Data Breach: Analysis of Causes, Regulations, and Prevention Methods

Verified

Added on 2023/05/31

AI Summary

This report delves into the critical issue of data breaches within the realm of cyber security, emphasizing its growing significance. It examines the various reasons behind data breaches, including human error, lack of security measures, and sophisticated hacking techniques. The report analyzes recent high-profile cases, such as the Target and Yahoo breaches, highlighting the devastating consequences. It also discusses the existing laws and regulations, like PCI DSS and GDPR, designed to prevent data breaches and protect sensitive information. The conclusion stresses the importance of user awareness and common sense, alongside strong security protocols, to effectively mitigate the risks of data breaches in an ever-evolving technological landscape. The report recommends implementing robust security measures, employee training, and staying informed about the latest cyber threats.

Running Head: DATA BREACH IS A HUGE CONCERN FOR CYBER SECURITY
EXPERTS
DATA BREACH IS A HUGE CONCERN FOR CYBER SECURITY EXPERTS
Name of the Student:
Name of the University:
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1DATA BREACH IS A HUGE CONCERN FOR CYBER SECURITY EXPERTS
Abstract
Data Breach have been the growing concern of cyber security providers. With every step of
improvement in technology, hackers are implementing different strategies to hack on the
personal and confidential details of users and enterprises to make profit and misuse them.
Different countries are implementing different rules and regulations and globally accepted to
prevent data breach. The study involves analysis of the reasons of data breach and regulations to
prevent them. However, it is clear that without the intervention of common sense of the user no
law is implemented effectively to prevent data breach.

2DATA BREACH IS A HUGE CONCERN FOR CYBER SECURITY EXPERTS
Table of Contents
Introduction......................................................................................................................................3
Reasons of Data Breach...................................................................................................................3
Latest cases of Data breach..............................................................................................................4
Laws and regulations to prevent Data Breach.................................................................................5
Conclusion and Recommendation...................................................................................................5
References........................................................................................................................................7

3DATA BREACH IS A HUGE CONCERN FOR CYBER SECURITY EXPERTS
Introduction
Data Breach is one of the first growing trend among cyber security criminal cases.
Sensitive and confidential information about internet users are illegally accessed and used for
forgery and other cybercrimes. The list of sensitive information includes personally identifiable
information or PII, personal health information or PHI, online transaction details, payment card
details and many other confidential trade secrets (Cheng, Liu & Yao, 2017). In case, those who
are not authorized to view or access personal confidential information, get access to such
information, then the company which is authorized to protect them faces data breach in their
system. In such case if the data breach ends in violation of any government or industrial
regulation mandates or happens to be identity breach then the authorized company will face
severe consequences under civil litigation of the country (Sarabi, Naghizadeh, Liu & Liu, 2016).
Over the years, techniques of data breach has been revised and modified to blind the concerned
authority and splurge every trials to overcome the threats.
Reasons of Data Breach
Cases of data breach is not so dramatic like an unauthorized personal hacking into the
website of a company and accessing data related to them to misuse them. However, it is way too
practical like over sighting the patient details from the computer in the reception of a hospital. In
general, there are broadly two situations when data breach can actually happen. The first one is
lack of human intension to utilize proper security measures (Romanosky, Hoffman & Acquisti,
2014). The absence of a strong password or lost software cover which can be misused from a lost
smart phone or a lost laptop or even while a person uses insecure wireless network, confidential
credentials like user details and financial details are exposed to the hackers and creates a huge

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4DATA BREACH IS A HUGE CONCERN FOR CYBER SECURITY EXPERTS
chance of data breach. On the other hand, email phishing is a smart way to make the users
expose their credentials to the hackers via successive malware viruses. Data hacking can go
undetected for months even years in such cases unless the user is concerned about the security
(Sen & Borle, 2015). In the second scenario companies and government accidently reveal
confidential data base over internet due to some misconfiguration of cloud computing services or
failure in implementation of access control software used by the concerned authority. Such
situations are termed as accidental security breach.
Latest cases of Data breach
Data breach has been a major concern from last couple of years. Major companies,
governments of different countries are in the list of affected besides millions of individuals every
year. However, there are some particular cases, which have raised red flag among online security
providers. Some of those cases are stated here. One of the most noted cases of data breach is the
case of retail giant Target Corporation in 2013 (Manworren, Letwat & Daily, 2016). A third
party company handled the initial intrusion point of the website of the company. The hackers
accessed the credentials of the third party business and got access to the main site of Target
Corporation. As per reports they hacked information about nearly 110 million users of the
website. This case led to several law suits and laws of data security by the government of
different countries. The result of this case was devastating as the company had to pay $10
million for compensation to the users and the CEO had to resign.
Another most shout out cases of data breach is the case of Yahoo in 2013, which went
undetected until 2016. Investigation revealed that hackers have breached confidential data of
more than 3 billion users worldwide. A second breach was detected in 2014 in which data of
more than 4oo million users had been hacked.

5DATA BREACH IS A HUGE CONCERN FOR CYBER SECURITY EXPERTS
Laws and regulations to prevent Data Breach
There are a number of company security guidelines and government laws and
regulations, which have been mandated to strictly control the data flow and data security over
internet. The most notable among them are stated here.
1. The Payment Card Industry Data Security Standard (PCI DSS) is the most noted one
which control the authority of handling sensitive personally identifiable information or
PII of every user. This law is applicable in corporate environment of work.
2. For healthcare sector, Health Insurance Portability and Accountability Act (HIPAA)
controls access to personal health information or PHI of a person (Patil & Seshadri,
2014). In case, any data breach happens there are different regulations associated with
this, which are violated. They are different state and country data breach notification
laws, Health Information Technology for Economic and Clinical Health (HITECH) Act,
Omnibus Rule. However, there is no typical protection law for intellectual property until
date.
3. New regulations and laws are proposed and mandated by different countries every year to
fight back data breach and improve information security. Some of them are Data Security
and Breach Notification Act (2017) in America and General Data Protection
Regulation(GDPR) of European Union. The later one notifies data breach within seventy-
two hours of the incident.
Conclusion and Recommendation
There are no rule set to prevent data breach fully as new technologies are immerging
every day. The most important factor, which can help to avoid data breach, is common sense of

6DATA BREACH IS A HUGE CONCERN FOR CYBER SECURITY EXPERTS
the user. It includes implementing strong passwords, which are not indicative to any personal
details, reviewing security procedures regularly besides implementing strong malware
protection. Besides, Data breach notifications and regulations, companies should implement
strong security protocols for employee communication too. Hackers do engage in evolving
different data breach techniques everyday however, the security protocols are strengthened too.
Using internet with common sense is the best option to avoid data breach.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7DATA BREACH IS A HUGE CONCERN FOR CYBER SECURITY EXPERTS
References
Cheng, L., Liu, F., & Yao, D. (2017). Enterprise data breach: causes, challenges, prevention, and
future directions. Wiley Interdisciplinary Reviews: Data Mining and Knowledge
Discovery, 7(5), e1211.
Manworren, N., Letwat, J., & Daily, O. (2016). Why you should care about the Target data
breach. Business Horizons, 59(3), 257-266.
Patil, H. K., & Seshadri, R. (2014, June). Big data security and privacy issues in healthcare.
In Big Data (BigData Congress), 2014 IEEE International Congress on (pp. 762-765).
IEEE.
Romanosky, S., Hoffman, D., & Acquisti, A. (2014). Empirical analysis of data breach
litigation. Journal of Empirical Legal Studies, 11(1), 74-104.
Sarabi, A., Naghizadeh, P., Liu, Y., & Liu, M. (2016). Risky business: Fine-grained data breach
prediction using business profiles. Journal of Cybersecurity, 2(1), 15-28.
Sen, R., & Borle, S. (2015). Estimating the contextual risk of data breach: An empirical
approach. Journal of Management Information Systems, 32(2), 314-341.