ACF2400 Cybercrime and Information Systems Controls (Doc)
7 Pages1376 Words116 Views
Accounting information systems (ACF2400)
Added on 2020-05-11
ACF2400 Cybercrime and Information Systems Controls (Doc)
Accounting information systems (ACF2400)
Added on 2020-05-11
ShareRelated Documents
Running head: CYBERCRIME AND INFORMATION SYSTEMS CONTROLSCybercrime and Information Systems Controls: The Case of iPremierName of the StudentName of the UniversityAuthor’s Note
1CYBERCRIME AND INFORMATION SYSTEMS CONTROLSTable of ContentsIntroduction......................................................................................................................................2Part 2A.............................................................................................................................................3Part 2B.............................................................................................................................................4Bibliography....................................................................................................................................6
2CYBERCRIME AND INFORMATION SYSTEMS CONTROLSIntroductionThe report aimed to study a case of DoS attack incident occurred in iPremier organizationduring January 2009. iPremier is successful web-based high-end retailer organization; during2009, the organization was shut down by Distributed Denial of Service (DDoS) attack. However,series of event occurred before, during and after the cyber attack; the case study clearly stated allof them. In short, Jack Samuelson, CEO appointed Bob Turley as CIO; Joanne Ripley was TechTeam leader, Leon Ledbetter worked as tech specialist and Leon detected the attack. Bob Turleywas distant from iPremier headquarters; so he took follow-up of everything over phone calls.Joanne Ripley reached data center for taking preventive actions on her own; without anyprecautions considered. CEO, Jack Samuelson took authority for taking corrective actionsagainst DDoS attack; he was distant from the incident too. Apparently, all measures in iPremierfailed to stop the DDoS attack; they had to wait until the attack stops and security breachoccurred. In this report, the researchers have provided critical evaluation of iPremier managementactivities related to information security. The critical evaluation is followed with COBIT securitycontrol objectives. Certain justifications were discussed about whether security was foremostpriority for iPremier or not. Furthermore, three measures are mentioned in the report that is takenso that DoS attack can be prevented. However, these actions were obvious failure frompreventing the attack from happening. The CIO thought about pulling off cord, shutting offpower thing. As per realistic thinking, shutting off power and pulling out cords could lead to lossof log files. Therefore, log data recovery will be minimal for clients and higher authority. Someinternal controls are mentioned in later sections so that iPremier can detect, prevent and correcttheir operations in cyber security.
End of preview
Want to access all the pages? Upload your documents or become a member.