Security Case

1. Introduction

In this paper I will address a recent IT Security crisis that arose as a result of a Denial-of-service attack on the web-server (IT infrastructure) in my hypothetical Telecoms Company. Recommendations that were made a few months ago were never implemented, due to insufficient funding and employee restructuring that was taking place at the time. As the CIO of this organization I will take a coordinated approach to rebuild my company's reputation with our customers and other stakeholders, by implementing an IT security strategy that will not only address the immediate security breach, but will effectively identify and anticipate potential issues, and prevent crisis from developing in the future.

2. How will I manage this crisis?

2.1. Communicate, communicate, communicate...

From a communications standpoint, I will prepare a statement that includes the confirmed factual report detailing the root cause that led to this crisis, and provide continuous update of what the company is doing to deal with the situation and to prevent reoccurrence. A centralized crisis and information team has been established to ensure correct information is passed to all affected stakeholders (media, analysts, employees "our front-line ambassadors", partners, suppliers etc.) A website has been created to give quick, up-to-the-minute information of the resolution status and progress.

2.2. Taking responsibility

As the company's CIO I take full responsibility for the events that transpired from the security breach. Firstly I profusely apologize and empathize with all our customers, business partners, suppliers and investors for the revenue loss incurred due to inaccessibility of our services. Security is not an option but an imperative need, my team is working around the clock to restore all services with immediate effect. In light of the impact this crisis has had on your businesses, as well as this organization's reputation I am taking immediate steps to remedy the situation. I want to assure you that such events will not occur again.

* All access to our network facilities has been restricted to allow a select team of security expects with security clearance 24x7. Data centre is accessible through biometric fingerprint as opposed to using access cards only.

* Adequate resources with security expertise have been allocated to deal with crisis on the basis of hierarchy of priority and understanding of inter-dependencies rather than attempting a knee-jack approach to resolve the issues

* All existing security systems and security policy are being reviewed, hardware devices and software applications (security patches and updates) are being hardened to secure them from future malicious intrusions and/or attacks

* Disaster recovery plan has

...