SlideShare a Scribd company logo

Case 11. What exactly occurred Twitter is one of popular soci.docx

Download as DOCX, PDF
T
tidwellveronique

Case 1 1. What exactly occurred?  Twitter is one of popular social media that targeted to be hacked.   The social network said in that approximately 250,000 user accounts were potentially compromised, with attackers gaining access to information including user names and email addresses. The company first detected signs of an attack earlier in the week, which led to an investigation and the discovery of a larger breach. The company detected unusual access patterns that led to identify unauthorized access attempts to Twitter user data. They discovered one live attack and were able to shut it down in process moments later. However, their investigation has thus far indicated that the attackers may have had access to limited user information. Twitter has reset the passwords and revoked session tokens, which allow user to stay logged into the service without reentering a password, for all of these accounts. Affected users will not be able to log in and will receive an e-mail instructing them to reset their password.  2. How was the company affected?  Twitter reports that 250,000 user accounts may have compromised. The company is able to detect the hacker immediately and send e-mail to the affected users instructing them to reset their passwords. They also recommend all users to create strong passwords and disable Java in their browsers.   3. What (if any) measures has the company taken since the breach to prevent future similar incidents?  The company offers tips for all of its users going forward, including using strong passwords that mix numbers and symbols with upper- and lowercase letters, not using the same password for multiple accounts, update and upgrade antivirus software and disabling Java. The company also provides tips to keep the account secure and also steps to take if your account has been compromised.   4. In your opinion, did the company have sufficient security safeguards in place prior to the breach?  In my opinion, Twitter has sufficient security safeguards in place prior to the breach. Twitter is able to detect the attacker before they get through all 200 million monthly active users. 250,000 accounts of affected users is a small amount comparing to the number of Twitter active users. After they notice the attack, the company have been reset the password of affected users and send them e-mail to change their password. I believed that after the breach Twitter would be more aware of the security protection.   Case 2 1. What exactly occurred? Google detected a coordinated attempt by Chinese entities to compromise the accounts of Chinese dissidents. David Drummond, Google’s chief counsel, said, “A primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.” According to George Kurtz at McAfee, the attacks were part of a large-scale, well-organized operation called Aurora. As a result, Google has stopped censoring its search results in China, and has considered pulling out of the country entir ...

Education
1 of 9
Case 1 1. What exactly occurred? Twitter is one of popular social media that targeted to be hacked. The social network said in that approximately 250,000 user accounts were potentially compromised, with attackers gaining access to information including user names and email addresses. The company first detected signs of an attack earlier in the week, which led to an investigation and the discovery of a larger breach. The company detected unusual access patterns that led to identify unauthorized access attempts to Twitter user data. They discovered one live attack and were able to shut it down in process moments later. However, their investigation has thus far indicated that the attackers may have had access to limited user information. Twitter has reset the passwords and revoked session tokens, which allow user to stay logged into the service without reentering a password, for all of these accounts. Affected users will not be able to log in and will receive an e- mail instructing them to reset their password. 2. How was the company affected? Twitter reports that 250,000 user accounts may have compromised. The company is able to detect the hacker immediately and send e-mail to the affected users instructing them to reset their passwords. They also recommend all users to create strong passwords and disable Java in their browsers. 3. What (if any) measures has the company taken since the breach to prevent future similar incidents? The company offers tips for all of its users going forward, including using strong passwords that mix numbers and symbols with upper- and lowercase letters, not using the same password for multiple accounts, update and upgrade antivirus software and disabling Java. The company also provides tips to keep the account secure and also steps to take if your account has been compromised.
4. In your opinion, did the company have sufficient security safeguards in place prior to the breach? In my opinion, Twitter has sufficient security safeguards in place prior to the breach. Twitter is able to detect the attacker before they get through all 200 million monthly active users. 250,000 accounts of affected users is a small amount comparing to the number of Twitter active users. After they notice the attack, the company have been reset the password of affected users and send them e-mail to change their password. I believed that after the breach Twitter would be more aware of the security protection. Case 2 1. What exactly occurred? Google detected a coordinated attempt by Chinese entities to compromise the accounts of Chinese dissidents. David Drummond, Google’s chief counsel, said, “A primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.” According to George Kurtz at McAfee, the attacks were part of a large-scale, well-organized operation called Aurora. As a result, Google has stopped censoring its search results in China, and has considered pulling out of the country entirely. 2. How was the company affected? The attacks were not just about dissidents. The attacks appeared to be part of a coordinated campaign that targeted the intellectual property of a wide swath of the US industrial base, including Dow Chemical, Symantec, Yahoo!, Northrop Grumman, and Juniper Networks. The attack will spur more collaboration between the US private and public sectors. Dispassionate observers will recall reports in the news from last year about large-scale industrial attacks against the US government and critical infrastructure. If these more recent attacks against private companies are also felt to be coming from similar sources (the PRC government, PLA red teams etc.), it won't take a genius to start connecting the dots. A
formal public/private attack data sharing program, with generous safe-harbor exemptions, would be a good start. Re- invigorating the ISACs would be another. 3. What (if any) measures has the company taken since the breach to prevent future similar incidents? CISOs should dust off their social engineering playbooks and do some internal phishing testing on their employees to make sure their staffs get the message. 4. In your opinion, did the company have sufficient security safeguards in place prior to the breach? I think it is not enough for security. As an international company, they should let each country’s customer information keep independent. I believe if the American hackers attack Chinese customer Gmail, same problem will be happen, too. The best thing enterprises can do now is examine their security program to make sure that it includes healthy balanced diet of controls that protect both toxic data and secrets. I describe what enterprises should consider in my recent report. Case 3 In January 2012, Zappos.com was the victim of a cyber attack by a criminal who gained access to parts of its internal network and systems through one of its servers in Kentucky. More than 24 million of its customer accounts had been compromised. Hackers were able to access Zappos customer's names, e-mail addresses, addresses, phone numbers, the last four digits of credit card numbers and cryptically scrambled passwords. Zappos then has expired all customers' passwords, and directed customers to reset their passwords via a dedicated password- reset page. Zappos lost its reputation, brand, and trust with its customers due to this incident. Since most of people use similar passwords for most of their online log-ins or even online banking.
Therefore, the Zappos breach made huge sense of how dangerous it could be to its customers. However, Zappos seems to have sufficient security safeguards in place prior to the breach as follow. Advance planning mitigates breach fallout. Zappos has already taken concrete information security steps,prior to the breach, to mitigate the potential fallout of any breach it might suffer. Such steps included hashing all user passwords and storing credit card data in a separate database. Create a response plan in advance. Zappos appeared to have a data breach notification response plan already in place. As part of that plan, the company emailed all employees with details about the breach, and included a copy of the breach-notification email it then sent to customers. Issue a clear, timely warning. After Zappos suffered a breach, the company issued a clear, timely notification to its customers, warning them that they should change their passwords on Zappos.com, as well as any other site on which they reused the same password. Secure stored credit card data. Cryptographically storing credit card numbers is a Payment Card Industry Data Security Standard (PCI DSS) requirement. Zappos apparently didfollow the PCI regulations. Zappos credit card information was encrypted or not stored in a way that hackers could use. Case 4 Security breach is a situation where an individual intentionally exceeds or misuses network, system, or data access in a manner that negatively affects the security of the organization’s data, systems, or operations.
The article is talking about a security breach has exposed the information of many iPad owners including dozens of CEO, military officials, and top politicians. However, it does not stop. Because of AT&T network, there are 114,000 user accounts have been exploited. The information of exposing in the breach included email-address, associated ID and some information about identify the SIM card. AT&T closed the security hole. However, the victims have been unaware. This will influence the relationship between Apple and AT&T. “Brisk sales for the original wi-fi iPad had promised to turn the 3G model into a similar profit machine.” There are some methods of protecting consumers from security breaches. Changing the passwords frequently is the simplest way of protecting. Examining security logs whenever consumers log in. Updating systems will be another method of protecting consumers. Also, company should implement a security plan. And I think the most important way is raising the awareness of customers’ information security. In my opinion, the company does have security safeguards. However, there is no comprehensive safe for the consumers. If company and consumers want to decrease the security breaches, they should work together. Company should give a whole security plan and customers should increase their awareness of protecting their private information. Example Case
1. The Indiana Family and Social Services Administration (FSSA) has suffered a large breach of protected health information (PHI) as the result of actions of a business associate (BA). The Indiana Family and Social Services Administration (FSSA) is in the process of notifying some FSSA clients that some of their personal information may have been accidently disclosed to other clients. The accidental disclosures may have occurred when RCR Technology Corporation made a computer programming error to a document management system the company supports on behalf of FSSA. This error caused an undetermined number of documents being sent to clients to be duplicated and also inserted with documents sent to other clients. This means some of the clients may have received documents belonging to other clients along with their own documents. This was the second reported large PHI security breach suffered by the FSSA as a covered entity (CE) at the hands of a BA. 2. The company has been affected mainly by the programming mistakes and the many other human and technical errors and that leaded to security breaches. In compliance with federal and state privacy law, FSSA has sent written notices to the 187,533 potentially impacted FSSA clients informing them that some of their personal information may have been disclosed. The client of FASA may have received a surprise in the mail sometimes between May and early june of 2013. The FSSA mail had been opened to see detailed information about another FSSA client that could had included their name, address, case number, date of birth, gender, race, telephone number, email address, types of benefits received, monthly benefit amount and employer information. Some financial information such as monthly income and expenses, bank balances, other assets and certain medical information such as provider names were there in the email. It also contained whether the client receives disability benefits ,medical status or condition and certain information about the client's household members like name, gender and date of birth.
It was not possible to determine specifically which clients had personal information disclosed. Therefore, all of the clients potentially impacted are being notified.In an announcement made on July1 of 2013, the FSSA was telling its clients to return the accidentally mailed documents to the local FSSA office or to shred them. The FSSA provided detailed information as to how the breach occurred and what steps can be taken by individuals whose information might have been breached to protect their credit. 3.The company should take necessary steps to improve their computer programming and testing processes to prevent similar errors from occurring in the future.There are some more security tips which will help to protect the company data from security breaches. a)Train comany employees: Companies should train all of their employees to use strong password to avoid dangerous links and emails. b)Know company data: Employees should know where confidential data is stored and be sure to have it in a secure location. c)Keep track of company devices: Companies should keep track of all the devices that employees use as a means to prevent potential data breaches. d)Protect company’s network:Companies need to utilize firewalls and virtual private networks to secure sensitive information. e)Secure physical devices:All electronics and physical devices should be secured and locked so that access is limited. f)Keep facilities safe:Offices and stores should be locked to keep them protected. g)Protect company’s website:Companies can reassure customers by using trustmarks on their website and utilizing strong anti- virus software. h)Have clear cybersecurity policies:Companies should write a clear, well-planned policy that encompasses device use and how to dispose of secure information.
i)Dispose of products the right way: When devices are no longer being used, companies need to wipe all information from them and physically shred all paper documents. j)Screen employees:Companies can limit their risk by screening employees prior to hiring them. 4. In my opinion I don’t think the company have sufficient safeguard in prior to breach because this was the second time the company reported large PHI security breach suffered as a covered entity (CE) at the hands of a business associate (BA). Once on November 9, 2010 the Department of Health and Human Services (HHS) list of large PHI security breaches reflects that the FSSA as the CE reported its BA. The Southwestern Indiana Regional Council on Aging had experienced the theft of a laptop computer containing unprotected PHI of 757 individuals. Example Comment This is a great example of an accidental breach. Things like this are more common that most people probably think. I'm sure the clients of FSSA were NOT happy to find out strangers might have such sensitive information about them. I remember once I got something from my Doctor's office that had information about another patient inserted into it. The information included his name, address, birthdate, patient id, and description of (somewhat embarrassing) services. I wrote a strong letter to the billing department and cc'ed it to both my doctor and the clinic director pointing out their HIPAA violation. I bet they never told the other patient about it, though. I didn't because I thought he would be horrified to know that I knew about his rather embarrassing issue.
Case 11. What exactly occurred Twitter is one of popular soci.docx

Recommended

Dealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyDealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyCSCJournals
 
November 2017: Part 6
November 2017: Part 6November 2017: Part 6
November 2017: Part 6seadeloitte
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomStanford GSB Corporate Governance Research Initiative
 
List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022ndcmanagement
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDFBan Selvakumar
 
Combating Phishing Attacks
Combating Phishing AttacksCombating Phishing Attacks
Combating Phishing AttacksRapid7
 
How to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarHow to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarJudgeEagle
 

Recommended

Dealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyDealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyCSCJournals
 
November 2017: Part 6
November 2017: Part 6November 2017: Part 6
November 2017: Part 6seadeloitte
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomStanford GSB Corporate Governance Research Initiative
 
List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022ndcmanagement
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDFBan Selvakumar
 
Combating Phishing Attacks
Combating Phishing AttacksCombating Phishing Attacks
Combating Phishing AttacksRapid7
 
How to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarHow to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarJudgeEagle
 
Document-3.docx
Document-3.docxDocument-3.docx
Document-3.docxSonalVanjari
 
Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1newbie2019
 
Application security meetup data privacy_27052021
Application security meetup data privacy_27052021Application security meetup data privacy_27052021
Application security meetup data privacy_27052021lior mazor
 
What Cybercriminals Want: Company Data – by United Security Providers
What Cybercriminals Want: Company Data – by United Security ProvidersWhat Cybercriminals Want: Company Data – by United Security Providers
What Cybercriminals Want: Company Data – by United Security ProvidersUnited Security Providers AG
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual ReportLabris Networks
 
Any Information Can be Valuable and Other Lessons from the JP Morgan Breach
Any Information Can be Valuable and Other Lessons from the JP Morgan BreachAny Information Can be Valuable and Other Lessons from the JP Morgan Breach
Any Information Can be Valuable and Other Lessons from the JP Morgan BreachCBIZ Risk & Advisory Services
 
What Happens to Your Data When a Company Gets Breached
What Happens to Your Data When a Company Gets BreachedWhat Happens to Your Data When a Company Gets Breached
What Happens to Your Data When a Company Gets BreachedDigital Devices LTD: Top B2B IT Reseller in UK | Digital Devices
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyMark Albala
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response PlanningPECB
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCybAnastaciaShadelb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCybChantellPantoja184
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityJamshidRaqi
 
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfThe Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfProtected Harbor
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBakerTillyConsulting
 
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...MZERMA Amine
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia LunaAviva Spectrum™
 
Data breach
Data breachData breach
Data breachBurhan Ahmed
 
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceColombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceDulanja Liyanage
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsIRJET Journal
 
EDUC 742EDUC 742Reading Summary and Reflective Comments .docx
EDUC 742EDUC 742Reading Summary and Reflective Comments .docxEDUC 742EDUC 742Reading Summary and Reflective Comments .docx
EDUC 742EDUC 742Reading Summary and Reflective Comments .docxtidwellveronique
 
EDUC 380 Blog Post Samples Module 1 The Brain Below .docx
EDUC 380 Blog Post Samples Module 1 The Brain Below .docxEDUC 380 Blog Post Samples Module 1 The Brain Below .docx
EDUC 380 Blog Post Samples Module 1 The Brain Below .docxtidwellveronique
 

More Related Content

Similar to Case 11. What exactly occurred Twitter is one of popular soci.docx

Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1newbie2019
 
Application security meetup data privacy_27052021
Application security meetup data privacy_27052021Application security meetup data privacy_27052021
Application security meetup data privacy_27052021lior mazor
 
What Cybercriminals Want: Company Data – by United Security Providers
What Cybercriminals Want: Company Data – by United Security ProvidersWhat Cybercriminals Want: Company Data – by United Security Providers
What Cybercriminals Want: Company Data – by United Security ProvidersUnited Security Providers AG
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual ReportLabris Networks
 
Any Information Can be Valuable and Other Lessons from the JP Morgan Breach
Any Information Can be Valuable and Other Lessons from the JP Morgan BreachAny Information Can be Valuable and Other Lessons from the JP Morgan Breach
Any Information Can be Valuable and Other Lessons from the JP Morgan BreachCBIZ Risk & Advisory Services
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyMark Albala
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response PlanningPECB
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCybAnastaciaShadelb
 
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfThe Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfProtected Harbor
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBakerTillyConsulting
 
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...MZERMA Amine
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia LunaAviva Spectrum™
 
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceColombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceDulanja Liyanage
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsIRJET Journal
 

Similar to Case 11. What exactly occurred Twitter is one of popular soci.docx (20)

Document-3.docx
Document-3.docxDocument-3.docx
Document-3.docx
 
Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1
 
Application security meetup data privacy_27052021
Application security meetup data privacy_27052021Application security meetup data privacy_27052021
Application security meetup data privacy_27052021
 
What Cybercriminals Want: Company Data – by United Security Providers
What Cybercriminals Want: Company Data – by United Security ProvidersWhat Cybercriminals Want: Company Data – by United Security Providers
What Cybercriminals Want: Company Data – by United Security Providers
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual Report
 
Any Information Can be Valuable and Other Lessons from the JP Morgan Breach
Any Information Can be Valuable and Other Lessons from the JP Morgan BreachAny Information Can be Valuable and Other Lessons from the JP Morgan Breach
Any Information Can be Valuable and Other Lessons from the JP Morgan Breach
 
What Happens to Your Data When a Company Gets Breached
What Happens to Your Data When a Company Gets BreachedWhat Happens to Your Data When a Company Gets Breached
What Happens to Your Data When a Company Gets Breached
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response Planning
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfThe Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in Cybersecurity
 
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
 
Data breach
Data breachData breach
Data breach
 
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceColombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
 

More from tidwellveronique

EDUC 742EDUC 742Reading Summary and Reflective Comments .docx
EDUC 742EDUC 742Reading Summary and Reflective Comments .docxEDUC 742EDUC 742Reading Summary and Reflective Comments .docx
EDUC 742EDUC 742Reading Summary and Reflective Comments .docxtidwellveronique
 
EDUC 380 Blog Post Samples Module 1 The Brain Below .docx
EDUC 380 Blog Post Samples Module 1 The Brain Below .docxEDUC 380 Blog Post Samples Module 1 The Brain Below .docx
EDUC 380 Blog Post Samples Module 1 The Brain Below .docxtidwellveronique
 
EDUC 741Course Project Part 1 Grading RubricCriteriaLevels .docx
EDUC 741Course Project Part 1 Grading RubricCriteriaLevels .docxEDUC 741Course Project Part 1 Grading RubricCriteriaLevels .docx
EDUC 741Course Project Part 1 Grading RubricCriteriaLevels .docxtidwellveronique
 
EDUC 740Prayer Reflection Report Grading RubricCriteriaLev.docx
EDUC 740Prayer Reflection Report Grading RubricCriteriaLev.docxEDUC 740Prayer Reflection Report Grading RubricCriteriaLev.docx
EDUC 740Prayer Reflection Report Grading RubricCriteriaLev.docxtidwellveronique
 
EDUC 6733 Action Research for EducatorsReading LiteracyDraft.docx
EDUC 6733 Action Research for EducatorsReading LiteracyDraft.docxEDUC 6733 Action Research for EducatorsReading LiteracyDraft.docx
EDUC 6733 Action Research for EducatorsReading LiteracyDraft.docxtidwellveronique
 
EDUC 637Technology Portfolio InstructionsGeneral OverviewF.docx
EDUC 637Technology Portfolio InstructionsGeneral OverviewF.docxEDUC 637Technology Portfolio InstructionsGeneral OverviewF.docx
EDUC 637Technology Portfolio InstructionsGeneral OverviewF.docxtidwellveronique
 
EDUC 364 The Role of Cultural Diversity in Schooling A dialecti.docx
EDUC 364 The Role of Cultural Diversity in Schooling A dialecti.docxEDUC 364 The Role of Cultural Diversity in Schooling A dialecti.docx
EDUC 364 The Role of Cultural Diversity in Schooling A dialecti.docxtidwellveronique
 
EDUC 144 Writing Tips The writing assignments in this cla.docx
EDUC 144 Writing Tips The writing assignments in this cla.docxEDUC 144 Writing Tips The writing assignments in this cla.docx
EDUC 144 Writing Tips The writing assignments in this cla.docxtidwellveronique
 
EDUC 1300- LEARNING FRAMEWORK Portfolio Page Prompts .docx
EDUC 1300- LEARNING FRAMEWORK Portfolio Page Prompts .docxEDUC 1300- LEARNING FRAMEWORK Portfolio Page Prompts .docx
EDUC 1300- LEARNING FRAMEWORK Portfolio Page Prompts .docxtidwellveronique
 
EDU734 Teaching and Learning Environment Week 5.docx
EDU734 Teaching and Learning Environment Week 5.docxEDU734 Teaching and Learning Environment Week 5.docx
EDU734 Teaching and Learning Environment Week 5.docxtidwellveronique
 
EDU 505 – Contemporary Issues in EducationCOURSE DESCRIPTION.docx
EDU 505 – Contemporary Issues in EducationCOURSE DESCRIPTION.docxEDU 505 – Contemporary Issues in EducationCOURSE DESCRIPTION.docx
EDU 505 – Contemporary Issues in EducationCOURSE DESCRIPTION.docxtidwellveronique
 
EDU 3338 Lesson Plan TemplateCandidate NameCooperatin.docx
EDU 3338 Lesson Plan TemplateCandidate NameCooperatin.docxEDU 3338 Lesson Plan TemplateCandidate NameCooperatin.docx
EDU 3338 Lesson Plan TemplateCandidate NameCooperatin.docxtidwellveronique
 
EDU 3215 Lesson Plan Template & Elements Name Andres Rod.docx
EDU 3215 Lesson Plan Template & Elements Name Andres Rod.docxEDU 3215 Lesson Plan Template & Elements Name Andres Rod.docx
EDU 3215 Lesson Plan Template & Elements Name Andres Rod.docxtidwellveronique
 
EDST 1100R SITUATED LEARNING EDST 1100 N Situated Learning .docx
EDST 1100R SITUATED LEARNING EDST 1100 N Situated Learning .docxEDST 1100R SITUATED LEARNING EDST 1100 N Situated Learning .docx
EDST 1100R SITUATED LEARNING EDST 1100 N Situated Learning .docxtidwellveronique
 
EDU 151 Thematic Unit Required ComponentsThematic Unit Requireme.docx
EDU 151 Thematic Unit Required ComponentsThematic Unit Requireme.docxEDU 151 Thematic Unit Required ComponentsThematic Unit Requireme.docx
EDU 151 Thematic Unit Required ComponentsThematic Unit Requireme.docxtidwellveronique
 
EDSP 429Differentiated Instruction PowerPoint InstructionsThe .docx
EDSP 429Differentiated Instruction PowerPoint InstructionsThe .docxEDSP 429Differentiated Instruction PowerPoint InstructionsThe .docx
EDSP 429Differentiated Instruction PowerPoint InstructionsThe .docxtidwellveronique
 
EDSP 429Fact Sheet on Disability Categories InstructionsThe pu.docx
EDSP 429Fact Sheet on Disability Categories InstructionsThe pu.docxEDSP 429Fact Sheet on Disability Categories InstructionsThe pu.docx
EDSP 429Fact Sheet on Disability Categories InstructionsThe pu.docxtidwellveronique
 
EDSP 370Individualized Education Plan (IEP) InstructionsThe .docx
EDSP 370Individualized Education Plan (IEP) InstructionsThe .docxEDSP 370Individualized Education Plan (IEP) InstructionsThe .docx
EDSP 370Individualized Education Plan (IEP) InstructionsThe .docxtidwellveronique
 
EDSP 377Scenario InstructionsScenario 2 Teaching communicatio.docx
EDSP 377Scenario InstructionsScenario 2 Teaching communicatio.docxEDSP 377Scenario InstructionsScenario 2 Teaching communicatio.docx
EDSP 377Scenario InstructionsScenario 2 Teaching communicatio.docxtidwellveronique
 
EDSP 377Autism Interventions1. Applied Behavior Analysis (ABA).docx
EDSP 377Autism Interventions1. Applied Behavior Analysis (ABA).docxEDSP 377Autism Interventions1. Applied Behavior Analysis (ABA).docx
EDSP 377Autism Interventions1. Applied Behavior Analysis (ABA).docxtidwellveronique
 

More from tidwellveronique (20)

EDUC 742EDUC 742Reading Summary and Reflective Comments .docx
EDUC 742EDUC 742Reading Summary and Reflective Comments .docxEDUC 742EDUC 742Reading Summary and Reflective Comments .docx
EDUC 742EDUC 742Reading Summary and Reflective Comments .docx
 
EDUC 380 Blog Post Samples Module 1 The Brain Below .docx
EDUC 380 Blog Post Samples Module 1 The Brain Below .docxEDUC 380 Blog Post Samples Module 1 The Brain Below .docx
EDUC 380 Blog Post Samples Module 1 The Brain Below .docx
 
EDUC 741Course Project Part 1 Grading RubricCriteriaLevels .docx
EDUC 741Course Project Part 1 Grading RubricCriteriaLevels .docxEDUC 741Course Project Part 1 Grading RubricCriteriaLevels .docx
EDUC 741Course Project Part 1 Grading RubricCriteriaLevels .docx
 
EDUC 740Prayer Reflection Report Grading RubricCriteriaLev.docx
EDUC 740Prayer Reflection Report Grading RubricCriteriaLev.docxEDUC 740Prayer Reflection Report Grading RubricCriteriaLev.docx
EDUC 740Prayer Reflection Report Grading RubricCriteriaLev.docx
 
EDUC 6733 Action Research for EducatorsReading LiteracyDraft.docx
EDUC 6733 Action Research for EducatorsReading LiteracyDraft.docxEDUC 6733 Action Research for EducatorsReading LiteracyDraft.docx
EDUC 6733 Action Research for EducatorsReading LiteracyDraft.docx
 
EDUC 637Technology Portfolio InstructionsGeneral OverviewF.docx
EDUC 637Technology Portfolio InstructionsGeneral OverviewF.docxEDUC 637Technology Portfolio InstructionsGeneral OverviewF.docx
EDUC 637Technology Portfolio InstructionsGeneral OverviewF.docx
 
EDUC 364 The Role of Cultural Diversity in Schooling A dialecti.docx
EDUC 364 The Role of Cultural Diversity in Schooling A dialecti.docxEDUC 364 The Role of Cultural Diversity in Schooling A dialecti.docx
EDUC 364 The Role of Cultural Diversity in Schooling A dialecti.docx
 
EDUC 144 Writing Tips The writing assignments in this cla.docx
EDUC 144 Writing Tips The writing assignments in this cla.docxEDUC 144 Writing Tips The writing assignments in this cla.docx
EDUC 144 Writing Tips The writing assignments in this cla.docx
 
EDUC 1300- LEARNING FRAMEWORK Portfolio Page Prompts .docx
EDUC 1300- LEARNING FRAMEWORK Portfolio Page Prompts .docxEDUC 1300- LEARNING FRAMEWORK Portfolio Page Prompts .docx
EDUC 1300- LEARNING FRAMEWORK Portfolio Page Prompts .docx
 
EDU734 Teaching and Learning Environment Week 5.docx
EDU734 Teaching and Learning Environment Week 5.docxEDU734 Teaching and Learning Environment Week 5.docx
EDU734 Teaching and Learning Environment Week 5.docx
 
EDU 505 – Contemporary Issues in EducationCOURSE DESCRIPTION.docx
EDU 505 – Contemporary Issues in EducationCOURSE DESCRIPTION.docxEDU 505 – Contemporary Issues in EducationCOURSE DESCRIPTION.docx
EDU 505 – Contemporary Issues in EducationCOURSE DESCRIPTION.docx
 
EDU 3338 Lesson Plan TemplateCandidate NameCooperatin.docx
EDU 3338 Lesson Plan TemplateCandidate NameCooperatin.docxEDU 3338 Lesson Plan TemplateCandidate NameCooperatin.docx
EDU 3338 Lesson Plan TemplateCandidate NameCooperatin.docx
 
EDU 3215 Lesson Plan Template & Elements Name Andres Rod.docx
EDU 3215 Lesson Plan Template & Elements Name Andres Rod.docxEDU 3215 Lesson Plan Template & Elements Name Andres Rod.docx
EDU 3215 Lesson Plan Template & Elements Name Andres Rod.docx
 
EDST 1100R SITUATED LEARNING EDST 1100 N Situated Learning .docx
EDST 1100R SITUATED LEARNING EDST 1100 N Situated Learning .docxEDST 1100R SITUATED LEARNING EDST 1100 N Situated Learning .docx
EDST 1100R SITUATED LEARNING EDST 1100 N Situated Learning .docx
 
EDU 151 Thematic Unit Required ComponentsThematic Unit Requireme.docx
EDU 151 Thematic Unit Required ComponentsThematic Unit Requireme.docxEDU 151 Thematic Unit Required ComponentsThematic Unit Requireme.docx
EDU 151 Thematic Unit Required ComponentsThematic Unit Requireme.docx
 
EDSP 429Differentiated Instruction PowerPoint InstructionsThe .docx
EDSP 429Differentiated Instruction PowerPoint InstructionsThe .docxEDSP 429Differentiated Instruction PowerPoint InstructionsThe .docx
EDSP 429Differentiated Instruction PowerPoint InstructionsThe .docx
 
EDSP 429Fact Sheet on Disability Categories InstructionsThe pu.docx
EDSP 429Fact Sheet on Disability Categories InstructionsThe pu.docxEDSP 429Fact Sheet on Disability Categories InstructionsThe pu.docx
EDSP 429Fact Sheet on Disability Categories InstructionsThe pu.docx
 
EDSP 370Individualized Education Plan (IEP) InstructionsThe .docx
EDSP 370Individualized Education Plan (IEP) InstructionsThe .docxEDSP 370Individualized Education Plan (IEP) InstructionsThe .docx
EDSP 370Individualized Education Plan (IEP) InstructionsThe .docx
 
EDSP 377Scenario InstructionsScenario 2 Teaching communicatio.docx
EDSP 377Scenario InstructionsScenario 2 Teaching communicatio.docxEDSP 377Scenario InstructionsScenario 2 Teaching communicatio.docx
EDSP 377Scenario InstructionsScenario 2 Teaching communicatio.docx
 
EDSP 377Autism Interventions1. Applied Behavior Analysis (ABA).docx
EDSP 377Autism Interventions1. Applied Behavior Analysis (ABA).docxEDSP 377Autism Interventions1. Applied Behavior Analysis (ABA).docx
EDSP 377Autism Interventions1. Applied Behavior Analysis (ABA).docx
 

Recently uploaded

MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 

Recently uploaded (20)

MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 

Case 11. What exactly occurred Twitter is one of popular soci.docx

  • 1. Case 1 1. What exactly occurred? Twitter is one of popular social media that targeted to be hacked. The social network said in that approximately 250,000 user accounts were potentially compromised, with attackers gaining access to information including user names and email addresses. The company first detected signs of an attack earlier in the week, which led to an investigation and the discovery of a larger breach. The company detected unusual access patterns that led to identify unauthorized access attempts to Twitter user data. They discovered one live attack and were able to shut it down in process moments later. However, their investigation has thus far indicated that the attackers may have had access to limited user information. Twitter has reset the passwords and revoked session tokens, which allow user to stay logged into the service without reentering a password, for all of these accounts. Affected users will not be able to log in and will receive an e- mail instructing them to reset their password. 2. How was the company affected? Twitter reports that 250,000 user accounts may have compromised. The company is able to detect the hacker immediately and send e-mail to the affected users instructing them to reset their passwords. They also recommend all users to create strong passwords and disable Java in their browsers. 3. What (if any) measures has the company taken since the breach to prevent future similar incidents? The company offers tips for all of its users going forward, including using strong passwords that mix numbers and symbols with upper- and lowercase letters, not using the same password for multiple accounts, update and upgrade antivirus software and disabling Java. The company also provides tips to keep the account secure and also steps to take if your account has been compromised.
  • 2. 4. In your opinion, did the company have sufficient security safeguards in place prior to the breach? In my opinion, Twitter has sufficient security safeguards in place prior to the breach. Twitter is able to detect the attacker before they get through all 200 million monthly active users. 250,000 accounts of affected users is a small amount comparing to the number of Twitter active users. After they notice the attack, the company have been reset the password of affected users and send them e-mail to change their password. I believed that after the breach Twitter would be more aware of the security protection. Case 2 1. What exactly occurred? Google detected a coordinated attempt by Chinese entities to compromise the accounts of Chinese dissidents. David Drummond, Google’s chief counsel, said, “A primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.” According to George Kurtz at McAfee, the attacks were part of a large-scale, well-organized operation called Aurora. As a result, Google has stopped censoring its search results in China, and has considered pulling out of the country entirely. 2. How was the company affected? The attacks were not just about dissidents. The attacks appeared to be part of a coordinated campaign that targeted the intellectual property of a wide swath of the US industrial base, including Dow Chemical, Symantec, Yahoo!, Northrop Grumman, and Juniper Networks. The attack will spur more collaboration between the US private and public sectors. Dispassionate observers will recall reports in the news from last year about large-scale industrial attacks against the US government and critical infrastructure. If these more recent attacks against private companies are also felt to be coming from similar sources (the PRC government, PLA red teams etc.), it won't take a genius to start connecting the dots. A
  • 3. formal public/private attack data sharing program, with generous safe-harbor exemptions, would be a good start. Re- invigorating the ISACs would be another. 3. What (if any) measures has the company taken since the breach to prevent future similar incidents? CISOs should dust off their social engineering playbooks and do some internal phishing testing on their employees to make sure their staffs get the message. 4. In your opinion, did the company have sufficient security safeguards in place prior to the breach? I think it is not enough for security. As an international company, they should let each country’s customer information keep independent. I believe if the American hackers attack Chinese customer Gmail, same problem will be happen, too. The best thing enterprises can do now is examine their security program to make sure that it includes healthy balanced diet of controls that protect both toxic data and secrets. I describe what enterprises should consider in my recent report. Case 3 In January 2012, Zappos.com was the victim of a cyber attack by a criminal who gained access to parts of its internal network and systems through one of its servers in Kentucky. More than 24 million of its customer accounts had been compromised. Hackers were able to access Zappos customer's names, e-mail addresses, addresses, phone numbers, the last four digits of credit card numbers and cryptically scrambled passwords. Zappos then has expired all customers' passwords, and directed customers to reset their passwords via a dedicated password- reset page. Zappos lost its reputation, brand, and trust with its customers due to this incident. Since most of people use similar passwords for most of their online log-ins or even online banking.
  • 4. Therefore, the Zappos breach made huge sense of how dangerous it could be to its customers. However, Zappos seems to have sufficient security safeguards in place prior to the breach as follow. Advance planning mitigates breach fallout. Zappos has already taken concrete information security steps,prior to the breach, to mitigate the potential fallout of any breach it might suffer. Such steps included hashing all user passwords and storing credit card data in a separate database. Create a response plan in advance. Zappos appeared to have a data breach notification response plan already in place. As part of that plan, the company emailed all employees with details about the breach, and included a copy of the breach-notification email it then sent to customers. Issue a clear, timely warning. After Zappos suffered a breach, the company issued a clear, timely notification to its customers, warning them that they should change their passwords on Zappos.com, as well as any other site on which they reused the same password. Secure stored credit card data. Cryptographically storing credit card numbers is a Payment Card Industry Data Security Standard (PCI DSS) requirement. Zappos apparently didfollow the PCI regulations. Zappos credit card information was encrypted or not stored in a way that hackers could use. Case 4 Security breach is a situation where an individual intentionally exceeds or misuses network, system, or data access in a manner that negatively affects the security of the organization’s data, systems, or operations.
  • 5. The article is talking about a security breach has exposed the information of many iPad owners including dozens of CEO, military officials, and top politicians. However, it does not stop. Because of AT&T network, there are 114,000 user accounts have been exploited. The information of exposing in the breach included email-address, associated ID and some information about identify the SIM card. AT&T closed the security hole. However, the victims have been unaware. This will influence the relationship between Apple and AT&T. “Brisk sales for the original wi-fi iPad had promised to turn the 3G model into a similar profit machine.” There are some methods of protecting consumers from security breaches. Changing the passwords frequently is the simplest way of protecting. Examining security logs whenever consumers log in. Updating systems will be another method of protecting consumers. Also, company should implement a security plan. And I think the most important way is raising the awareness of customers’ information security. In my opinion, the company does have security safeguards. However, there is no comprehensive safe for the consumers. If company and consumers want to decrease the security breaches, they should work together. Company should give a whole security plan and customers should increase their awareness of protecting their private information. Example Case
  • 6. 1. The Indiana Family and Social Services Administration (FSSA) has suffered a large breach of protected health information (PHI) as the result of actions of a business associate (BA). The Indiana Family and Social Services Administration (FSSA) is in the process of notifying some FSSA clients that some of their personal information may have been accidently disclosed to other clients. The accidental disclosures may have occurred when RCR Technology Corporation made a computer programming error to a document management system the company supports on behalf of FSSA. This error caused an undetermined number of documents being sent to clients to be duplicated and also inserted with documents sent to other clients. This means some of the clients may have received documents belonging to other clients along with their own documents. This was the second reported large PHI security breach suffered by the FSSA as a covered entity (CE) at the hands of a BA. 2. The company has been affected mainly by the programming mistakes and the many other human and technical errors and that leaded to security breaches. In compliance with federal and state privacy law, FSSA has sent written notices to the 187,533 potentially impacted FSSA clients informing them that some of their personal information may have been disclosed. The client of FASA may have received a surprise in the mail sometimes between May and early june of 2013. The FSSA mail had been opened to see detailed information about another FSSA client that could had included their name, address, case number, date of birth, gender, race, telephone number, email address, types of benefits received, monthly benefit amount and employer information. Some financial information such as monthly income and expenses, bank balances, other assets and certain medical information such as provider names were there in the email. It also contained whether the client receives disability benefits ,medical status or condition and certain information about the client's household members like name, gender and date of birth.
  • 7. It was not possible to determine specifically which clients had personal information disclosed. Therefore, all of the clients potentially impacted are being notified.In an announcement made on July1 of 2013, the FSSA was telling its clients to return the accidentally mailed documents to the local FSSA office or to shred them. The FSSA provided detailed information as to how the breach occurred and what steps can be taken by individuals whose information might have been breached to protect their credit. 3.The company should take necessary steps to improve their computer programming and testing processes to prevent similar errors from occurring in the future.There are some more security tips which will help to protect the company data from security breaches. a)Train comany employees: Companies should train all of their employees to use strong password to avoid dangerous links and emails. b)Know company data: Employees should know where confidential data is stored and be sure to have it in a secure location. c)Keep track of company devices: Companies should keep track of all the devices that employees use as a means to prevent potential data breaches. d)Protect company’s network:Companies need to utilize firewalls and virtual private networks to secure sensitive information. e)Secure physical devices:All electronics and physical devices should be secured and locked so that access is limited. f)Keep facilities safe:Offices and stores should be locked to keep them protected. g)Protect company’s website:Companies can reassure customers by using trustmarks on their website and utilizing strong anti- virus software. h)Have clear cybersecurity policies:Companies should write a clear, well-planned policy that encompasses device use and how to dispose of secure information.
  • 8. i)Dispose of products the right way: When devices are no longer being used, companies need to wipe all information from them and physically shred all paper documents. j)Screen employees:Companies can limit their risk by screening employees prior to hiring them. 4. In my opinion I don’t think the company have sufficient safeguard in prior to breach because this was the second time the company reported large PHI security breach suffered as a covered entity (CE) at the hands of a business associate (BA). Once on November 9, 2010 the Department of Health and Human Services (HHS) list of large PHI security breaches reflects that the FSSA as the CE reported its BA. The Southwestern Indiana Regional Council on Aging had experienced the theft of a laptop computer containing unprotected PHI of 757 individuals. Example Comment This is a great example of an accidental breach. Things like this are more common that most people probably think. I'm sure the clients of FSSA were NOT happy to find out strangers might have such sensitive information about them. I remember once I got something from my Doctor's office that had information about another patient inserted into it. The information included his name, address, birthdate, patient id, and description of (somewhat embarrassing) services. I wrote a strong letter to the billing department and cc'ed it to both my doctor and the clinic director pointing out their HIPAA violation. I bet they never told the other patient about it, though. I didn't because I thought he would be horrified to know that I knew about his rather embarrassing issue.