College Essays-Risk Mitigation
Company M designs, manufactures, and sells electronic door locks for commercial buildings. The company has approximately 1,500 employees in three locations around the United States and generates $50 million in annual revenues. Over 5,000 wholesalers and distributors access the Company M business-to-business (B2B) Web site to place orders and track fulfillment.
In the past year, Company M experienced 22 information security incidents, most of which involved lost or stolen laptops, tablet PCs, and smartphones. In addition, the company dealt with four serious malware events that originated from an unpatched server, an insecure wireless network used in the manufacturing plant, an insecure remote connection used by a sales person, and a headquarters employee who downloaded a game from the Internet to her workstation. Three of the malware incidents resulted in files that were erased from the company’s sales database, which had to be restored, and one incident forced the B2B Web site to shut down for 24 hours.
You are tasked to give a presentation to the CEO and other IT management. Please ensure that the presentation addresses the following questions:
Identify and discuss technological and financial risks that Company M faces.
Which domains of the IT infrastructure were involved during the four malware events?
What types of security policies should Company M institute to mitigate those risks?