Four Domains Of Vulnerabilities That Cause Information And Information Security Breach Case Study

734 Words2 Pages
bulb-icon

Recommended: What information security governance is, and who in the organization should plan for it

There are four domains of vulnerabilities that may cause information/data security breaches. Information Security Governance, People, Processes and Technology are it. Hacking, stealing and copying information are the examples of breaches that takes place at times.
According to the information security governance, success is often less, due to inability to value the the organisation 's information and data. This creates the discussion on the needs for security and the resources to be assigned to this.
In 2009, a federal grand jury jailed Albert Gonzalez and two unnamed Russian accomplices for allegedly hacking into systems and stealing individual 's credit and debit cards. Gonzalez was then sentenced to 20 years in federal prison in March, 2010. 94 million credit cards were exposed because of this incident.
Another breach that took pace was the Veteran’s Administration incident which 26.5 million discharged veterans’ records, including their name, SSN and state of birth were stolen from the home of an employee who accidently too the materials home. An additional breach that occurred was when Photocopiers that were used to copy sensitive medical information were sent to be re-sold without wiping at all the hard drives and the data was later on discovered in the warehouse storing the copiers. …show more content…

They should also be able to learn to select and adopt standards, good practices and guidelines. Building awareness of information security issues among the workforce and service providers are good pointers the e-business community could consider doing. They could also learn the impact of security events on business process and the organisation as a whole. They can learn to always keep asking themselves the three questions of Are you doing the right things?, Are you doing them the right way?. And Are you doing them well enough? And if no, what are you going to do about

Show More
Related

  • The Use of Hacking to Identify Weaknesses in Computer Security

    1406 Words  | 3 Pages

    The use of hacking to identify weaknesses in computer security has become an increasingly controversial issue in recent years. Awareness of this issue is important, because our ever increasing reliance on technology means that breaches in computer security have the potential to have wide-ranging and devastating consequences to society, worldwide. This essay will begin by clearly defining the term ‘hacking’ and will examine the type of people who hack and for what reasons. There will then follow a discussion of the moral argument on hacking before examining a few brief examples. The essay will then conclude by arguing against the use of hacking as a means of identifying weaknesses in computer security.

    Read More

  • HIPPA Violations

    1182 Words  | 3 Pages

    Phiprivacy.net. (n.d.). Incidents Involving Patient or Health-Related Data [Pdf file of privacy breach articles for 2008]. Retrieved from http://www.phiprivacy.net/MedicalPrivacy/Chronology_2008.pdf

    Read More

  • Hipaa Privacy Rule

    1950 Words  | 4 Pages

    Today, you have more reason than ever to care about the privacy of your medical information. This information was once stored in locked file cabinets and on dusty shelves in the medical records department.

    Read More

  • HIPAA, CIA, and Safeguards

    1633 Words  | 4 Pages

    Whitman, M., & Mattord, H. (2010). Management of information security. (3rd ed., p. 6). Boston, MA: Cengage Learning.

    Read More

  • Homeland Security: The Mission Of Homeland Security

    1035 Words  | 3 Pages

    Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what

    Read More

  • Security Failures

    700 Words  | 2 Pages

    Most robberies are easy to do because the security guard does not care if the artwork, money, or anything thing else is stolen because it is not his. Some security guards do take their job seriously and try their best to keep the valuables safe. But they do not have the training to do so. Why is security at major events or places so lax?

    Read More

  • The Home Depot Data Breach Case Study

    1138 Words  | 3 Pages

    Nowadays, hacking systems which get the data from payment card in retail stores is a popular issue. The use of stolen third-party vendor credentials and RAM scraping malwares were the main reasons for the data breach. A brief introduction of when and how the Home Depot’s data breach took place and how the home depot reacted to the issue and rectified it by

    Read More

  • NPI/PII In The Public School System: A Case Study

    474 Words  | 1 Pages

    Study results support the research by Kennedy (2016) on the effectiveness of training programs designed to educate employees assist in the prevention of security breaches. All participants underlined that the sustainment or implementation of a training program could lead to the reduction of unauthorized disclosure of information. Findings that supported taking security seriously and effective training were similar to Bulgurcu et al. (2010), Chen et al. (2015), Eminağaoğlu et al. (2009), and Meso et al. (2013). Eight participants (Laura, Susan, Angela, Erin, William, Carol, Scott, and Shawn) expressed employee training could reduce the unauthorized disclosure of

    Read More

  • Explain Why Organizations Have Security Breaches

    256 Words  | 1 Pages

    You did an excellent job answering the week’s discussion board question. You brought up an interesting point of how regardless of how much an organization choses to spend on security and security systems this does not mean they are completely protected from all security issues. This can happen for many different reasons. One of the most common reasons organizations still have security breaches I have see is over confidence in their security measures and the overlooking of the human factor of security. When an organization spends a massive amount of money on securing there information system they often feel they no longer have to worry or think about security. However as we all know, security and security threats are always changing

    Read More

  • Physical Security Case Study

    1226 Words  | 3 Pages

    the risk of security incidents and breaches is reduced by encouraging employees to think and act in more security conscious ways;

    Read More

  • Data Breach Assignment

    1195 Words  | 3 Pages

    This assignment is based on the analysis of the different types of the breaches which have been conducted over the last few years. The main context of the assignment is to evaluate and understand the causes of the occurrence of the breach of data, the impact of the breach of data and the level of step which have been taken for managing and controlling the breach of the data. It has been seen that over the last few years there are different cases have been founded regarding the breach of the data. One of the important things regarding the data breach is that there are certain larger companies for example Yahoo had suffered some sort of the data breach. This assignment particularly discussed the Hack at the UCLA Health data.

    Read More

  • Data Breaches In The Healthcare Industry: A Case Study

    227 Words  | 1 Pages

    Companies that connect to the internet share common risks; they are vulnerable to attack by cyber criminals and they risk losing data as possible result of the attack. Data breaches, whether intentional or unintentional, continue to rise. Nevertheless, a data loss constitutes issues not only for our clients, but significant issues for Allegiant Health, which includes legal ramifications, loss of public trust, etc. In the healthcare industry, data breaches have a global impact for as threats can come from all over the globe. For example, Community Health Systems, Inc. (Ragan, 2014) experienced a data breach in 2014. During this breach, Chinese cyber criminals stole an estimated 4.5 million patients’ information, which included names, addresses,

    Read More

  • Reducing Immunization Errors with Electronic Prescribing

    907 Words  | 2 Pages

    The article talks about how when a breach occurs, whether it be from a paper or electronic record, how physicians are suppose to reveal to the patient when information has been compromised. The difference however, is when medical information is compromised within the EHR physicians have more of a responsibility to share with patients about the breach. Whereas with a breach of information within the paper records they do not have the same responsibility because since they are just on paper, the breach cannot be easily tracked. With the EHR having so much more patient data than the standard paper records, there is a lot more to protect, which is why they require so many authorized accesses and passwords (Sade,

    Read More

  • Security Breach Essay

    1135 Words  | 3 Pages

    According to a recent research conducted by renowned Security Professionals, the major causes of data breach can be categorized into: 3.1 MALICIOUS ATTACKS Malware and hacking are the most potent and long-established causes of security breaches. Malware attacks and data loss are growing concerns for businesses around the world. To give a clear example, Zeus Trojan was modeled to steal financial information from the system influenced by it. By means of website monitoring and key logging, the malware identified the keystrokes used to log in and swiped information. 3.2 HUMAN FACTOR

    Read More

  • Information Security

    2693 Words  | 6 Pages

    The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.

    Read More

More about Four Domains Of Vulnerabilities That Cause Information And Information Security Breach Case Study

Open Document