CIS097-6 Cybersecurity Management :Tactical and Strategic Report
- Subject Code :
CIS097-6
- Country :
Australia
The following case study is based on a real-life incident.
You are an IS consultant currently contracted at UoB Bank plc to undertake a full review of their IS operations (incl. security). On arriving at work this morning, you have been informed, in passing; by the on-call IS Incident Manager that there has been a major incident at the main London branch.
At the branch, overnight, a water pipe has leaked in the staff kitchen and flooded part of the top floor of the two-storey building. The water has broken through the ceiling in places and poured into the main customer area. The water shortcircuited one of the motion detection sensors and triggered the intruder alarm. The Bank's 24/7 security office were alerted of the alarm remotely and called out the Police and the branch manager. On arriving at the scene, the manager found the branch flooded and called out the Bank's 24/7 emergency property maintenance service. The Police left due to no evidence of a crime having been committed.
The branch manager being concerned about the dangerous combination of electrical equipment and water (and the potential risk of an electrical fire), he started switching off all electrical appliances incl. desktops and printers. On arrival, the emergency property maintenance service engineer recommended that the main power to be switched off while they fix the water leak using torches.
The leak was subsequently fixed and all the water mopped up before the staff started arriving at work in the morning. On switching back on the desktops, printers were operational but the members of staff were unable to login. The branch manager calls the IS Service Desk to raise an incident ('ticket').
An abridged version of the incident log is attached.
The branch was out of operation for 1.5 days, which is unacceptable from a customer service perspective. The IS Incident Manager also has concerns regarding some potential security risks highlighted during the incident. Therefore, he has asked you to undertake a full and detailed analysis of the incident and identify the key issues (including any security concerns) which delayed the recovery of IS and therefore business operations. He has also asked you to recommend measures to mitigate the impact from each of the issues identified. These solutions may be either from a technical or non-technical perspective.
Report
Your report should consist of two key elements: an executive summary for the Head of IS and the CEO, and the main report which contains the technical detail for IS Service Management and other IS operational teams. The executive summary should be no more than 500 words, and the length of the report should be approximately 4500 words.
