Professional Documents
Culture Documents
IPREMIER BACKGROUND
iPremier- high-end online sales company (mostly credit card transactions)
October 2008- Bob Turley hired as new Chief Information Officer
January 2009- Denial of service attack occurs
Bob
Turley(CI
O)
Joanne
Ripley
Leon
Ledbetter
Tim
Mandel
Warren
Spangler
Peter
Stewart
Summarize events
Provide summary about current status and next steps.
ADDITIONAL PROCEDURES
Conference call bridge with key IT personnel, iPremier executives,
and key Qdata personnel
Testing
Revisions
What data was compromised? (credit card information, customer information, email system)
Was intrusion malware was installed onto systems?
Was the attack a diversion attempt to mask criminal activity (i.e. fraud)?
Will another attack occur in the near future?
Business Impact:
Public Disclosure Issues
SEC guidelines for cyber-security risks and events (2011)
Potential Litigation
Breach of contract
Violation of SLAs
CONCLUSIONS
NO IT GOVERNANCE RESULTED
IN
Evidence indicating no IS policies, enforcement, support nor
protection:
IT infrastructure outsourced to Qdata, paying for 24/7 support
getting no 24/7 support on January 12, 2009