NAB’s Response to Data Breach
Added on 2022-09-07
12 Pages2692 Words27 Views
Running head: IT AUDIT AND CONTROLS
IT Audit and Controls
Name of Student
Name of University
Author Note
IT Audit and Controls
Name of Student
Name of University
Author Note
1
IT AUDIT AND CONTROLS
Table of Contents
1. Overview of the Problem Addressed by NAB................................................................2
2. Description of the Common Security Issues...................................................................3
3. NAB’s Response to Data Breach.....................................................................................4
4. Suggested Information Security Measures......................................................................5
5. Role of Cloud Computing in Information Security.........................................................7
References............................................................................................................................9
IT AUDIT AND CONTROLS
Table of Contents
1. Overview of the Problem Addressed by NAB................................................................2
2. Description of the Common Security Issues...................................................................3
3. NAB’s Response to Data Breach.....................................................................................4
4. Suggested Information Security Measures......................................................................5
5. Role of Cloud Computing in Information Security.........................................................7
References............................................................................................................................9
2
IT AUDIT AND CONTROLS
1. Overview of the Problem Addressed by NAB
The National Australia Bank, had faced an issue of data breach on July 26, 2019 due to a
human error. The breach resulted in uploading the personal data of 13,000 customer to the
servers of two data Service Company. The data breach proved to be a major issue mainly
because the uploaded data included personal information of the those customers, including their
name, date of birth, the personal contact details and in certain cases, the detailed of the
government issued identification number. These information could have been used by the
hackers, criminals or opportunist for their personal benefit or to execute an online crime such as
online fraud, identity theft and blackmail. However, the data breach did not adversely affected
the security of the customers’ account as the issue was quickly detected and all the uploaded data
was taken down within two hours. However, this particular incident questions the security
mechanism that are adopted by NAB.
The issues could be easily addressed and controlled mostly because it was not a cyber-
security issue. The data was uploaded in the servers of the Service Company and the company
was quick to take down those data when asked. However, the incident definitely affected the
customers’ trust to the security system offered by the 4th largest bank in Australia. This incident
indicates the need for the bank to evaluate the common security issues that are associated with
the internal network and the operations of the bank to ascertain that similar events does not occur
in future. The report provides an idea of the NAB’s response to the data breach along with the
suggested information security measures that are needed to be taken by the organization. The
data breach indicates that NAB is required to invest on strengthening the information security of
the bank and for that the CEO wishes to make use of cloud. The report will establish the benefits
of using cloud in protection of information security.
IT AUDIT AND CONTROLS
1. Overview of the Problem Addressed by NAB
The National Australia Bank, had faced an issue of data breach on July 26, 2019 due to a
human error. The breach resulted in uploading the personal data of 13,000 customer to the
servers of two data Service Company. The data breach proved to be a major issue mainly
because the uploaded data included personal information of the those customers, including their
name, date of birth, the personal contact details and in certain cases, the detailed of the
government issued identification number. These information could have been used by the
hackers, criminals or opportunist for their personal benefit or to execute an online crime such as
online fraud, identity theft and blackmail. However, the data breach did not adversely affected
the security of the customers’ account as the issue was quickly detected and all the uploaded data
was taken down within two hours. However, this particular incident questions the security
mechanism that are adopted by NAB.
The issues could be easily addressed and controlled mostly because it was not a cyber-
security issue. The data was uploaded in the servers of the Service Company and the company
was quick to take down those data when asked. However, the incident definitely affected the
customers’ trust to the security system offered by the 4th largest bank in Australia. This incident
indicates the need for the bank to evaluate the common security issues that are associated with
the internal network and the operations of the bank to ascertain that similar events does not occur
in future. The report provides an idea of the NAB’s response to the data breach along with the
suggested information security measures that are needed to be taken by the organization. The
data breach indicates that NAB is required to invest on strengthening the information security of
the bank and for that the CEO wishes to make use of cloud. The report will establish the benefits
of using cloud in protection of information security.
3
IT AUDIT AND CONTROLS
2. Description of the Common Security Issues
The data breach due to human error questions the security of the bank and the security to
the personal and confidential information of the customers. The issue could have been serious if
the data was uploaded in any public server or platform. The incident indicates there is a need of
auditing the security measures and the internal security system of the bank to recommend
effective solutions.
The use of technology have made banking quite convenient for the customers and at the
same time, it has increased the efficiency of providing banking services for the customers.
However, in the current situation, NAB requires to review the common security issue that can
risk the confidentiality of the customers’ data and information (Ahmad, Maynard and Park
2014). The auditor is required to investigate the storage process of the confidential customers’
information. The auditor needs to check whether the stored data is encrypted prior to upload to
any servers.
Another straightforward banking security issue is spoofing. This is a common security
issue that is needed to be investigate by the auditor. Spoofing incorporates development of fake
banking website by the fraudsters to rob the customers (Safa, Von Solms and Furnell 2016). The
employees and the customers of NAB needs to be aware of these type of threats and for that
investigation of this security issue becomes a necessity.
The data breach in NAB has occurred mainly because of human error, where an
employee might have unloaded the customers’ information without knowing or realizing its
repercussions. Hence, it is of foremost necessity for the auditor to investigate the security
IT AUDIT AND CONTROLS
2. Description of the Common Security Issues
The data breach due to human error questions the security of the bank and the security to
the personal and confidential information of the customers. The issue could have been serious if
the data was uploaded in any public server or platform. The incident indicates there is a need of
auditing the security measures and the internal security system of the bank to recommend
effective solutions.
The use of technology have made banking quite convenient for the customers and at the
same time, it has increased the efficiency of providing banking services for the customers.
However, in the current situation, NAB requires to review the common security issue that can
risk the confidentiality of the customers’ data and information (Ahmad, Maynard and Park
2014). The auditor is required to investigate the storage process of the confidential customers’
information. The auditor needs to check whether the stored data is encrypted prior to upload to
any servers.
Another straightforward banking security issue is spoofing. This is a common security
issue that is needed to be investigate by the auditor. Spoofing incorporates development of fake
banking website by the fraudsters to rob the customers (Safa, Von Solms and Furnell 2016). The
employees and the customers of NAB needs to be aware of these type of threats and for that
investigation of this security issue becomes a necessity.
The data breach in NAB has occurred mainly because of human error, where an
employee might have unloaded the customers’ information without knowing or realizing its
repercussions. Hence, it is of foremost necessity for the auditor to investigate the security
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Information Security Measures And Data Breach Studylg...
|10
|2424
|20
Case Study of National Australia Bank Data Breachlg...
|7
|2344
|37
SBM4302 It Audit And Controls Reportlg...
|11
|3025
|10
IT Audit and Controlslg...
|7
|1963
|24
Data Security and Privacy at National Australian Banklg...
|10
|2580
|25
It Audit and controlslg...
|10
|2639
|56