1 / 8

Distribute.IT – A Case Study

Distribute.IT – A Case Study. Background. Formed 2002 as a startup Web Services provider Domain name registrar Web/Server Hosting SSL Products SMS messaging ~10% Market Share - .au domain names Offices in Melbourne & Jakarta 30+ Employees 200,000+ domain name clients

hillary-knowles
Télécharger la présentation

Distribute.IT – A Case Study

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Distribute.IT – A Case Study

  2. Background • Formed 2002 as a startup • Web Services provider • Domain name registrar • Web/Server Hosting • SSL Products • SMS messaging • ~10% Market Share - .au domain names • Offices in Melbourne & Jakarta • 30+ Employees • 200,000+ domain name clients • 30,000+ hosting clients • 8-10 million SMS messages per annum • 3,000+ Resellers • Profitable, growing, cash flow positive business

  3. Initial Breach June 3 – June 10, 2011 Network Lockdown Compliance Fri. 3/6 Fri. 10/6 4/6 8/6 5/6 6/6 9/6 7/6 Reconfigure Entire Network Breach Detected Customer Fallout

  4. Major Breach June 11 – June 23, 2011 Network Rebuild Sat. 11/6 13/6 15/6 20/6 22/6 23/6 12/6 14/6 16/6 17/6 18/6 19/6 21/6 ~ 4:30 pm ‘Major’ Incident ~ 5:30 pm Shutdown entire network

  5. Major Breach June 11 – June 23, 2011 Privacy Commissioner Governing Body Support (auDA, etc) First Servers come back online Government Media Banks Sale of Assets to Netregistry Compliance Approx. 96% of servers online Staff Loss Network Rebuild Media Sat. 11/6 13/6 15/6 20/6 22/6 23/6 12/6 14/6 16/6 17/6 18/6 19/6 21/6 ~ 4:30 pm ‘Major’ Incident Social Media Social Media AFP Complete Assessment Media Analysis Staff Loss Accreditations Client Comms Announcement Re: 4 servers Compliance Board Meeting ~ 5:30 pm Shutdown entire network Damage Mitigation AFP Meetings auDA ICANN nzDNC Liquidator Meetings Board Meeting Solvency? Insurance Customer Loss

  6. Lessons Learnt • Cyber Security is not just an IT issue • Security is a Process – not a static position • Governance and Risk (Information Security Management)

  7. What Now? • Cqr.com • Alex.Woerndle@cqr.com

  8. Questions? DISCLAIMER OF LIABILITY While every effort is made to provide accurate and complete information, CQR Consulting Pty Ltd and/or Distribute.IT Pty Ltd and/or the presenters do not warrant or represent that the information in this presentation is free from errors or omissions or is suitable for your intended use. The information provided in this presentation may not be suitable for your specific situation or needs and should not be relied upon by you in substitution of you obtaining independent expert advice. Subject to any terms implied by law and which cannot be excluded, CQR Consulting Pty Ltd accepts no responsibility for any loss, damage, cost or expense (whether direct or indirect) incurred by you as a result of any error, omission or misrepresentation in information in this presentation. All information in this presentation is subject to change without notice. Reproduction (in whole or in part) of this presentation only with the prior written consent of the author(s).

More Related