Nicholas Malley

CYSE 368

18 November 2023

Reflection 5

            During the fifth week of my internship for Tower Federal Credit Union’s information security department I continued to work on the incident response summary report. Throughout the week more information was revealed to TFCU regarding the ransomware attack on IMSI’s cloud provider. Specifically, IMSI hosted a town hall where they shared a PowerPoint presentation regarding the ransomware attack. The purpose of the town hall was to provide clarity to all customers and allow an open forum for any concerns of the customers as well. Later in the week, IMSI provided a clean bill of health to TFCU, notifying that the threat has been eliminated and the steps to recovery that were taken.

            Moreover, after assisting Patrick on the SOC last week the team felt comfortable enough to allow me to work on certain tickets alone. The tickets were primarily centered around conducting remediation activities such as regulating the enforcement level of servers to allow file executables to run and support software installations or upgrades, granting temporary approval access requests of employees to support necessary business operations, and validating servers were both operating under the correct version and communicating/connected to the requisite consoles.