INF80043 Executive Briefing Paper: Banksia Pathology Cyber Resilience

This executive briefing paper examines the cyber resilience of Banksia Pathology, a rapidly growing independent pathology center in Australia. The report begins with an introduction to Banksia Pathology's operations and its concerns regarding information system security and IT risks. It then delves into a discussion of IT/IS risk management, identifying potential risks such as phishing, botnets, malware, spoofing, ransomware, and Trojan horses, and their implications for the organization. The paper outlines the technical requirements of Banksia Pathology's IT infrastructure, the problems faced with the implementation of new systems, and proposes mitigation strategies for the identified risks. It emphasizes the importance of IT/IS risk management, including steps like risk identification, sourcing, and measurement. The paper concludes by highlighting the importance of improving cyber resilience as an executive/board-level responsibility, considering the increasing reliance on IT systems and the sensitive nature of patient data. The report is a comprehensive analysis of the cyber security posture of Banksia Pathology and provides actionable recommendations for improvement.