Use the following resources to complete the assignment:
- Overview of Conti RansomwareDownload Overview of Conti Ransomware
- IR Plan Template document Download IR Plan Template document*
- NIST SP 800-34r1Download NIST SP 800-34r1
*The template document was adapted from NIST SP 800-34r1. It shows you the general structure of the IR Plan we want to end up with, and we will make changes to it as needed.
Instructions
For this assignment, we will consider three organizations, each with its own characteristics:
- Fine Foods LLC – A company that delivers prepared meals to customers around the world
- Biomed Cancer Diagnostics – A medical testing company that caters to patients and research labs
- City of Norway Pines – A small U.S. city government
Suppose you are presented with the same evidence as in the HSE case. Let’s assume a couple of things:
- We don’t have to worry about how the attack was detected.
- Instead of being at HSE, we will assume that we see the same evidence in each of the three organizations: Fine Foods, Biomed Cancer, and Norway Pines City Govt.
In each case, you may have very little time to decide how serious the event might be. An initial incident “triage” step consists of deciding severity of the incident: low, medium, high, or critical.
After reading the “Overview of Conti Ransomware” and “IR Plan Template” documents, please do the following:
- For each organization, write a single-page incident report that interprets the incident severity in that particular context. Come to a decision on which parties have to be notified as required by the laws that may govern each of the three organizations.
- “Section 4.2 Recovery Procedures” in the IR Plan template should list the procedures to be followed by the CSIRT to recover from different types of incidents. In the Appendix, add a procedure to recover from a ransomware attack as in the HSE case. You can make assumptions about backup media, but assuming all three organizations have the same backup facilities, would the recovery process differ for the three organizations? Explain why or why not.
Additional Details
- Format: Microsoft Word (or compatible)
- Font: Arial, 12-point
- Citation style: APA
- Suggested length: At least 10 pages, which can vary depending on your presentation of the content
BELOW is the description from the last tutors work and it got a failing grade do NOT do this please.( for reference please see document called “baseline control”
our references do not appear to be relevant to this assignment. The Azevedo reference, cited for the TDI data breach, is an actual publication but never mentions a single “breach” in the entire article. The Benito reference never mentions firewalls to prevent intrusions or connect to malicious sites nor passwords The Yang reference is about green and low carbon shift in manufacturing in China. It never even mentions “security”, “confidentiality” or “integrity” It is not at all clear why you cite these articles.