Problem
Case: Kharkiv Tunnels
What is the right thing to do? What must we do?
Your Mission
Decide on a set of actions appropriate to the situation. Build a supportable position that you can present in your case response in Canvas. Your position should be free from internal inconsistencies. It should be appropriate to TechSpectrum's business needs, and security requirements, arising in the present circumstances.
Do research to understand underlying issues Build on posts of others, work the case as a knowledge team.
Questions you may wish to discuss with others, or may be asked:
A. Will you retain the site-to-site VPN tunnels? Why, or why not?
B. Will you retain the Ukraine contractor client VPNs? Why, or why not?
C. Will you make any other IT-requirements changes in respect to Ukrainian contractors, or Russian employees?
D. How will you cater to mission-critical needs of the businesses, while forestalling catastrophic cyber compromise?
E. Which of the four risk-management 'T's should be applied to this matter (Tolerate, Treat, Transfer, or Terminate)?
F. What other governance regimens, beyond pure risk-management, come into play here?