corporate local area network crashed L a w
I’m working on a international law multi-part question and need an explanation and answer to help me learn.
What hasn’t been covered by VNN is that there were also signs on our internal systems that something was amiss. It started two weeks ago when our security event console indicated the detection of suspicious network activities. Our system administrator conducted his daily check on the system backup server and discovered a backup error message. Upon further investigation, though, he did not find any additional errors, nor did he notice anything unusual. The system administrator logged the error message according to our standard logging procedures.
A week ago, the database server on our corporate local area network crashed. After an automatic reboot, operations appeared normal, but shortly afterwards IT Support received several phone calls from users in the Accounting Department reporting that their network appeared to be slow. By noon, additional calls were received from users in other departments, to the point where IT support became overwhelmed and considered escalating the problem to management.
In addition to those internal issues, The Void’s hacking is having significant negative impacts on our business:
- As a company, our productivity has dropped significantly as a result of the cyber threat rumors and unresponsive systems.
- Several of the customers who received unauthorized invoices are threatening legal action.
- Wary of what they perceive as unsecure systems, customers and stakeholders alike are refraining from making any investments in our company.
As we move to the discussion part of this inject, focus on the ways we’d notify stakeholders and share information to combat this attack.
Notifications and Stakeholder Communications
The situation at Worldwide Global, Inc. has reached a crescendo, with significant negative impacts on our employees and customers. At this point, the most important questions that we need to address are:
- Who should we notify – internally and externally – in the case of a cyber event? What should these processes be?
- How should we quickly communicate with key stakeholders to minimize the impact of a cyber event on our business?
As you discuss these questions in your discussion post, you may also address the following related questions:
- What is our planned decision-making process for protective actions in a cyber incident? What options are available? Planned for? How are they activated? What about planned notifications? How do we do this internal to our organization? External to our organization?
- What are the business implications of the scenario? How would we determine them?
- What are the expectations or plans for information sharing among stakeholders and response partners?