Ipremier Case Summary

Satisfactory Essays
The company’s operating procedures, if they actually existed, were not effective. The “binder” with emergency procedures was not available and it was probably outdated at best. People dealing with the attack, like Leon, never saw them before or know where to find them.
It is not clear in the article if iPremier did any risk assessment, and if they did, they didn’t anticipate that they could be victims of a DDoS attack. iPremier should have used a Contingency Planning standard like NIST SP 800-34 to identify risks and develop policies and procedures to deal with attacks like the one they faced. If they had these, they could have responded in a more orderly and affectively fashion and they could have alternatives to overcome the negative impact
Get Access