Cyber Attack

With the recent increase in cyber attacks on organizations in our industry, I want to ensure that we are taking proactive measures to stay ahead of the bad guys. I want you to look at our current network security controls and risk management plans to identify where additional network security risk mitigation efforts can be implemented. I will be briefing the CIO on the overall information security posture of the organization and will be asking you to provide me with specific input on your area of responsibility. I don't want too many details, but a one-page summary of your plan to address the topic at hand. Please have your team work closely with Allison Tanney's IT Network department.

We have seen an increase in external scanning attempts against our network. In response, I am running a network security penetration test to see if we have any vulnerabilities or unknown exposures. I am coordinating this test with the IT Network department. Additionally, I have contacted our Firewall and Intrusion Detection System (IDS) vendors to verify that we are up to date on our software. I am still concerned that we only have a network-based IDS installed and have not implemented a host-based system. As you may know, we have a project kicking off in two months that will address our data leakage and end-point security issues. We have seen an increase in employees sending sensitive information out of the network to external systems (primarily their home systems). While we are doing a good job of keeping the external threats out, we are not doing well at mitigating the internal risks.

I am a little concerned with the increase in zero-day malware being detected in the industry. While our critical systems are being protected with a solid antivirus program, I am worried about other threat vectors, including both internal and external entry points. We are in need of a security event log management tool that can help us consolidate and correlate