Cyber Security Incident Response and Recommendations

Edit Answers
1234567891011
Across
  1. 3. (4,10) Ensure compliance with GDPR and secure storage of sensitive parent data. (Key Security Requirements)
  2. 6. (12,8) Implement Multi-Factor Authentication (MFA) for all staff accounts to prevent unauthorized access. (Key Security Requirements)
  3. 7. Financial loss, data breach, reputational damage, and regulatory risk. (Incident Overview)
  4. 8. (4-4) MFA, Explore Zero Trust and AI-based threat detection for future resilience. Phase 3 (Recommended Approach)
  5. 9. (6-4) Develop incident response plan and review data protection policies. Phase 2 (Recommended Approach)
  6. 11. (5,8) Deploy advanced email filtering and sandboxing for attachments to block phishing attempts. (Key Security Requirements)
Down
  1. 1. (4,5) Lack of multi-factor authentication (MFA), insufficient phishing awareness, and inadequate email security controls - sending CSV files unencrypted. (Incident Overview)
  2. 2. (8,8) Establish a formal incident response plan with clear escalation procedures. (Key Security Requirements)
  3. 4. Implement email filtering, and staff training. Phase 1 (Recommended Approach)
  4. 5. (4,9) Conduct regular phishing simulations and cybersecurity training for staff. (Key Security Requirements)
  5. 10. (4,2,6) Phishing leading to email compromise and financial fraud. (Incident Overview)