Problem
The Pipeline was hit by a ransomware attack. Around 100 gigabytes of data were stolen. Some operations had to be completely shut down due to the cyberattack. If you were the owner of Colonial Pipeline, think about how technical, administrative, and physical controls are applied in an organization to help ensure data confidentiality, integrity, and availability.
1) Which information security control would you implement first as a disaster recovery tactic to try and prevent the problem in this scenario? Why?
2) In your opinion, why is each control is specifically important to ensure the security of companies such as Colonial Pipeline as a component of disaster recovery?