Analyzing Risk Mitigation and Planning Tools in Cybersecurity

Verified

Added on 2023/03/23

AI Summary

This case study examines the application of risk mitigation and planning tools in various cybersecurity incidents. It analyzes the Epsilon email address database intrusion, the Tsunami in Northeastern Japan, the disruption of Amazon Cloud Servers, the hacking into SONY databases, and Con Ed brownouts. The document emphasizes the importance of Computer Incident Response Teams (CIRT), Disaster Recovery Plans (DRP), and Business Continuity Plans (BCP) in preventing and mitigating risks. It also discusses cybersecurity fundamentals, including defense in depth and network security, highlighting the advantages of cyber-security practices over traditional security approaches in addressing advanced persistent threats. The study concludes by referencing several sources that provide further insights into these incidents and cybersecurity strategies.

Application of Risk mitigation and planning tools
The intrusion to the Epsilon email address database:
On 30th march 2011 Epsilon was hit by one of the most costly data breaches, where the data of their
client’s customers was exposed by malicious attackers. The attackers intruded into the email database
and obtain the information of the customers such as their names and email addresses. To avoid such
type of attacks in future Epsilon should appoint Computer Incident Response Team (CIRT), to respond
towards such security risk to the company and its clients in future. In addition to dealing with specific
security risk they should appoint a team of experts to guide organization with appropriate
communication during such incidents (Prince)
Tsunami in Northeastern Japan
To prevent and mitigate the risk of occurrence of Tsunami in future it is important to prepare a Disaster
Recovery Plan (DRP). A DRP can help to know how nations can be prepared for the disasters, how they
can respond to the disasters so that there is minimum loss of the property and human lives and how can
industries resume their working after the disasters in a degraded operating environment.
Disruption of Amazon Cloud Servers
During debugging of an issue in the billing system a member of S# team accidentally made a typing
mistake and large number of servers was removed from the cloud than intended. The server that was
removed also supported other two S3 subsystem. This led down with them many big services such as
Quora, Trello and others. Fortunately the company has Business Continuity Plan in place that helped in
lessening the impact of this disruption. The BCP of the company had operational details on the steps
that has to be taken during and after the occurrence of this disruption (AWS).
Hacking into SONY databases
The hackers said they gained access to Sony's networks from inside Sony. The hackers introduced
malware into the databases and stole and removed important data from there. Sony should have in
place appropriate Business Continuity and Disaster Recovery plans to emerge from these attacks (Bort).
Physical Intrusion of SEALS into Pakistan hideout
Computer Incident Response Team.
Con Ed brownouts over this coming summer months
During brownouts, water is warm, incandescent lights are dimmer and electric equipment moves
slower, such as elevator, lifts, motors and so on. Business continuity plans BCP should be in place during
this brownouts to avoid disruption in the various functions in organizations.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Cyber security fundamentals and adoption.
Cyber-security Domains: Cyber security is the development, governance and management of
information security, It security and OT security techniques and tools to achieve regulatory compliance,
compromising the assets of adversaries and defending assets. On the other hand conventional security
focus mainly on the prevention and blocking techniques for example anti-virus to block threats
Cyber-security Controls: The cyber security and the traditional security both of them are applied to
reduce vulnerabilities within the organizational assets and resources and increase counterattack
capabilities against the attackers
Defense in Depth: Cyber security provides defense in-depth as compared to the traditional security. This
is because of the deeper aspects of the security are covered in the Cyber-security approach. Thus
traditional security practices are possibly prevalent as compared to the Cyber-security in providing deep
defense.
Network Security: For cyber-security practices to secure network the traditional practices are not so
advance and less costly as compared to the cyber security practices. Thus cost can be a challenge in the
implementation of the of Cyber security approach (Galinec, Možnik & Guberina).
Security Incident Response: The Cyber security program along with OT and IT security allows for more
holistic response to threat in an organization as compared to the traditional approach.
Advanced Persistent Threats: The Cyber security practices are more prominent against prevention of
some advance threats such as DoS and DDoS which traditional practices are not so prominent.

References:
AWS. Data Center Control. Web 15 May 2019.
https://aws.amazon.com/compliance/data-center/controls/
Bort, Julie. How the Hackers Broke Into Sony And Why It Could Happen To Any Company. 2014. Web 15
May 2019. https://www.businessinsider.in/How-The-Hackers-Broke-Into-Sony-And-Why-It-
Could-Happen-To-Any-Company/articleshow/45581200.cms?
utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst
Galinec, Darko Možnik, Darko and Guberina, Boris. “Cybersecurity and cyber defence: national level
strategic approach” Automatika.58. 3 (2017). 273-286, DOI: 10.1080/00051144.2017.1407022
Prince, Brian. Recent Data Breaches Show Responses Matter. 2017. Web 15 May 2019.
https://www.crn.com/news/security/229401373/recent-data-breaches-show-responses-
matter.htm
Newton, C. How a typo took down S3, the backbone of the internet. 2017. Web 15 May 2019.
https://www.theverge.com/2017/3/2/14792442/amazon-s3-outage-cause-typo-internet-server