For this Discussion Board, please complete the following:
Read the below article about the Colonial Pipeline cyberattack:
Colonial Pipeline CEO Tells Senate Decision to Pay Hackers Was Made Quickly
https://www.cnet.com/news/privacy/colonial-pipeline-ceo-tells-senate-decision-to-pay-hackers-was-made-quickly/
The Pipeline was hit by a ransomware attack (see Chapter 2, pages 86–87 in the textbook, Principles of Information Security). Around 100 gigabytes of data were stolen. Some operations had to be completely shut down due to the cyberattack. If you were the owner of Colonial Pipeline, think about how technical, administrative, and physical controls are applied in an organization to help ensure data confidentiality, integrity, and availability.
Watch the following video to review the three categories of information security controls:
Different Types and Functions of Security Controls
Based on your review of the video, and the pipeline scenario, discuss the following:
1. Which information security control would you implement first as a disaster recovery tactic to try and prevent the problem in this scenario? Why?
2. In your opinion, why is each control is specifically important to ensure the security of companies such as Colonial Pipeline as a component of disaster recovery?
