Data Breach Case Study

706 Words 3 Pages
Data breaches and cyber attacks have become increasing more common, last year there were huge data breaches at large companies such as Target, Sony, Ebay, P.F. Chang’s, Domino’s pizza and many many more (McGregor, 2014). According to ITRC, 2015, “The number of U.S. data breaches tracked in 2014 hit a record high of 783 in 2014.” (para. 1) When a data breach occurs it means that sensitive data has been viewed, stolen or otherwise used by party that did not have authorization to that data. Data breaches have become so commonplace that it is more common to have been breached than to not. It is the responsibility of the company collecting the data to protect the information received from customers. Companies should take precautions and minimize …show more content…
Computer and software security includes strong passwords with ninety day expiration, firewalls, anti-virus and malware software, encryption and monitoring updates and patches. Physical security measures include, safes, locked cabinets, shredders and surveillance. As crucial as it is to implement physical and computer security, it is just as critical to train employees on the procedures and the proper use of the provided tools. Ongoing security education and instruction will help to prevent careless mistakes that can lead to vulnerability and breach. Creating and maintaining an incident response plan as well informing employees of its existence is significant. In the chaotic incident of a data breach a guide and listing of steps will assist in the process.
It is also imperative to define security requirements upfront with vendors and other third party service providers. It may be necessary to acquire outside services to uphold and maintain appropriate security measures to comply with certain state and federal regulations. Ensuring that the company maintains control of data at all times, especially with data storage or services, is
…show more content…
Reputation, productivity, and profitability can all be negatively impacted in the aftermath of even a single incident. If a data breach results in actual identity theft or other financial loss, the offending organization may face fines, civil or criminal prosecution. In case that a breach does occur it is important to immediately reference the incident-response plan. Time is of the essence, acting quickly can shut down further damage either by the offender or by noncompliance of state and or federal regulations. Failure to act promptly could lead to both increased regulatory scrutiny and liability. The immediate goal is to minimize reputation damage and customer hardship, offering credit monitoring might help to prevent further damage to clients and restore a sense of

Related Documents