User Account

All Pages

What is your takeaway from the attack

Assignment Help Basic Computer Science
Reference no: EM132703268

Public Sector Case Study In November 2012, South Carolina state officials disclosed a massive data breach at the Department of Revenue. Few details on the breach were disclosed. But it involved exposing more than 3.6 million taxpayers' personal information records and 650,000 business tax-related records. The breach occurred in September 2012. It's clear that massive amounts of personal information were stolen. A former top official with the FBI estimated the cost to the state at more than $350 million, based upon past FBI experience, including the cost of offering free credit monitoring to affected individual taxpayers and businesses.

The root cause of the breach cited in news reports was the lack of mandatory security policies across 100 state agencies, boards, commissions, and colleges and universities.

All state agencies have some type of computer security system in place. It's fair to assume they all have some level of security policy in place. But it is clear these policies were discretionary. That meant an approach to information security across state government that was at best inconsistent. Nor did the state appear to have a comprehensive approach to sharing best practices for information security or for coordinating response to these types of data breaches.

In the case of the South Carolina Department of Revenue, the policies clearly were neither adequate nor consistent. Additionally, reports indicate the source of the hack was in Eastern Europe. The hacker or hackers gained access through a phishing e-mail. Phishing e-mails try to trick a user to open an e-mail and execute a link or program with malware. Security awareness is a strong control that educates users on how to protect themselves from such attacks, including how to recognize such attacks and why not to open suspect links. If a phishing e-mail was a source of the attack, it might be an indication that the security awareness program at this state agency was inadequate

Do you think that the attack could have been prevented? If so, how? Alternatively, if you disagree that the attack couldn't have been prevented, provide your analysis as well.

What is your takeaway from the attack? And how does it prepared you to prevent future attacks in your organization?

Reference no: EM132703268

Questions Cloud

Record transactions in the four special journals : Record transactions in the four special journals, as needed -cash receipts journal, cash payments journal, purchases journal, and sales journal
Data in the system was maintained properly : What are some best practices you might suggest to your organization if you were the CIO to ensure that the data in the system was maintained properly?
What kaisen doubtful accounts expense would be : For the year ended December 31, 2020, KAISEN's doubtful accounts expense would be? KAISEN Co. prepared an aging of its accounts receivable at December 31, 2020
Formulate a quality policy for proposed hotel : Formulate a quality policy for your proposed hotel or restaurant business
What is your takeaway from the attack : What is your takeaway from the attack? And how does it prepared you to prevent future attacks in your organization?
Explain five ways the external environmental : Explain five ways the external environmental can impact change strategies.
Implementing radical change in organizational : An FMCG (fast moving consumer goods) company by the name "Afghan product" is operating in Afghanistan with multiple SBUs and product lines.
Find what will balance in allowance for doubtful accouts : UNCLE ROGER Corp. what will be the balance in the allowance for doubtful accounts after the year-end adjustment to record bad debt expense?
Security server virtualization or application isolation : Which is better for security server virtualization or application isolation? Why?

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Signed-magnitude representation of the similar number

Solution the question below, using the ID to identify the number you wish to specify as the correct answer. Place answer in blank provided.

  Skilled graduates into the financial industry

How will it affect the productivity, technological innovation, and GDP if the financial industry is able to lure highly skilled graduates into the financial

  Would this be a good business decision

If a company has 10000 computers, each with a MTTF of 35 days,and it experiences catastrophic failure only if 1/3 of the computers fail, what is the MTTF for the system? If costs an extra $1000,per computer,to double the MTTF, would this be a good..

  Protecting and securing the evidence on the laptop

Describe how you would start this incident off correctly by properly protecting and securing the evidence on the laptop.

  Circumcentre of of the triangle

1. Let ABC be a right-angled triangle with ∠B = 90?. Let BD be thealtitude from B on to AC. Let P, Q and I be the incentres of triangles ABD, CBD and ABC respectively. Show that the circumcentre of of the triangle P IQ lies on the hypotenuse AC.

  Specifications for the smart phone you use most frequently

Review the specifications for the smart phone you use most frequently. What brand and model is it?

  Interfaces using code fragment or a complete program

Pick one of the most useful interfaces defined by the .NET framework (e.g. IComparable, IComparer, etc), and describe a real world scenario that you would use one of these interfaces using code fragment or a complete program.

  Define market justice and social justice

Define free market healthcare. How is public health different from clinical medicine? Define market justice and social justice.

  Case Study- St. Luke Health Care System

St. Luke's Health Care System.Critique the Mobility work solution and recommend one change to solution to provide better productivity and improved patient care.

  The u.s. convert to a zero personal income tax

The U.S. Convert to a Zero Personal Income Tax

  Data execution protection

Data Execution Protection (DEP)

  Instantaneous rate of change

If the instantaneous rate of change of g(x) at (-1, -2) is ½, write the equation of the line tangent to the graph of g(x) at x = -1.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd