Contingency Plan for Hacking Problem: Data Breach and Recovery

Verified

Added on 2022/11/27

AI Summary

This report presents a contingency plan designed to address hacking threats, specifically focusing on the APT10 hacking group's potential attacks on banking systems. The plan emphasizes the importance of a coordinated strategy encompassing procedures, plans, and technical measures to ensure the recovery of IT systems, data, and operations following a disruption. Key components include updating IT systems with the latest security measures, implementing a robust Disaster Recovery Plan (DRP) to minimize downtime and ensure data recovery, and establishing comprehensive policies and employee education programs. The report highlights the need for regular assessments and simulations to test the plan's effectiveness and adaptability to evolving hacking threats, ultimately aiming to minimize financial and operational losses resulting from data breaches.

Running head: CONTINGENCY PLAN FOR HACKING PROBLEM 1
Contingency Plan for Hacking Problem
Name
Professor
Course
Date

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CONTINGENCY PLAN FOR HACKING PROBLEM 2
Contingency Plan for Hacking Problem
The attack that has been selected involves APT10 hacking group based in China. A
hacking operation for a bank can affect the banking operations and business in general leading to
huge losses of money and time. To avoid this issue a contingency plan is required (Williams,
2018). A contingency plan involves a coordinated strategy that involves procedures, plans and
technical measures enabling IT system, data and operations recovery after being disrupted. It
generally involves some approaches to have the IT services restored. Examples of such
approaches include the recovery of IT operations using alternative equipment (s), carrying out
some or all businesses processes affected using non-IT means acceptable for disruptions that are
short term.
The plan includes first updating everything related to IT systems recovery. This first step
involves downloading and updating the business firewalls and measures of security to ensure that
an up-to-date system. It includes having the operating systems updated (Condra, 2017). A breach
operation success is exponentially huge against old technologies and upgrade is absolutely
necessary as it may cost nothing. Having a well operational DRP (disaster recovery plan) for
issues such as malware and ransom-ware is also part of the contingency plan. Employees have to
go through the plan policies. The DRP minimizes disruption and restores system operations as
fast as possible, ensures data and security are recovered, enables reliable and consistency in
processes of backup such as the cloud storage or server system. It also restores the business
quickly tor run normally.
The third step involves setting policies and education for employees. There are various
policies that the business such as a bank need to be informed about but few know them. These
policies include policies for password updates, computer using policies, protocols for offsite

CONTINGENCY PLAN FOR HACKING PROBLEM 3
working and download and upload policies (Chua, 2017). Employees need to be reminded that
when working in the public, they have to make use of networks that have been secured. Workers
need to be educated on the various policies, a process that involves a training program that is
done annually. They have to visit each issue that has the potential of happening and learn how to
avoid and deal with them (Crowe, 2019). The more they practice, the more they avoid human
errors which act as the cause of many incidences of malware and ransom-ware hacking cases.
The last part of the contingency plan is the assessment process that is done quite often to
test the workability of the plan (Clarke, & Dercon, 2016). This can be done by having an annual
simulation of the plan that helps in evaluating whether the plan still works. Testing is done
regularly through a simulation schedule to ensure that the contingency plan remains consistent
with the hacking issues that the firm faces. Such a simulation involves carrying out constant
maintenance on the systems to ensure that they remain updated.
From the analysis, it can be noted that hacking of data for businesses such as banking
causes data, money and time loss to the owners. A contingency plan that involves updating
systems, having a DRP and policies and education elements helps in getting operations back in
control fast.

CONTINGENCY PLAN FOR HACKING PROBLEM 4
References
Chua, J. B. (2017). 2015 US-China Cyber Agreement: A New Hope, Or the Empire Strikes Back.
Naval Postgraduate School Monterey United States.
Clarke, D. J., & Dercon, S. (2016). Dull Disasters? How planning ahead will make a difference.
Condra, J. (2017). Assessing nation state threats. Network Security, 2017(9), 8-10.
Crowe, J. (2019). MSP Cyber Security in 2019: Best Practices and Top Threats. [online]
NinjaRMM. [Accessed 15 Jul. 2019]. Available at:
https://www.ninjarmm.com/blog/msp-cyber-security-best-practices-2019-top-threats/
Williams, R. (2018). The ‘China, Inc.’Challenge to Cyberspace Norms.