Consolidated Electronics Group Inc (CEG) is an industry leader in aviation parts. Recently there has been a spike in network attack activity, which is possibly linked to recent lay-offs and company restructuring. Two of the recent attacks appear to be breaches of the server which stores the plans for a prototype aviation switchboard of a revolutionary new design. Management has tasked the network administrator with creating an incident response plan that deals with incident investigation, incident prevention, and a communication plan.
Investigation and Prevention
It is best to prevent security incidents from occurring in the first place – therefore prevention should be a top priority for the IT staff at CEG. The National Institute of Standards and Technology (NIST) recommends five main categories of incident prevention; risk assessments, host security, network security, malware prevention, and user awareness training (Cichonski P., Grance T., Millar T., & Scarfone K., 2012 p.24). Risks of the various types of possible security incidents should be identified and prioritized based on likelihood and potential harm. Risk assessment should be periodic and ongoing. Host security is achieved by hardening each host on the network. Host hardening includes keeping current on the latest software patches, enabling and monitoring audit logs, and assigning permissions based on a system of least privilege. Network security is primarily concerned with securing the perimeter of the network to prevent unauthorized intrusion. This includes the use of firewalls, intrusion detection systems (IDS), securing VPN, and blocking unnecessary ports. All hosts on the network must run and regularly update malware protection software. And all employees should...
... middle of paper ...
...would be best to not have a security incident happen at all, which is why details have been laid out for the prevention of such occurrences. Yet despite the best security policies, planning, and implementation, incidents will still occur, therefore CEG must have plans in place to respond. Training and planning for network security must be an ongoing routine, in order to keep pace with new threats and the evolution of existing threats.
References
Cichonski P., Grance T., Millar T., & Scarfone K. (2012). Computer Security Incident Handling Guide. Retrieved February 15, 2014 from http://csrc.nist.gov/publications/nistpubs/800-61rev2/SP800-61rev2.pdf
Durfee, C. (2009). Crisis Communications: Planning for a Data Security Breach. Retrieved February 15, 2014 from http://www.drj.com/2009-articles/specials/crisis-communications-a-planning-for-a-data-security-breach.html
Harmening, W. (2014). "Crisis communication" In Harmening, W. (2014). Crisis intervention: The criminal justice response to chaos, mayhem, and disorder. Boston, MA: Pearson
First, business practices required a computer incident response team (CIRT) to ensure that there is a capability to provide help to users when a security ...
In the past 60 years technology has grown by leaps and bounds. Computers are a common fixture of most homes. The Internet was created. Everyone carries cell phones that have more computing power than desktop PC’s did just ten years ago. And this march forward in technology also effected the aviation industry as well. The Boeing 787-8 Dreamliner is Boeing’s newest, most modern, and most technologically advanced commercial aircraft. However, it’s development also raised some security concerns. Fears that the Dreamliner’s network could be vulnerable to hackers or other cyber attacks lead the Federal Aviation Administration (FAA) to issue a Special Conditions Notice to Boeing to prove that the Dreamliner’s network is secure.
Ulmer, RR, Sellnow, TL & Seeger, MW 2007, Effective crisis communication, Thousand Oakes: Sage Publications.
The number of security incidents that have been handled by Indian Computer Emergency Response Team (CERT-In) over the last few years has increased exponentially. The types of incidents handled were generally related to malicious code, phishing, website intrusion, spam,
Critical infrastructure is not adequately defended from cyber-attacks. Companies and government agencies are starting to work towards adequate cyber security however, this is no easy process. There are endless numbers of exposures like computer information systems, infrastructures, computer networks, and/or personal computer devices. Decisions must be made to determine which exposure to focus on protecting. Infrastructure attacks Individually-owned devices such as computers, tablets, mobile phones, and gaming systems that connect to the Internet are vulnerable to intrusion. Personal information may be at risk without proper security. Possible targets for attacks could be utilities, emergency services response systems, critical infrastructure,
With the advent of the electronic age of the Twenty First century, emergency risk communication faces new and ever-evolving challenges. Broad societal developments, biomedical revolution, the increased movement of people and goods, and varying levels of public trust in government are all associated with the increasing challenges emergency communicators have to overcome. Emergency Risk Communications is listed as one of the eight core capacities by the World Health Organization needed for detecting and responding to public health threats (Savoia, Lin, & Gamgewage, 2017). Risk communication focuses on communicating disaster preparedness information and mitigation strategies to the public before an event occurs to help minimize the damage and effects. Proper communication involves truthfulness, dealing with the news media, planning, and evaluation.
The communication process is not something that begins when a crisis rears its ugly head rather it is a process that takes place in preparing for a crisis before it happens. While the term crisis represents a blanket term used to describe many situations, each situation is unique, thus presenting different obstacles to overcome. However, with a well-established advanced plan in place an organization places itself in a position to overcome and work around obstacles. The development of a comprehensive crisis management plan is one achieved through effective communication where each member of the crisis management team has an advanced shared understanding of his or her role and responsibility during a time of crisis (du Pr'e, 2005).
Coombs, a professor in the school of communications at the University of Central Florida, has published more than 40 research articles and over 30 book chapters. Most of them focus on crisis management and communication. Drawing on his extensive experience, Coombs applies a three-staged approach in discussing how crisis management can help to prevent or eli...
Whoever detects the incident or by an individual who has notified that the incident may have occurred, the details surrounded by the incidents are documented. (For example, help desk or security personnel) To take advantage of the team’s expertise the control of the response should be forwarded to the Computer Security Incident Response Team early in the process. The more steps in the initial response phase performed by the Computer Security Incident Response Team is better.
...ding civilian officials are aware of the possibility of organized cyber-attacks and have aligned themselves to work toward ensuring computer safety. Even though there are efforts being made to address the possibility of a computer disaster it will more than likely happen anyway. Cyber-terrorism, the wave of the future, is potentially much more harmful than anything we have seen before.
National Institute of Standards and Technology. (2012, March/April). Basing Cybersecurity Training on User Perceptions. (IEEE Report 1540-7993/12). (pp. 40-49). Retrieved from University of Maryland University College IEEE Computer Society website: http://www.computer.org.ezproxy.umuc.edu/portal/web/csdl
Whether a person is an occasional computer user, works in a major corporation, or within a government agency there is a dangerous risk out there. That risk is one that everyone must be concerned with, inadequate computer security. Computer security has become essential in today’s well connected digital world. Everyone wants to communicate with someone at sometime, and normally these communications need to be secure. If these communications are going through any sort of electronic device they are passing through some type of communications network. Whether the information is traveling around the world or just across the room to another computer this information is at risk. Safeguards must be implemented to the computers and networks that they use to protect them from viruses, intruders, and system failures.
The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.
A critical part of network planning involves setting up of security mechanisms. Deploying the network with security configuration provides superior visibility, continuous control and advanced threat protection across the extended network. Additionally, security procedures define policies to monitor the network for securing critical data, obtain visibility, mitigate threats, identify and correlate discrepancies.