- The iPremier company experienced a 75-minute distributed denial of service (DDoS) attack early one morning when traffic to their website was minimal. Few employees were aware of the source or extent of the attacks.
- The initial response was considered appropriate as personnel like the CEO and legal counsel avoided rash decisions that could have further harmed the company. However, the company was deficient in several operating procedures for responding to attacks.
- To prepare for future attacks, the company should purchase additional storage for logging data, update emergency procedures, employ more security personnel, and improve network defenses and monitoring. Failure to address deficiencies could result in loss of customer data, lawsuits, and major public relations issues for