iSales is an e-commerce site that sells very popular boutique gifts. The site does close to $500,000 sales each day. There have been two security breaches.1. Just before the peak selling season, late November, iSales.com, their Website was subject to a Denial of Service (DOS) attack that left iSales unable to respond to customers for 36 hours.
2. A computer hacker from Florida, described in court by a defense psychiatrist as an "idiot savantlike genius for computers and information technology", broke into the iSales computer systems and stole the credit card numbers of their customers. The hacker would drive past the iSales location with a laptop and tap into the unprotected wireless Internet signals. He then installed "sniffer" programs that picked off credit and debit card numbers as they were processed by the iSales computers. He sold the credit card numbers overseas. The losses to iSales customers and banks was said to amount to several million dollars.
How should iSales proceed to protect their infrastructure against malicious threats in general and these two attacks in particular? What short term and long term defensive actions should iSales management take? Provide guidance to iSales on the actions they should take to manage of security risks.
Additional Requirement
This question is based on the Corporate Strategy and describe about protection of infrastructure. In this question, an example of a iSales has been given where, a hacker hacked into the server of iSales and hacked credit card and debit card numbers of customers and sold them overseas. This incident cost millions of dollars for iSales. The ways through which companies like iSales can protect themselves has been given in the solution.
Word limit 450