What Options Are Shaping up to Recover from the Dos Attack
As illustrated in Chapter 11 of “The Adventures of an IT Leader1” book, three options are shaping up to recover from the DoS attack. In my opinion, IVK should use this opportunity to invest is a secure IT infrastructure and rebuild the original production system with all the upgrades after the mirror site, built from development files, is up and running. There are several advantages but also some disadvantages to this approach. This option does not require IVK to shut down the business and with stock price rising, a successful analysts meeting, and a renewed sense of optimism among IVK employees, shutting down the business will affect the bottom line of the company and may be even morale of some company employees. The disadvantage to pursuing this option may is considerably more time and money to implement. Option 1 (do nothing) is certainly not an option to pursue and option 2 (shutting down the company) has some advantages and disadvantages (like option 3); the discussion henceforth will provide analysis and arguments to support option 3 for IVK to recover from the attack.
The article by Dutta and McCrohan2 nicely summarizes the current situation which IVK is facing. IVK finds itself in Region 5, which consists of critical assets for which there are known vulnerabilities and which are exposed to threat but with a big difference; the vulnerabilities have been exposed and IVKs is in recovery mode post DoS (Denial of Service) attack. IVK in my opinion was operating in Region 4; John Cho had raised concerns about a security hole and the need for a fast track upgrade project to plug the security hole, which ironically was shot down by Jim Barton when he was head of Loan Operations.
Unfortunately for IVK, the root cause of the attack is still unknown and the possibility of intrusion by insiders at best is a guess. There seems to be general agreement to pursue Option 2, since it was shaping up as a “play it safe” option and Omar Williams, VP Business Development even saw this as an opportunity to market the shut down scenario as a customer security initiative.