You are part of the Sheriff’s Office that supports a mid-size city of 400,000 people. Your jail holds 2,000 prisoners, several of whom are awaiting trial, while others are pending release. Your records system has just been taken hostage through ransomware for bitcoin worth about 5 million dollars. As a result, you have no visibility to who your detainees are or why they are being held. Your jail medical records have also been seized. Because it is a single network, you also realize that the records of your personnel (corrections officers, deputies, and other employees/workers) have also been seized. Last week you fired a worker who was openly disgruntled, you realize that this person had privileged access. Although you are not completely sure, you suspect, that part of your network security was left open, potentially allowing the intrusion. You have been asked to create a solution proposal for the breach.
Create a 6-page proposal detailing your solution that includes a cover page, table of contents, and reference page. Imagery and graphics are optional, but may be used. Consider the following in your proposal:
What is your response?
How do you gain control of your records?
How do you prevent this from occurring again?
Who do you alert?
What privacy compromises may have occurred?
Do you choose to pay the money, and who are you accountable to?
What processes for employee termination and privileged user access need to be in place?
What network defense and offense for information systems can you implement?
What Privileged Access Management options need to be implemented to prevent future risks?