Information Security Breach Guidelines
Your job is to do some deep research on THREE cases and find out the root cause of a security breach covered in the media. I recommend you review security breaches that are at least over 6 months old as there may not be enough information reported on new breaches. You will Google all THREE cases and find as many articles as you can about it. From there extract the information and write up THREE different reports (one full page each).
What do I mean by root cause? For instance, you may run across a case where it is reported that malware was introduced into the system. That is not the root cause. How did the malware get there? Perhaps a company employee answered a phishing attack. That would be the root cause. Maybe the company failed to patch a known vulnerability. That, too, would be a root cause.
Once you have selected your THREE security breaches, write THREE different summaries of each breach. Include the following items:
1. COURSE NUMBER, SEMESTER and YEAR, YOUR NAME
2. NAME: of the company or organization that incurred the breach
3. DATE of the breach (month and year)
4. SUMMARY to include the nature of the breach, what information was lost or stolen (i.e. credit cards numbers, PII, etc), and what caused the breach to occur. While this is a summary, do be thorough. This should be a short paragraph.
5. IMPACT: What was the impact of the breach? Where there fines levied? Lawsuits? Costs to replace credit cards? In total, how much did the breach cost the company? This should be a short paragraph.
6. NEW CONTROLS/COUNTERMEASURES: What did the organization due to prevent the breach from recurring.
7. ROOT CAUSE: State clearly your conclusions about the root cause and justify why you believe it to the root causes (malware is not a root cause unless the hacker exploited an unknown vulnerability or create some really novel hacking tool). This should be a short paragraph.
8. ROOT CAUSE CATEGORY: This should be a word or two, or a short phrase like Successful Phishing Attack or Weak Password Compromise
9. REFERENCES: Where did you get your information? Use multiple sources and report the once you used.
Final note: I recommend that you NOT attempt to review a very recent security breach. The information you will need is not likely available to the public yet. Stick to security breaches that are at least 6 months old or older.