Data Breach at Equifax (attached)
- Thoroughly read the case. It is recommended that you read 2-3 times. (Attached)
- Prepare a 5-page report (12-point font, double spaced not including the title page or reference page), that addresses the following questions:
- Identify the key factors that created the weak security situation in a company.
- Discuss vulnerabilities that were exploited in Equifax incident. Provide assessment of appropriate organizational and security controls that were put in place by the company before the breach.
- Consider the measures the company has taken to recover from the incident.
- Evaluate post-attack security measures. Discuss and prioritise the risks.
- Could have this incident been prevented
- Evaluate the company’s response to this incident and the measures proposed by US government. Which of these measures can be adopted by other companies?
GAO. (2018). Actions taken by Equifax and federal agencies in response to the 2017 breach. Retrieved from https://www.gao.gov/products/GAO-18-559
Singer, P. W., & Friedman, A. (2014). Cybersecurity and cyberwar: What everyone needs to know. New York, NY: Oxford University Press. Retrieved from https://is.muni.cz/el/1423/podzim2018/BSS469/um/P.W._Singer__Allan_Friedman_Cybersecurity_and_Cyberwar__What_Everyone_Needs_to_Know___2014__Oxford_University_Press_.pdf