Data Breach Security Presentation - University of New

Verified

Added on 2022/09/09

AI Summary

The presentation focuses on a data breach incident at the University of New, addressing various aspects of the issue. It begins by outlining the background, severity, and groups involved in the incident. The presentation details the procedures for recovering from the incident, which include monitoring data transactions, blocking routes, and assessing data backups. It also suggests actions to prevent similar incidents, such as implementing firewalls, data encryption, and hardening the operating system. Furthermore, the presentation covers steps to improve detection techniques using tools like Intrusion Detection Systems, Cause and Effect Diagrams, Affinity Diagrams, OpenVAS, and Wireshark. The conclusion emphasizes the importance of assessing the recommendations provided for enhancing the security process and mitigating future issues.

DATA BREACHING
SECURITY

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Introduction
Data breaching have been one of the major concern for the job post of CISO for
University of New. The power point will discuss about the following: -
Background
Severity level of the incident
Groups involved
Procedures to recover from incident
Actions to prevent similar incidents

Background
 Being employed as CISO for the University of New.
 University is facing strong indication of data breach
 National Crime Agency and University's legal department have found
issues
 More than 30 transactions have been detected via one IP address.
 Team was not properly prepared for the attack and hence this
affected in excess wastage of time.

Severity level
 Severity level of the entire incident was high
 Private and Public data of the University was facing security issues
 More than 30 transactions were made form a same IP address.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Groups involved
The groups that are involved in the process are as follows: -
 CISO
 Employees of the organization
 Victims

Measures to contain and recover
from incident
 Monitor data transaction routes
 Block all the routes available
 Change keys of the routes so that access to the networks can be
disabled

Steps to recover from the incident
 Vet third party partners
 Assess back up of the data that have been transacted.
 Use recertification campaigns

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Actions to prevent similar incidents
The steps that are needed to be taken for preventing similar incidents
are as follows: -
 Implement Firewall
 Data encryption
 Hardening operating system

Actions to prevent similar incidents
 Create an incident response plan
 Perform Vulnerability scanning
 Maintain proper patching of data

Steps to improve detection
technique
The tools that can be used for detecting similar events are as follows: -
 Intrusion Detection System
 Creation of Cause and Effect Diagram
 Creation of Nominal Group Technique

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Steps to improve detection
technique
The tools that can be used for detecting similar events are as follows: -
 Creation of Affinity diagrams
 Usage of OpenVAS will be helpful as well.
 Usage of Wireshark for detection of abnormalities in network traffic.

Summary
From the above discussion, it can be stated that the security level of the
entire issue was high. Measures that have been stated in the PowerPoint
might be acting beneficial. Detection techniques are also stated in the
power point.