Information Security.
Scenario
Fullsoft, Inc. is a software development company based in New York City. Fullsoft’s software product
development code is kept confidential in an effort to safeguard the company’s competitive advantage in
the marketplace. Fullsoft recently experienced a malware attack; as a result, proprietary information
seems to have been leaked. The company is now in the process of recovering from this breach.
You are a security professional who reports to Fullsoft’s infrastructure operations team. The Chief
Technology Officer asks you and your colleagues to participate in a team meeting to discuss the incident
and its potential impact on the company.
Prepare for the meeting by deliberating on the following questions:
How would you assess the risks, threats, and/or vulnerabilities that may have allowed this incident to occur, or could allow a similar incident to occur in the future?
What insights about risks, threats, and/or vulnerabilities can you glean from reports of similar incidents that have occurred in other organizations?
What potential outcomes should the company anticipate as a result of the malware attack and possible exposure of intellectual property?
Which countermeasures would you recommend the company implement to detect current vulnerabilities, respond to the effects of this and other successful attacks, and prevent future incidents?
Format: Microsoft Word
Font: Arial, Size 12, Double-Space