Consolidated Electronics Group, Inc. is a manufacturer and supplier of avionics equipment to various airlines across...
Consolidated Electronics Group, Inc. is a manufacturer and supplier of avionics equipment to various airlines across the continental United States. Recently, the company has laid off several employees, which left many in the company in a disgruntled state. Now, the information technology (IT) staff has reported to management a significant spike in network attacks numbering in the thousands. Reports from the intrusion detection system (IDS) indicate that two of these potential attacks may have compromised highly classified plans for a...
Electronics Inc. buys and sells photocopy equipment that are used in businesses across Ontario. The company...
Electronics Inc. buys and sells photocopy equipment that are used in businesses across Ontario. The company follow IFRS. Unit selling prices range from $10,000 to $100,000. Electronic Inc. sells a photocopy system to Centennial College on September 10th, 2020. The selling price for the photocopy equipment is usually $85,500. - Electronic Inc. will also install the photocopy system. The estimated fair value of installing the photocopy system is $2,700. Electronic Inc. will also provide one year of maintenance service for...
Electronics Inc. buys and sells photocopy equipment that are used in businesses across Ontario. The company...
Electronics Inc. buys and sells photocopy equipment that are used in businesses across Ontario. The company follow IFRS. Unit selling prices range from $10,000 to $100,000. Electronic Inc. sells a photocopy system to Centennial College on September 10th, 2020. The selling price for the photocopy equipment is usually $85,500. - Electronic Inc. will also install the photocopy system. The estimated fair value of installing the photocopy system is $2,700. Electronic Inc. will also provide one year of maintenance service for...
Money-Back Guarantee, No Questions Asked TradeSmart Inc. operates 1,200 discount electronics stores throughout the United States....
Money-Back Guarantee, No Questions Asked TradeSmart Inc. operates 1,200 discount electronics stores throughout the United States. TradeSmart has been quite successful in a highly competitive industry, primarily because it has been able to offer brand-name products at prices lower than can be found at other discount outlets. Because of its size, TradeSmart can purchase bulk inventory directly from manufacturers, and the economies of scale it derives from such purchases can be passed on to consumers in the form of lower...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT