Client: Los Angeles World Airport (LAWA)
Partnered with: Ross & Baruzzini, Inc. & Fortalice Solutions, LLC.
Projects: Creation of the Ransomware Assessment and Decision Tree
Role: Contract and Project Management and Single Point of Contact (SPOC)
E.K. Associates along with our partners at Fortalice and Ross & Baruzzini were contracted to update and refine LAWA’s existing Incident Response (IR) plan to comprehensively include common incident types, specifically ransomware attacks.
Our responsibilities included:
- Review, assess, refine and update IR plans including Information Security IR plan, which supports only the transfer of incidents to the LAWA Operations incident response plan
- Initiate and conduct a tabletop exercise of the IR plan focused on a ransomware incident, using the updated IR plan, against a presumed ransomware incident. The tabletop exercise was conducted live and on-site at LAWA office. Participants included senior LAWA personnel, and the exercise focused on communications and operations, rather than specific technical activities. The exercise also included an evaluation of consequence risk, including estimated impacts to LAWA for responding (or not responding) to the incident in specific ways (e.g. intentionally neglecting to report non-legally-mandated information to the general public, or to other constituents)
- Creation of a ransomware assessment and decision tree. The ransomware assessment provided the following:
- A classification detailed document of what constitutes a ransomware attack, and identification of the potential impacts of ransomware at LAWA
- An identification of general areas of risk associated with ransomware ingress and how LAWA can mitigate these risks through specific processes and controls
- The final deliverable included a report of the exercises including findings and recommendations as well as a Ransomware Assessment and Decision Tree.