iPremier: Denial of Service Attack ENMG 652 Case Study #2 Amanda K. Brezina July 2019 ContentsExecutive Summary. 4Main Challenges. 5Root Causes. 6Recommended Plan of Action. 7References. 11 Executive Summary The recently hired iPremier Chief Information Officer (CIO), Bob Turley, finds himself at a profit-driver driven company with a limited focus on the security of their data and informat
...[Show More]
iPremier: Denial of Service Attack
ENMG 652 Case Study #2
Amanda K. Brezina
July 2019
Contents
Executive Summary
The recently hired iPremier Chief Information Officer (CIO), Bob Turley, finds himself at a profit-driver driven company with a limited focus on the security of their data and information systems. While on-boarding at iPremier, he learns that the company’s Information Technology (IT) resources are outsourced to a company, Qdata, and not managed in-house, resulting in limited insight to iPremier’s IT information, power, and communications. These challenges prove difficult for the CIO when iPremier becomes the victim of a Denial of Service (DoS) cyber-attack. The promised 24/7 support at Qdata proves to be lackluster, resulting in iPremier employees traveling to Qdata to work stop the attack from their data center (Austin, 2009). iPremier’s lack of insight and poor documentation results in a whirlwind of communication issues and confusion creating the ultimate CIO nightmare.
The following is an analysis of the
iPremier: Denial of Service Attack case study
. It provides an overview of the main challenges that led to the DoS attack and the issues that surfaced post-attack. Those challenges will be analyzed to identify the root cause of the issue, in preparation for presenting a Recommended Plan of Action for Mr. Turley to address these challenges to better prepare iPremier to thwart future attacks in all realms of Cybersecurity. All recommendations will be provided by myself, as the third-party consultant to iPremier and the CIO, to better prepare the company to avoid these issues, prepare a proper risk assessment, and use the plan of action timeline to fully address the issue outlined in the case study.
[l1]
Main Challenges
#1: The Cyber-Attack & Incident Clean-up - Mr. Turley’s primary challenge is dealing with the attack, the apparent stall of the attack, and the incident clean-up. The attack requires an incident response report, to be written by Joanne Ripley, iPremier’s IT Lead, to document the events of the attack as well as to take preventative measures to avoid future attacks (NIST, 2018). There is the possibility that the attack is not over due to the initial discovery of the spawning zombie attack, which must be managed. There is an immediate need to receive, review, and act on the incident report
[l2] and to come up with a contingency plan for defensive action and clean-up of the incident.
#2: Communication – Internal & External - The cyber-attack revealed a string of communication failures that could have been prevented with proper planning through risk assessments and clear documentation of company procedures. Internally, due to outdated documentation and the lack risk assessments, during the DoS attack very few people knew who to call and in what order to manage the attack. Due to the breakdown in communications, it appeared that everyone in the company was alerted of the situation, yet not everyone necessarily needs to be involved until there is a better grasp on the situation. Externally, the communication was better but still left room for improvement. Warren, the Public Relations (PR) representative called Mr. Turley to update him with enough information to begin preparing the Public Relations (PR) notice regarding the attack. Ideally, another person should have contacted PR once more details were gathered so that Mr. Turley could continue managing the attack
[l3] .
[l1]Great executive summary starting with the background of the case. The second paragraph describes the main description of the discussed concepts and recommendation in the assessment.
[l2]The incident report can only be composed after knowing the nature of the attack through further research into what the hackers might be after.Similarly, the extent of initial damage must be known which was not investigated in this case.
[l3]Another challenge that the company faces is the lack of solid planning in response to emergencies such as the one described in the case.The communication solely did not lead to confusion. The night shift employees had no idea how to respond in such situations except calling the CIO.
[Show Less]