Adequacy of Organization's Long-term Counter Attack Actions

578 WordsFeb 4, 20182 Pages
Introduction In Case study number one (Dhillon, 2007), Stellar University(SU), which is public education institution, had a system breach in its Information Systems(IS). The IS of SU contained many types of IT such as Mainframe, AS400, Linux, VAX, Unix, AIX, Windows(3.1 and up to 2003), Apple, RISC boxes Storage Area Networks(SAN), Network Attached Storage(NAS) and much more. Sadly, SU has had a security breach on some of its systems. Even though everything was fixed but there are issues that need to be discussed about this breach. The first issue is adequacy of organization's long-term counter attack actions. The second issue is helpfulness of immediate counter attack actions. Hopefully, the discussion will be concise and to the point. Adequacy of Organization's Long-term Counter Attack Actions Sadly, the measures SU IS staff has taken were not adequate enough. The post-mortem check they conducted to determine the what and why of the breach was not done in a formal fashion. It was basically, a written summary presented to the management, along with an analysis of how to avoid such future breaches of similar type presented to the System Administrators(SAs). It was done in several steps. First, after viewing monitoring tool logs the SAs decided to put the Anti-Virus(AV) program in the watch list of services so they would be alerted when a hacker for instance disables the AV. Still, this step will not prevent the intrusion! This is another proof that the actions were not

More about Adequacy of Organization's Long-term Counter Attack Actions

Open Document