This case study is on Sunnylake hospital whose EMR database and network was hacked by some unknown hackers and regarding the Disaster faced by sunnylake hospital. Paul Layman CEO of the sunnylake hospitals is who introduced the EMRs (electronic medical record) system in the hospital and switched the hospital to EMR system from paper work. One day Paul got an e-mail from unknown user about the network security of their hospital and the hacker demands the ransom of $100k to give the access back. Paul, however, didn’t inform the IT department about the email received as he took that lightly but after few days when the access got denied by all the servers and system, Paul realized that concentration needed to be given to the hackers warning. Weakness of the hospital lies in the fact that there was lack of skilled IT employs in an organization that were unable to fix the bug created by the hackers, Moreover; security management was not done properly which gave a chance or rather an opportunity to hackers to hack the system. They have the backup but it took time to restore the system to normal again. This case study of sunnylake hospital reflects some main objectives as: * Mismanagement between IT department and management level. * Auditing of network security is not done properly.
* Testing and patching of software time to time.
Business continuity planning: This is way of planning process to ensure that our products and services are delivered every time even at the time of some critical substation, we stand in market without affecting the future of company. Some of the points which are required for BCP are:
* Analysis: The analysis phase is used in development of BCP. * Solution design: The main goal of solution phase is to identify the cost effective disaster recovery * Implementation: In implement phase the execution of the design element is identified in the solution design phase. * Testing and organization acceptance: Purpose of this phase is to achieve the company acceptance that the business continuity solution will work even in a recovery requirement. * Maintenance: The role of this phase is to maintain the plan which will help the company to work even in its worse position. RCA for Sunnylake Hospital
* Hacking is a technology risk
* Hacking is a problem with the network security and the Chief Information Technologist (CIT) , Jacob Dale is responsible for this risk
Risk control strategy:
* Can’t 100% avoid a hack.
* There is no transference of this risk to make it anyone else’s problem. * Therefore, we have to accept this risk if it occurs, and deal with it in the manner in which it should be dealt. Once the hack occurs we should get our backup information and start running our system from there until we can get the hack resolved.
* This is a virtual threat and we need counter measures to deal with it. Example of counter measures would be encryption on the network or multiple firewalls, as well as having a strict password policy. Application:
* Use CTFITD
* 1 million dollars to get multiple firewalls to secure network and replace old infrastructure * 500 ,000 to have spares and redundancy for and on the network
* Start as soon as possible so can network up and running again * Will be a permanent change
* Replace every 500,000 hrs.
* New firewalls and security to previous implemented network * CIT and IT professionals to implement
* Minor impact on the hospital because as it is being implemented it will be running from backup data. * No outsourcing.
* Implement new network during downtime or when hospital is not very busy * Have CIT set up network and firewalls and IT professionals set up emr’s and computers in the hospital
* Simulation of multiple firewalls worked on an inside hack done by a...