MKTwain - CMGTCB-559 - Final Reflection 02.08.24

docx

School

University of Phoenix *

*We aren’t endorsed by this school

Course

559

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

2

Uploaded by PrivateOtterPerson4789

Report
Mark Twain February 8, 2024 CMGTCB/559 – Final Reflection Cyber Security Incident In March of 2016 my organization, a three high school district with about 5,000 students and 2,500 faculty and staff, appeared to have suffered an incident because our servers were not responding. However, the computers were still working, just not able to access the internal drives. One of our techs attempted to restore the servers and drivers from a backup, however, this only made things worse because when he deployed the back up through SCCM, it erased everything on the computers, now we had dead computers, the OS was wiped out, not even the BIOS would respond. The quickest solution was to pull the laptops and MacBooks out of the classroom carts and load them with the most current image that was needed for instructional purposes, this took roughly one week to complete and distribute to teachers and staff. Although devices were issued, the classroom materials were no longer available and teachers who hadn’t backed up their data to external drives had nothing to work with. We never found out what exactly happened because no ransom was ever sought, but most of our classroom instructional materials were deleted. In this situation, had we had an incident response plan, the simple fact that the servers and storage drives were inaccessible would’ve prompted a response to continue operations through already established back-up drives. Instead, because there wasn’t anything defined as to what should be done, a tech thought the quickest response was to push out an image to all workstations to get them connecting again, and this resulted in a much greater loss of information and systems. This incident was already unexpected, and without a proper response plan and direction, it was made worse via an “insider threat”. With an established incident response plan, we would’ve known what to look for, how to mitigate further damage, what systems should have been checked first before deploying a new image to every computer on the network, and how to best proactively manage the incident, rather than react to it with what was “thought” to be best, not what was established as the process. Instead, the reactive response due to lack of a plan just made it worse. In my current work environment, as we’re going through several infrastructure improvements, having a gap analysis matrix would help us see that our current infrastructure has too many on premises resources that take up space, require extra climate controls as well as standby back up power resources. We are planning to migrate as much as we can to a cloud environment, however we are still updating our on-premises resources that will soon be moved to cloud. This is an unnecessary expense in hardware and adding more climate and power controls for something we will not be using 3 to 5 years from now. I may put this together so I can present this to our district leadership so we can avoid this expense, however, this has been in
the works for the last 4 years and is just getting underway after the cabling project is nearly complete. We had a drafted risk register created in April of 2020 right after the pandemic hit. We had to scramble and provide Chromebooks to all of our students and laptops or Chromebooks to our teachers. However, due to global shortages of everything, especially technology, we hadn’t updated our firewalls yet, and our MDM was also not completely set up. We had a draft list of what needed to be prioritized in order to make sure our devices were secure as everyone was remote. We analyzed that the Windows devices that would VPN into our network were the highest priority because, unlike student Chromebooks that don’t VPN into our network, the Windows devices could be targeted if someone was using VPN through a public network or hotspot. We prioritized to make sure our mobile windows devices were all up to date on security policies and software, then our firewalls, lastly the Chromebooks, which some were no longer supported for updates by Google due to their older OS. Personal Benefit To be honest, I went into this course thinking it was more about the types of security controls to put into place in order to prevent a cyber-attack, such as specific firewalls, software, etc. This course taught me to look at risk and security from a larger perspective, as to what exactly can happen if risk is not mitigated. The two parts of an assignment that gave me a difficult time but helped me see things from a different perspective were creating the risk register, and also the risk ranking table. These two were eye opening in how they can relate to project management and project planning, how this should be done as part of any project so that you can have a plan for the “when” instead of the “what if”. I feel that what would’ve helped my experience in this course would’ve maybe been examples or labs of what a certain threat looked like as it happened, sort of like a lab or video of a mock ransomware attack. Overall I feel like I learned much more than I expected, especially since I had to revise my competencies and with each revision cam more research and in-depth thinking to what was required.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

ACC 4320 Assignment Week 5.docx
part2.docx
Project Two.docx
MKTwain - CMGTCB-555 - Competency 2 - Reflection.docx
MKTwain - CMGTCB-582 - Competency 1 Reflection.docx
MKTwain - CMGTCB-582 - Competency 2 Reflection.docx
MKTwain - CMGTCB-559 - Comp 1 Reflection.docx
MKTwain - CMGTCB-559 - Comp 2 Reflection.docx
MKTwain - CMGTCB-559 - Comp 3 Reflection.docx
Unit 6 Risk Management .docx
QSO 640 MODULE 4 PRE-TEST .docx
QSO 640 Module 6 - Pre-Test.docx