IFSM 432 Historical Events Analysis Paper
Historical Events Analysis
The core aspect of business continuity planning is to guarantee the minimization of adversative impacts of a disruptive event whilst at the same time securing the vital components of a business entity. Within a globalized business environment characterized by volatility, uncertainty, complexity, and ambiguity, continuity planning is essential to a business entity’s operational success and survival. Quick progressions in technology have led to an increase in risks involved. Therefore, corporations are compelled to guarantee the integration of mechanisms to minimalize losses while increasing the probability of sustaining operations in adversative circumstances. However, not every threat within the VUCA operational environment may be predicted. Organizations may still profit from implementing strong business continuity plan policies and protocols. The analysis paper aims to pinpoint the importance of a business continuity plan by assessing the ransomware attack on the city of Atlanta in 2018.
In March 2018, the administration in Atlanta experienced a cybersecurity attack later established as a SamSam ransomware occurrence. Compared to ransomware attacks, malicious software was transmitted to the town’s computer systems to block users’ access to information and services about the systems. This led to the halting of the city’s services such as payment of parking and other utilities. Moreover, it resulted in compromising the legal records and disruption of the law enforcement’s dash camera database. Municipal court events were likewise disrupted as all records were encoded and essentially held at ransom by the hackers.
In the aftermath of the cybersecurity attack, the hackers demanded bitcoins worth approximately $51,000 as a ransom to allow accessibility of the encoded information and services. The town’s administration sort the assistance of various enforcement agencies such as the federal bureau of investigation and the Department of Homeland security in an attempt to contain the risks and resolve the challenge. The administration also sought the services of a private IT consultation form to expedite the recovery attempts along with partnerships with learning institutions, for instance, Georgia Tech. Although the cybersecurity incident was determined with a week, the full magnitude of the damage was already apparent after the assault. Historically, Atlanta’s cyber-attack is regarded as the largest, most costly cyber interruption in city administration.
During the development and successful deployment of a strong business continuity plan, there are three vital steps involved in the process. The steps include impact analysis, recovery, and training. The company is liable to conducting a thorough evaluation of the existing systems to determine the probable susceptibilities and the adversative effects attribute to the vulnerabilities. The exercise aids in anticipating the threats involved and generate suitable mitigating mechanisms. However, it is essential to note that solid systems are also susceptible to cyberattacks or vagaries of adversative occurrences attributed to unidentified threats. Subsequently, the town’s administration needs to generate valuable recovery procedures to guarantee continuity of operations and recover essential resources. Effective training is therefore critical in ensuring the effective continuity of a business.
The City of Atlanta displayed considerable limitations in segments of impact analysis, recovery, and training. According to Kearny (2018), approximately 130 software programs incorporated in the daily operations were subsequently taken offline, with about thirty percent of the software considered to be mission-critical being disabled. This is attributed to the use of less sophisticated ransomware that most corporations may have integrated counteractive measures. The complacency culture exhibited by the administration ultimately resulted in losses amounting to millions of dollars. According to Fisher Norman and Klett (2017), studies indicate that a heightened dependence on cyber resources has subjected corporations universally to an intensified level of threat on their working environment. The recovery element of the BCP system must be occasionally evaluated to minimalize disastrous losses.
According to Kearny (2018), there is no proof of the town implementing a systematic review process. Therefore, it is anticipated that even after the emergency had been determined, a substantial amount of data had not been retrieved. In this case, based on the town’s attorney’s sentiments, legal documents dating back to over ten years ago were lost, with approximately seventy computers within the law department were considered unnecessary. The point that off-site back-ups were non-existent for these essential documents speaks to the city’s less-than-vigilant approach regarding the retrieval element of the BCP.
Ultimately, the aspect of poor preparation by the town’s administration facilitates the city’s significant losses in the event of the ransomware assault. According to Fisher Norman and Klett (2017)., studies indicate that efficient training of the business continuity plan teams and the entire team of employees in a corporation may substantially reduce a shortfall of system resistance in the event of an adversative occurrence. While most of the personnel within the City of Atlanta initiated rapid action to reduce the loss of delicate information, there was no general determination to conducting training on personnel to forestall such cyber-attacks before the occurrence of the cyber-attack. Proper preparation might also have diminished the threat of the ransomware gaining access to the system.
Retorting to an emergency is a certainty that every business needs to be prepared for. Implementing a business continuity plan signifies that an organization continues operating in the event of a disastrous occurrence. Regarding the best practices to avert a devastating cyberattack, absolute deterrence should be an ultimate objective. State and local administration ought to have safety zones well segmented in their network to deter depraved actors from moving laterally should they unlock one gadget by instinctive vigor. The town’s cybersecurity approach depends on three pillars; authority with obedience, susceptibility management, and general risk management.