Introduction to Business Information Systems: Data Breach Report

Verified

Added on 2022/12/28

AI Summary

This report, prepared for the Introduction to Business Information Systems (WISY104) course at Macquarie University, addresses the topic of data breaches. It defines data breaches as unauthorized access or disclosure of sensitive information, encompassing personal health information, personally identifiable information, and trade secrets. The report outlines various causes of data breaches, including cybercriminal activities exploiting security weaknesses and social attacks that trick employees. It details the steps organizations should take to handle data breaches, such as containment, investigation, notification, and security auditing. The report emphasizes the importance of immediate action to isolate affected systems, assess damage, notify relevant parties, and implement security audits for future protection. References to relevant literature are also included.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: DATA BREACH
DATA BREACH
Name of the Student
Name of the Organization
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1DATA BREACH
Answer to question 4
A data breach is basically in incident which is totally confirmed within which all the
sensitive, private or rather some safeguarded data has been well accessed or rather totally
disclosed within a fashion which will be totally unauthorized. Breaches of data may be
involving all the PHI or the information of personal health, information which is identifiable
personally and even all the various secrets of trade (Manworren, Letwat and Daily 2016).
Some of the very common exposures of data breach will be involving all the several personal
information like the numbers in the credit cards, histories related to healthcare and also some
information related to the corporate life as well. If someone who will be not at all authorized
specifically for doing so views like the data, the particular organization which will be totally
charged with the protection of that specific information will be said to have been hugely
suffered a kind of data breach.
Data breach occurs is a number of ways. It may be happening that the cybercriminal
may be looking for several weaknesses in the specific security of the company. The
cybercriminal may be making a direct initial contact utilizing either any specific network or
rather social attack. An attack in the network mostly occurs whenever any cybercriminal will
be utilizing the infrastructure and various weaknesses of application for infiltrating the
network of the organization (Romanosky, Hoffman and Acquisti 2014). All the various social
attacks will be involving fully tricking of several employees into specifically providing
access to the network of the organization. Any of the employee may be totally duped into
supplying all the various credentials of login or even be greatly fooled into the direct opening
of an attachment which will be malicious. Once any of the cybercriminal will be getting into
one of the computer, he can then be hugely attacking the particular network as well as a
tunnel with the specific way towards all the confidential data of the company (Sen and Borle

2DATA BREACH
2015). Once all the several hackers will be able to extract the data, the particular attack will
be considered to be totally successful.
Data breach can be handled well by following some of the essential steps. First of all,
if any organization will be noticing any kind of breach, it is really very much essential to
contain that breach as soon as possible (Solove and Citron 2017). All the various ways within
which any organization will be containing the breach will be actually dependent upon the
specific nature of the attack and the affected system. Everyone must be starting to isolate the
system which will be accessed by a particular hacker and then the breach can be prevented
from directly spreading into the total network. After eliminating the damage, the very next
step will be the investigation of it and the assessment of the particular damage which it has
actually caused to the entire organization. After the investigation, organizations will be
capable of discovering all of those which have been affected and also all of those which can
be. It is very much essential to notify all the authorities and some other individuals which
may be affected greatly. After all the steps of the recovery of the data breach, there is a huge
need for a security auditing for assessing the recent systems of security of the organization. It
will also be helping a lot in preparing for all the several plans for the recovery in the nearer
future.

3DATA BREACH
References
Manworren, N., Letwat, J. and Daily, O., 2016. Why you should care about the Target data
breach. Business Horizons, 59(3), pp.257-266.
Romanosky, S., Hoffman, D. and Acquisti, A., 2014. Empirical analysis of data breach
litigation. Journal of Empirical Legal Studies, 11(1), pp.74-104.
Sen, R. and Borle, S., 2015. Estimating the contextual risk of data breach: An empirical
approach. Journal of Management Information Systems, 32(2), pp.314-341.
Solove, D.J. and Citron, D.K., 2017. Risk and anxiety: A theory of data-breach harms. Tex.
L. Rev., 96, p.737.