Contingency Plan
Imagine you are the Contingency Planning Coordinator at a major Healthcare System. The hospitals have been attacked by Ransomware. Patients and patient data, communications and emergency logistics have been severely impacted. Create a hypothetical organization with details including geographic locations, the number of employees in each location, the primary business functions, and operational and technology details. In the BIA you will document the potential threats to the business and its technology. Assume this organization is lacking in its contingency planning efforts and requires assistance in creating a plan that addresses technological attacks such as Ransomware to increase its overall security and preparedness posture.
Research and review recent cases of hospital system Ransomware attacks for background.
Provide an overview of the organization to include business type, primary mission functions and indicate why contingency planning efforts are needed and how these efforts could benefit the business.
Create a hypothetical incident scenario where the contingency planning efforts would need to be utilized and discuss the use of hot sites, warm sites, and mobile sites for data restoration.
Develop a full contingency plan for the organization. Include all subordinate functions or sub-plans, including:
Business Impact Assessment.
Incident Response Plan.
Business Continuity Plan.
Disaster Recovery Plan.
Use the framework outlined in your textbook as well as the templates provided in NIST 800-34 rev. 1 Appendices to help with your documentation
