I S 300 iPremier Case Notes: CIO Bob: -Shocked -Worried about customer credit card information being stolen

n -Wants to stop the attack Joanne: -Worried -Wants to know what is going on with qData and why they arent handling the problem Business Development - Spangler: -Need to make a plan for this type of scenario CTO Tim: -Find out what is happening and find a solution Peter Legal: -Assume the worst and prepare for the fallout calculate possible liabilities -Shut it down CEO Jack: -Work with qData -Establish a plan -Manage PR -Talk to the CIO Things to Work On: Relationship w/ qData (CEO,CTO): -Need to know whom to contact/work with -Need to have a DRP (Disaster Recovery Plan) for future situations (CIO/Joanne) Logging (CTO) Technology (CIO/CEO/CTO) What to Tell the Public: There was a denial of service attack but there is no indication at this time that customer information was stolen. We have taken steps to ensure that this does not happen again. Or Say nothing - learn a lesson.

What should iPremier do to ensure an attack does not occur again? Better security Move away from qData, hire CSO (Chief Security Officer) Fingerprinting up-to-date Audits Training Need Disaster Recover Plan, not just an incident-response team Better logging More space to house more equipment After Part C: Rebuild Work closely w/ the FBI We should probably disclose everything to avoid going under