This report provides a comprehensive overview of IT Security Management, encompassing an analysis of various network attacks, including the WannaCry ransomware attack and the GitHub DDoS attack. The report delves into the mechanics of these attacks, their global impact, and the mitigation strategies organizations can employ to protect themselves. Furthermore, it presents a case study on how cybercriminals targeted a QLD law firm through social engineering, highlighting the importance of cybersecurity awareness. The report also discusses the significance of business continuity and disaster recovery plans in the face of cyber threats. The content is structured to provide insights into the nature of cybercrime, potential vulnerabilities, and effective defensive measures. References are provided for each part of the report.