Case study_ The indigo case (1)
pdf
keyboard_arrow_up
School
Toronto Metropolitan University *
*We aren’t endorsed by this school
Course
505
Subject
Information Systems
Date
Apr 3, 2024
Type
Pages
3
Uploaded by BaronEmuMaster1056
Date: November 25th, 2023
Assignement 2: Indigo case
1.Discuss at least 3 ways that the ransomware attack harmed Indigo. Identify and
discuss at least two reasons that Indigo may have been particularly vulnerable to a
cyberattack.
The Indigo ransomware attack caused operational difficulties, financial losses, and consumer
and staff concerns.
Indigo's operations were disrupted as a result of the ransomware attack.
Indigo was forced to close its e-commerce platforms, with the website staying inactive for
four weeks. Customers were unable to make online purchases at this time, with the exception
of "select books."
Indigo also suffered financial losses as a result of the attack including $5.2 million in
expenses in the two months soon after the incident occurred. Aside from the immediate costs,
the overall impact on sales and profitability was huge. Online sales were 26% lower in the
quarter after the attack than in the same period the previous year, indicating a long-term
impact on the company's financial performance.
Customers and staff members were both concerned as a result of the incident. While there
was no indication that customer data was compromised, Indigo staff members personal and
financial information was released to the dark web, potentially exposing them to identity theft
risks. Employees felt anxiety and concern over the situation, which harmed their health and
morale. The incident's reputational harm also damaged customer trust and confidence.
Two reasons that Indigo may have been vulnerable to the cyberattack is the recent technology
upgrades they were making and that this was a targeted attack. Indigo recently upgraded their
previous website, including current e-commerce systems based on cloud computing. While
the goal was to improve the company's online capabilities, this change may have exposed
new vulnerabilities. The fact that the attackers had already used LockBit malware to gain
unauthorized access to Indigo's multilayered network shows a well-planned and sophisticated
operation. The assailants were well-funded and had most likely undertaken extensive
reconnaissance before making their presence known.
2.What approaches can Indigo use in the future to assess risk and improve decisions
around cybersecurity investment? Describe at least 3 controls that Indigo can
implement or strengthen to reduce risk and mitigate the possibility that cybersecurity
breaches could happen again in the future.
Two approaches Indigo can use in the future to assess risk and improve decisions around
cybersecurity investment are implementing regular risk assessments and the use of threat
intellegence. A risk assessment would entail detecting and assessing possible risks,
vulnerabilities, and impacts on the organization's information assets. Incorporating threat
intelligence into the process would improve Indigo's risk assessment. Threat intelligence
Actively monitors external sources for information on developing cyber threats, strategies,
techniques, and procedures used. 3 controls Indigo can implement to reduce risk of
cybersecurity breaches in the future are Regular updates within the software, ensuring all
software, including operating systems and third-party apps, is constantly being updated with
the latest security updates. The second one would be data encryption which is the process of
altering data or information into code to prevent unwanted access and major cyber-attacks is
known as data encryption. This protects information from interception or compromise,
especially when engaging in online transactions or data storage on servers. Lastly they should
implement an access control list, a network traffic filter that regulates incoming and outgoing
traffic of the system.
3.Drawing on your knowledge of e-commerce features and benefits, and using the
Indigo cyberattack to inform your answer, explain the harms for businesses when their
e-commerce channel is not available to customers. Provide at least 3 examples.
When an e-commerce channel is unavailable to consumers, organizations can suffer major
consequences that extend beyond immediate financial losses. The three examples are revenue
disruption, customer dissatisfaction, and operational challenges. The most obvious effect is a
decline in revenue. When e-commerce systems are hacked or temporarily shut down, firms
lose a vital revenue source. The unavailability of Indigo's e-commerce platform resulted in a
26% decrease in online revenue in the quarter after the cyberattack. This demonstrates how a
disrupted e-commerce channel may have a big financial impact on a corporation.
E-commerce channels are very important and not just for transactional purposes, but also for
consumer experience. Customers encountered many difficulties completing online purchases
for several weeks following the Indigo breach. These interruptions may damage consumer
trust, and in an age when excellent online experiences are expected, firms risk losing loyal
consumers to competitors that provide more dependable services. The unavailability of the
e-commerce channel creates many operational challenges. Order processing, inventory
management, and customer service, which are all linked to the online website, may be
affected. Indigo was forced to create a new website quickly in reaction to the attack.
4.Which of the four basic competitive strategies outlined in Chapter 3 of the textbook do
you think best describes Indigo’s approach? Explain your reasoning and provide two
examples of how Indigo uses or can use information systems and technologies to support
that strategy. How effective is Indigo in using information systems and technologies to
gain or maintain competitive advantage?
Based on the article I would say Indigo's approach aligns closely with the competitive
strategy of Product Differentiation. Indigo provides a wide range of items to their customers.
Indigo is more than just a bookshop, it is a large retail area that sells a wide array of things
beyond books.The store concept emphasizes generating a distinct and diverse customer
experience, reflecting a focus on product differentiation. Indigo has also made an investment
in a major website redesign and enabling infrastructure for modernized e-commerce
technologies demonstrates a dedication to creating a unique online experience.
Two ways Indigo can use information systems are they could use inventory systems and
customer segmentation analysis. Indigo can optimize the product mix by utilizing inventory
management tools that incorporate data analytics. This guarantees that the store provides a
broad and selected variety of products, improving the entire shopping experience for
customers. Indigo can find and understand particular categories of customers interested in
specific products and experiences by utilizing modern data analytics techniques. This study
helps in the development of marketing strategies and product offers that are tailored to
effectively reach and serve the intended niche. Indigo's use of information systems and
technology to enhance product diversification results in a competitive edge. Indigo draws
customers looking for more than simply books by offering an array and distinctive product
variety both in-store and online. The emphasis on the complete client experience, made
possible by sophisticated technologies, helps to retain a distinct market position.
Citations
P, N. (2023, July 28).
Cybersecurity controls explained: Sprintzeal
. Sprintzeal.com.
https://www.sprintzeal.com/blog/cybersecurity-controls
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help