User Account

All Pages

The root cause of the breach cited in news reports

Assignment Help Basic Computer Science
Reference no: EM132701149

Public Sector Case Study In November 2012, South Carolina state officials disclosed a massive data breach at the Department of Revenue. Few details on the breach were disclosed. But it involved exposing more than 3.6 million taxpayers' personal information records and 650,000 business tax-related records. The breach occurred in September 2012. It's clear that massive amounts of personal information were stolen. A former top official with the FBI estimated the cost to the state at more than $350 million, based upon past FBI experience, including the cost of offering free credit monitoring to affected individual taxpayers and businesses.

The root cause of the breach cited in news reports was the lack of mandatory security policies across 100 state agencies, boards, commissions, and colleges and universities.

All state agencies have some type of computer security system in place. It's fair to assume they all have some level of security policy in place. But it is clear these policies were discretionary. That meant an approach to information security across state government that was at best inconsistent. Nor did the state appear to have a comprehensive approach to sharing best practices for information security or for coordinating response to these types of data breaches.

In the case of the South Carolina Department of Revenue, the policies clearly were neither adequate nor consistent. Additionally, reports indicate the source of the hack was in Eastern Europe. The hacker or hackers gained access through a phishing e-mail. Phishing e-mails try to trick a user to open an e-mail and execute a link or program with malware. Security awareness is a strong control that educates users on how to protect themselves from such attacks, including how to recognize such attacks and why not to open suspect links. If a phishing e-mail was a source of the attack, it might be an indication that the security awareness program at this state agency was inadequate

Do you think that the attack could have been prevented? If so, how? Alternatively, if you disagree that the attack couldn't have been prevented, provide your analysis as well.

What is your takeaway from the attack? And how does it prepared you to prevent future attacks in your organization?

Reference no: EM132701149

Questions Cloud

Explain the use of flasher box : Explain the use of a Flasher Box. Why would the investigator be considered with EEPROM? Explain the important points in evaluating dates and times on a device?
Wilford machine tool company case study : For 85 years, the Wilford Machine Tool Company had provided quality product to its clients, becoming the third largest U.S. based machine tool company by 1990.
Difference between a finance lease and an operating lease : Meanwhile, Scarlett Ltd agreed to lease their 5 buildings to Kapiti Ltd. Explain the difference between a finance lease and an operating lease
Examples of regional economic integration : In your answer consider current examples of regional economic integration.
The root cause of the breach cited in news reports : The root cause of the breach cited in news reports was the lack of mandatory security policies across 100 state agencies, boards, commissions, and colleges
Political arguments of government intervention : Which instrument of trade restriction or trade promotion is best aligned with the economic and political arguments of government intervention in trade?
Security server virtualization or application isolation : Which is better for security server virtualization or application isolation? Why?
What are the social implications of spending so many hours : Some people immerse themselves in online virtual worlds for dozens. What are the social implications of spending so many hours inside a virtual world?
Calculate overapplied or underapplied overhead for January : On 1 January of the current year, there were no balances in work in process or finished goods inventories. Calculate overapplied or underapplied overhead

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Functionalities-services make e-commerce web site effective

What functionalities or services make an e-commerce Web site effective? What enhancements might encourage more people to embrace e-commerce and/or m-commerce?

  Treasury bond futures to hedge the portfolio

The portfolio manager of XYZ Insurance Co. is considering the use of Treasury bond futures to hedge the portfolio of the company. XYZ has a Treasury bond portfolio worth over $500 million.

  Web application might use this protocol

What is the role of this protocol in sending and/or receiving e-mail? What is an example of how a web application might use this protocol?

  Temporary and permanent sources of financing

Classify each of the following sources of new financing as spontaneous, temporary, or permanent (explain):

  Reputation service and needs of customers

As you consider the reputation service and the needs of customers or individual consumers, as well as, perhaps, large organizations that are security

  Turning organizational pyramid upside down ten years

"Turning the Organizational Pyramid Upside Down Ten Years of Evolution in Enterprise Risk Management at United Grain Growers"

  What is the role of the front- and back-end platform

What is the role of the front- and back-end platform? Which component can be seen by the client?

  How social heuristics could be used to an advantage

Discuss how social heuristics could be used to an advantage, both ethically and unethically, in making a case to rebuild new orleans after hurricane katrina.

  Discuss current business process in specific industry

discuss a current business process in a specific industry. Explain a new technology that the business should deploy.

  Provide a general explanation of data trees

Provide a general explanation of data trees. Then, select two specific types of data trees and compare them. For this Discussion, you should provide at least one type of data tree that has not yet been posted by a colleague.

  Minimum amount of time to complete

Consider the following code sequence: loop: add $t0, $t1, $t2 Assume that each datapath stage requires the following minimum amount of time to complete:

  What will be the share price

A firm currently has 8 million shares of stock outstanding that have a current market price of $15. If all else remains constant

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd