An information security manager is advised by contacts in law enforcement that there is evidence that his/ her company is being targeted by a skilled gang of hackers known to use a variety of techniques, including social engineering and network penetration.
The FIRST step that the security manager should take is to:
Click on the arrows to vote for the correct answer
A. B. C. D.C.
Information about possible significant new risks from credible sources should be provided to management along with advice on steps that need to be taken to counter the threat.
The security manager should assess the risk, but senior management should be immediately advised.
It may be prudent to initiate an awareness campaign subsequent to sounding the alarm if awareness training is not current.
Monitoring activities should also be increased.
When an information security manager receives information that their organization is being targeted by skilled hackers who use various techniques, including social engineering and network penetration, the FIRST step they should take is to immediately advise senior management of the elevated risk (option C).
Here's why:
Senior management is responsible for making decisions about the organization's overall risk tolerance and allocating resources to manage risk. If the security manager were to conduct a comprehensive assessment or increase monitoring activities without first notifying senior management, they may not receive the necessary support to effectively mitigate the risks posed by the hackers.
Senior management needs to be informed of the situation as soon as possible so they can make informed decisions about how to proceed. This could include authorizing additional resources for security measures, contacting law enforcement or other relevant authorities, or communicating with stakeholders (such as customers or partners) about the situation.
By alerting senior management to the elevated risk, the security manager can help ensure that the organization's response is coordinated and effective. This can help minimize the potential impact of the hacker's actions and demonstrate to stakeholders that the organization takes security seriously.
While options A, B, and D are all important steps to take in response to the situation described, they should be undertaken after senior management has been notified of the elevated risk. A comprehensive assessment can help identify specific vulnerabilities or weaknesses that need to be addressed, awareness training can help employees better understand and resist social engineering tactics, and increased monitoring can help detect and respond to potential intrusions. However, these steps are most effective when they are undertaken as part of a coordinated and informed response.