ACCG3058: Information Systems Audit Report on Data Breach
VerifiedAdded on 2022/07/28
|13
|3280
|20
Report
AI Summary
This IS Audit Report examines a data breach experienced by Norwegian Cruise Lines, focusing on the incident's background, identification of the problem, audit approach, and potential solutions. The report details the company's technology environment and the "Cruise Freedom" mobile application...
Read More
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: IS AUDIT REPORT
IS AUDIT REPORT
Name of the Student
Name of University
Author note
IS AUDIT REPORT
Name of the Student
Name of University
Author note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1IS AUDIT REPORT
Executive Summary
Data breach is a very serious problem for every organisation in this globe. It is responsible
for significant loss of financial as well as sensitive information of a particular company. It
continues to provide threat to the privacy of an organisation and critical infrastructure of the
information. In 2020, Norwegian Cruise Lines faced a massive data breach. On March 13,
2020, this organisation discovered that their database was inside the dark web. According to
DynaRisk, 29,969 data records were breached. They mentioned that agents of the
organisation were in severe risk of being targeted by the cyber attacks. This report will
clearly describe regarding the background of the organisation and technology environment. In
this report, it will also discuss regarding the identification of the issues, procedure of IS audit,
and potential solution.
Executive Summary
Data breach is a very serious problem for every organisation in this globe. It is responsible
for significant loss of financial as well as sensitive information of a particular company. It
continues to provide threat to the privacy of an organisation and critical infrastructure of the
information. In 2020, Norwegian Cruise Lines faced a massive data breach. On March 13,
2020, this organisation discovered that their database was inside the dark web. According to
DynaRisk, 29,969 data records were breached. They mentioned that agents of the
organisation were in severe risk of being targeted by the cyber attacks. This report will
clearly describe regarding the background of the organisation and technology environment. In
this report, it will also discuss regarding the identification of the issues, procedure of IS audit,
and potential solution.
2IS AUDIT REPORT
Table of Contents
Introduction................................................................................................................................3
Background to the Case.............................................................................................................3
Identification of problem............................................................................................................4
Audit approach and Potential solution.......................................................................................5
Conclusion..................................................................................................................................9
References................................................................................................................................10
Appendix..................................................................................................................................12
Table of Contents
Introduction................................................................................................................................3
Background to the Case.............................................................................................................3
Identification of problem............................................................................................................4
Audit approach and Potential solution.......................................................................................5
Conclusion..................................................................................................................................9
References................................................................................................................................10
Appendix..................................................................................................................................12
3IS AUDIT REPORT
Introduction
Data breach is considered as an incident that is responsible for exposing confidential
information (Aung, Lwin and Lin 2020). It may disclose the social security number, bank
account details, credit or debit card number and personal health information of a person. A
data breach can accidental or intentional. A black hat hacker may hack the database of a
company where many people shared their personal details. Retailers, hospitals, government
offices, corporations and colleges are all been targeted as data breaches.
In this report, at first, back of the data breach of Norwegian Cruise Lines will be
discussed (Andoh-Baidoo and Lee 2020). After that, it will discuss regarding the detection of
the problem of such incident. Then it will discuss regarding the audit approach and potential
solution of the occurred incident.
Background to the Case
Norwegian Cruise Lines is the third largest cruise lines in the globe by passengers.
They offer various cruise tours in different parts of the world. They offer “freestyle crusing”
which features no enforcement of dress codes, no specific timing for dinner, a pleathora for
onboard entertainment and family friendly activities. At the time of voyage, passengers can
watch live shows like “After Midnight” or the Tony award nominated “Rock of Ages”
musicals. Young people can spend their time at onboard water parks and kids clubs. They
have “freestyle dining” facility (Cruises & Cruise Deals | Plan Your Cruise Holiday | NCL,
2020). With the help of this facility, passengers can get acquainted with many globally
inspired eateries such as French style bistro and a teppanyaki restaurant of Japan. Norwegian
Cruise Lines give conventional cruise buffets and formal dining rooms.
Norwegian Cruise Lines develop a new innovative technology platform named
“Cruise Freedom”. It is a mobile application. It helps to enhance the guest experiences from
the moment of booking throughout Norwegian Cruise. It helps to stress free embarkation day
with mobile check in for reserving a table at one of Norwegian speciality restaurant (Cruise
Freedom™ | Norwegian Cruise Line | Technology and Mobile Apps, 2020). They push the
limits of innovation via technology on its young and modern fleet. For developing this mobile
application, they give a contract to a company named DeCurtis. They create elegantly simple
solutions to solve complicated problems. It is the main focus of the company in last twenty
years. This mobile application helps the make a revolution and truly modifies guest and crew
Introduction
Data breach is considered as an incident that is responsible for exposing confidential
information (Aung, Lwin and Lin 2020). It may disclose the social security number, bank
account details, credit or debit card number and personal health information of a person. A
data breach can accidental or intentional. A black hat hacker may hack the database of a
company where many people shared their personal details. Retailers, hospitals, government
offices, corporations and colleges are all been targeted as data breaches.
In this report, at first, back of the data breach of Norwegian Cruise Lines will be
discussed (Andoh-Baidoo and Lee 2020). After that, it will discuss regarding the detection of
the problem of such incident. Then it will discuss regarding the audit approach and potential
solution of the occurred incident.
Background to the Case
Norwegian Cruise Lines is the third largest cruise lines in the globe by passengers.
They offer various cruise tours in different parts of the world. They offer “freestyle crusing”
which features no enforcement of dress codes, no specific timing for dinner, a pleathora for
onboard entertainment and family friendly activities. At the time of voyage, passengers can
watch live shows like “After Midnight” or the Tony award nominated “Rock of Ages”
musicals. Young people can spend their time at onboard water parks and kids clubs. They
have “freestyle dining” facility (Cruises & Cruise Deals | Plan Your Cruise Holiday | NCL,
2020). With the help of this facility, passengers can get acquainted with many globally
inspired eateries such as French style bistro and a teppanyaki restaurant of Japan. Norwegian
Cruise Lines give conventional cruise buffets and formal dining rooms.
Norwegian Cruise Lines develop a new innovative technology platform named
“Cruise Freedom”. It is a mobile application. It helps to enhance the guest experiences from
the moment of booking throughout Norwegian Cruise. It helps to stress free embarkation day
with mobile check in for reserving a table at one of Norwegian speciality restaurant (Cruise
Freedom™ | Norwegian Cruise Line | Technology and Mobile Apps, 2020). They push the
limits of innovation via technology on its young and modern fleet. For developing this mobile
application, they give a contract to a company named DeCurtis. They create elegantly simple
solutions to solve complicated problems. It is the main focus of the company in last twenty
years. This mobile application helps the make a revolution and truly modifies guest and crew
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4IS AUDIT REPORT
experiences in a unique and rewarding space. With the help of various IT technologies,
Norwegian Cruise Lines wants to make the cruise operations more memorable and
immersive. They mention that Cruise Freedom has a very bright future for personalization of
the guest experiences in a seamless way.
They have a travel agent portal. New travel agents of this company need to register
their name in this portal (Cruises & Cruise Deals | Plan Your Cruise Holiday | NCL, 2020).
After that, they will receive a login id and password. With the help of the provided login
credentials, new agents can login to their account and perform their assigned duties. But the
old travel agents can use their existing login credentials to perform the login operation.
Identification of problem
Following are the steps by which cyber criminals perform the data breach of the
Norwegian Cruise Lines.
Cyber criminals look for the weaknesses of the security of the travel agent portal of
the Norwegian Cruise Lines. They found that, there was a credential dump.
After getting this issue of their travel agent portal, they made an initial contact with
the help of network attack (Bronk and Dewitte 2020). With the help of the network
attack, they infiltrated the network of the Norwegian Cruise Lines.
When the cyber-criminals were able to get into one computer of the Norwegian
Cruise Lines, they started performing the attack and tunnelled their way to make the
data of the company confidential. By this way, hackers or the cyber-criminals were
able to extract the data of the web portal of the travel agents.
The stakeholders of the Norwegian Cruise Lines (such as Vanguard Global Advisor,
Janus Capital Management LLC, BlackRock Fund Advisors, AQR Capital Management LLC
and many others) have faced worst consequences for this data breach. They lose lots of data
of them which are stored in the database of the Norwegian Cruise Lines (Chen et al. 2020).
For fixing their data, they need to invest a huge amount of money.
According to DynaRisk, because of this data breach, 29,969 agent records were
breached (#Privacy: Norwegian Cruise Line hit by data breach - PrivSec Report, 2020).
These agents were working for the Virgin Holidays, TUI and many others. DynaRisk
explained that travels agents of the organisation were at huge risk of being targeted by the
cyber criminals. As per DynaRisk, the Norwegian Cruise Lines were affected by some
experiences in a unique and rewarding space. With the help of various IT technologies,
Norwegian Cruise Lines wants to make the cruise operations more memorable and
immersive. They mention that Cruise Freedom has a very bright future for personalization of
the guest experiences in a seamless way.
They have a travel agent portal. New travel agents of this company need to register
their name in this portal (Cruises & Cruise Deals | Plan Your Cruise Holiday | NCL, 2020).
After that, they will receive a login id and password. With the help of the provided login
credentials, new agents can login to their account and perform their assigned duties. But the
old travel agents can use their existing login credentials to perform the login operation.
Identification of problem
Following are the steps by which cyber criminals perform the data breach of the
Norwegian Cruise Lines.
Cyber criminals look for the weaknesses of the security of the travel agent portal of
the Norwegian Cruise Lines. They found that, there was a credential dump.
After getting this issue of their travel agent portal, they made an initial contact with
the help of network attack (Bronk and Dewitte 2020). With the help of the network
attack, they infiltrated the network of the Norwegian Cruise Lines.
When the cyber-criminals were able to get into one computer of the Norwegian
Cruise Lines, they started performing the attack and tunnelled their way to make the
data of the company confidential. By this way, hackers or the cyber-criminals were
able to extract the data of the web portal of the travel agents.
The stakeholders of the Norwegian Cruise Lines (such as Vanguard Global Advisor,
Janus Capital Management LLC, BlackRock Fund Advisors, AQR Capital Management LLC
and many others) have faced worst consequences for this data breach. They lose lots of data
of them which are stored in the database of the Norwegian Cruise Lines (Chen et al. 2020).
For fixing their data, they need to invest a huge amount of money.
According to DynaRisk, because of this data breach, 29,969 agent records were
breached (#Privacy: Norwegian Cruise Line hit by data breach - PrivSec Report, 2020).
These agents were working for the Virgin Holidays, TUI and many others. DynaRisk
explained that travels agents of the organisation were at huge risk of being targeted by the
cyber criminals. As per DynaRisk, the Norwegian Cruise Lines were affected by some
5IS AUDIT REPORT
phishing emails as well as fraud. It could create a worst situation on the travel agents engaged
with the Norwegian Cruise Lines. But smaller business agents were out of the business.
Norwegian Cruise Lines mentioned that some personal information of the travel agents and
business information (such as business addresses and email) were compromised.
Audit approach and Potential solution
Information Security risks
Following risks are identified from the case study:
Data loss
Privacy of data
Reputational damage
Operational disruption
Financial Loss
ID Risks Consequence Likelihood Rating Implication
to the
business
1 Data loss Major Likely Extreme High
2 Privacy of
data
Major Likely Extreme High
3 Reputational
damage
Major Likely High High
4 Operational
disruption
Major Likely High High
5 Financial loss Major Likely High High
Figure 1: Risk register
Source: Created by author
From the above risk register, it can be said that, consequences of the data loss
is major for the data breach of Norwegian Cruise Lines because, the company losses a
huge amount of data of their registered travel agents. The likelihood of this risk is
likely (Gunduz and Das 2020). The rating of data loss is extreme because this risk
causes severe damages of data. The implication of this risk is high in the business of
the Norwegian Cruise Lines. The consequences of the privacy of data are major
phishing emails as well as fraud. It could create a worst situation on the travel agents engaged
with the Norwegian Cruise Lines. But smaller business agents were out of the business.
Norwegian Cruise Lines mentioned that some personal information of the travel agents and
business information (such as business addresses and email) were compromised.
Audit approach and Potential solution
Information Security risks
Following risks are identified from the case study:
Data loss
Privacy of data
Reputational damage
Operational disruption
Financial Loss
ID Risks Consequence Likelihood Rating Implication
to the
business
1 Data loss Major Likely Extreme High
2 Privacy of
data
Major Likely Extreme High
3 Reputational
damage
Major Likely High High
4 Operational
disruption
Major Likely High High
5 Financial loss Major Likely High High
Figure 1: Risk register
Source: Created by author
From the above risk register, it can be said that, consequences of the data loss
is major for the data breach of Norwegian Cruise Lines because, the company losses a
huge amount of data of their registered travel agents. The likelihood of this risk is
likely (Gunduz and Das 2020). The rating of data loss is extreme because this risk
causes severe damages of data. The implication of this risk is high in the business of
the Norwegian Cruise Lines. The consequences of the privacy of data are major
6IS AUDIT REPORT
because after this data breach, the privacy of data of the travel agent of Norwegian
Cruise Lines is a big issue. Likelihood of this risk is likely. The rating of the privacy
of the data is extreme because it may lead to decrease the trust, reputation, regulatory
penalties and many others of Norwegian Cruise Lines. Privacy of data has a high
implication on the business of the Norwegian Cruise Lines. Consequences of
Reputational damage are major because this data breach can be the main of the
decrease of the popularity of the company. Likelihood of this risk is likely. Rating of
this risk is high because data breach may lead to decrease the trust of the potential
consumers from the company (Guo et al. 2020). As a result of that the popularity of
the company can be decreased.
Reputational damage has a high implication to the business of Norwegian
Cruise Lines because due to reputational damage, number of consumers of the
company may be decreased. As a result of that, company authority may face a huge
amount of loss of revenue. Consequences of operational disruption are major because
it may lead to a huge loss of the company. Likelihood of this likely because the
probability of occurring this risk is very high (Kim and Choi 2020). Rating of this risk
is high because data breach results in complete loss of important data of the
Norwegian Cruise Lines which may require spending a long time to recovery.
This risk has a high implication to the business of the company because it may
lead to a huge amount of financial loss of the company. Consequences of the
financial loss are major because data breach, company may have to provide
some compensation to the affected travel agents.
Likelihood of this likely because probability of occurrence of this risk is very
high (Logan 2020). Rating of the financial loss is high because data breach may lead
to increase the security cost and reduce the share value. This risk has a high
implication to the business because financial loss may lead to loss of revenue of the
business.
Audit Plan, Objectives and procedures
At first, the IS auditor should check whether any authentication feature is
implemented in the IT assets and software used by the company because easy
accessibility of the computer system is biggest cause of the data breach (Mercer
2020). Here, IS auditor will verify regarding the condition of the firewall of the
because after this data breach, the privacy of data of the travel agent of Norwegian
Cruise Lines is a big issue. Likelihood of this risk is likely. The rating of the privacy
of the data is extreme because it may lead to decrease the trust, reputation, regulatory
penalties and many others of Norwegian Cruise Lines. Privacy of data has a high
implication on the business of the Norwegian Cruise Lines. Consequences of
Reputational damage are major because this data breach can be the main of the
decrease of the popularity of the company. Likelihood of this risk is likely. Rating of
this risk is high because data breach may lead to decrease the trust of the potential
consumers from the company (Guo et al. 2020). As a result of that the popularity of
the company can be decreased.
Reputational damage has a high implication to the business of Norwegian
Cruise Lines because due to reputational damage, number of consumers of the
company may be decreased. As a result of that, company authority may face a huge
amount of loss of revenue. Consequences of operational disruption are major because
it may lead to a huge loss of the company. Likelihood of this likely because the
probability of occurring this risk is very high (Kim and Choi 2020). Rating of this risk
is high because data breach results in complete loss of important data of the
Norwegian Cruise Lines which may require spending a long time to recovery.
This risk has a high implication to the business of the company because it may
lead to a huge amount of financial loss of the company. Consequences of the
financial loss are major because data breach, company may have to provide
some compensation to the affected travel agents.
Likelihood of this likely because probability of occurrence of this risk is very
high (Logan 2020). Rating of the financial loss is high because data breach may lead
to increase the security cost and reduce the share value. This risk has a high
implication to the business because financial loss may lead to loss of revenue of the
business.
Audit Plan, Objectives and procedures
At first, the IS auditor should check whether any authentication feature is
implemented in the IT assets and software used by the company because easy
accessibility of the computer system is biggest cause of the data breach (Mercer
2020). Here, IS auditor will verify regarding the condition of the firewall of the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7IS AUDIT REPORT
company. After that, IS auditor will check the presence of the security vulnerability of
the computer systems. Then, the IS security auditor will check the presence of
malware in the computer systems of the employees. After that, he or she will verify
regarding the application of proper cryptographic algorithms to the mobile
applications and other software of the company.
Following are the objectives of this security audit.
It gives a huge amount of protection to the sensitive data.
It helps to take update of the various compliance programs of the
Norwegian Cruise Lines.
This audit helps the security auditor to detect various loopholes
related to the information security (Novae et al. 2020).
Following are the steps to conduct the IS audit.
Defining the audit
In this case, the security auditor needs to list of all the possible
threats of the IT assets (such as computer systems, consumer data and
many others) of the company (Shahriar et al. 2020). If he or she has
long list of gadgets, then he or she needs to elaborate the security.
Defining the threats
In this case, auditor needs to list down the potential threats. The
threats are as follows:
Phishing attacks
Malicious insiders
Poor passwords behaviour
Assessment of current security performance
At this point, the auditor needs to evaluate the performance of
the current security infrastructure (Viganò, Loi and Yaghmaei 2020).
Risk scoring
At this point, the auditor needs to provide the priority of the
risks and gives appropriate scores to every risk.
company. After that, IS auditor will check the presence of the security vulnerability of
the computer systems. Then, the IS security auditor will check the presence of
malware in the computer systems of the employees. After that, he or she will verify
regarding the application of proper cryptographic algorithms to the mobile
applications and other software of the company.
Following are the objectives of this security audit.
It gives a huge amount of protection to the sensitive data.
It helps to take update of the various compliance programs of the
Norwegian Cruise Lines.
This audit helps the security auditor to detect various loopholes
related to the information security (Novae et al. 2020).
Following are the steps to conduct the IS audit.
Defining the audit
In this case, the security auditor needs to list of all the possible
threats of the IT assets (such as computer systems, consumer data and
many others) of the company (Shahriar et al. 2020). If he or she has
long list of gadgets, then he or she needs to elaborate the security.
Defining the threats
In this case, auditor needs to list down the potential threats. The
threats are as follows:
Phishing attacks
Malicious insiders
Poor passwords behaviour
Assessment of current security performance
At this point, the auditor needs to evaluate the performance of
the current security infrastructure (Viganò, Loi and Yaghmaei 2020).
Risk scoring
At this point, the auditor needs to provide the priority of the
risks and gives appropriate scores to every risk.
8IS AUDIT REPORT
Formulating the security solutions
At this point, the auditor needs to provide some security
solutions. These are as follows:
Awareness of employee education
Protecting email
Providing safety of the passwords and access management
Audit questions and documents
Following questions should be asked by the auditor.
What security policies are applied in the software by the company?
Do you measure the system vulnerabilities?
Does the company follow the software security guidelines?
Have you implemented any strong firewall?
The auditor needs to ask the management of the company for the IT security
document and Software Requirement Specification Document while performing the
auditing (Yamin, Katt and Gkioulos 2020).
Control recommendations
o For preventing data loss, the company needs to implement proper security
mechanisms to their software, so that intruders can not hack their software
(Guo et al. 2020). It helps the company to prevent data loss which enhances
the reputation of the company.
o With the help of state-of-art encryption strategy, the company can provide
privacy of data (Gunduz and Das 2020). It helps to enhance the trust of the
company among their travel agents and stakeholders.
o For preventing the reputational damage, the company needs to take strong
action against the privacy of data and data loss. It helps to get the back the
reputation.
o For preventing operational disruption, company needs to take some preventive
measure against the data breach. It helps the company to gain more revenue.
Formulating the security solutions
At this point, the auditor needs to provide some security
solutions. These are as follows:
Awareness of employee education
Protecting email
Providing safety of the passwords and access management
Audit questions and documents
Following questions should be asked by the auditor.
What security policies are applied in the software by the company?
Do you measure the system vulnerabilities?
Does the company follow the software security guidelines?
Have you implemented any strong firewall?
The auditor needs to ask the management of the company for the IT security
document and Software Requirement Specification Document while performing the
auditing (Yamin, Katt and Gkioulos 2020).
Control recommendations
o For preventing data loss, the company needs to implement proper security
mechanisms to their software, so that intruders can not hack their software
(Guo et al. 2020). It helps the company to prevent data loss which enhances
the reputation of the company.
o With the help of state-of-art encryption strategy, the company can provide
privacy of data (Gunduz and Das 2020). It helps to enhance the trust of the
company among their travel agents and stakeholders.
o For preventing the reputational damage, the company needs to take strong
action against the privacy of data and data loss. It helps to get the back the
reputation.
o For preventing operational disruption, company needs to take some preventive
measure against the data breach. It helps the company to gain more revenue.
9IS AUDIT REPORT
o For preventing financial loss, company needs to take some preventive
measures regarding the data breach (Cockcroft 2020). It helps to reduce the
security related cost to the company which leads to reduce the financial cost.
Conclusion
In this report, organisational background of the Norwegian Cruise Lines is discussed.
This report also discusses regarding the IT environment of the company. After that, this
report discusses regarding the procedure of the occurrence of the data breach and its impact
to the stakeholders as well as the company. Then, this report elaborates regarding the detailed
audit plan of the Norwegian Cruise lines. In my opinion, if the company follows the
recommended solution then they can easily avoid the data breach in near future.
o For preventing financial loss, company needs to take some preventive
measures regarding the data breach (Cockcroft 2020). It helps to reduce the
security related cost to the company which leads to reduce the financial cost.
Conclusion
In this report, organisational background of the Norwegian Cruise Lines is discussed.
This report also discusses regarding the IT environment of the company. After that, this
report discusses regarding the procedure of the occurrence of the data breach and its impact
to the stakeholders as well as the company. Then, this report elaborates regarding the detailed
audit plan of the Norwegian Cruise lines. In my opinion, if the company follows the
recommended solution then they can easily avoid the data breach in near future.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10IS AUDIT REPORT
References
Andoh-Baidoo, F. and Lee, J.U., 2020, January. Post Data Breach Use of Protective
Technologies: An Examination of Users’ Dilemma. In Proceedings of the 53rd Hawaii
International Conference on System Sciences.
Aung, W.P., Lwin, H.H. and Lin, K.K., 2020, February. Developing and Analysis of Cyber
Security Models for Security Operation Center in Myanmar. In 2020 IEEE Conference on
Computer Applications (ICCA) (pp. 1-6). IEEE.Ayaburi, E.,
Bronk, R. and Dewitte, P., 2020, January. Maritime Cybersecurity: Meeting Threats to
Globalization’s Great Conveyor. In Proceedings of the 53rd Hawaii International
Conference on System Sciences.
Chen, D.F., Zou, F., Zhang, L. and Yi, J., 2020, January. Research on the Breach of
Relationship Norms by Opportunistic behavior in the Context of Big Data. In Journal of
Physics: Conference Series (Vol. 1437, No. 1, p. 012113). IOP Publishing.
Cockcroft, S., 2020. Securing the commercial Internet: Lessons learned in developing a
postgraduate course in information security management. Journal of Information Systems
Education, 13(3), p.7.
Covert, Q., Steinhagen, D., Francis, M. and Streff, K., 2020, January. Towards a Triad for
Data Privacy. In Proceedings of the 53rd Hawaii International Conference on System
Sciences.
Desai, M. and Jaiswal, S., 2020. Importance of Information Security and Strategies to Prevent
Data Breaches in Mobile Devices. In Improving Business Performance Through Innovation
in the Digital Economy (pp. 215-225). IGI Global.
Gunduz, M.Z. and Das, R., 2020. Cyber-security on smart grid: Threats and potential
solutions. Computer Networks, p.107094.
Guo, Y., Lou, X., Bajramovic, E. and Waedt, K., 2020. Cybersecurity risk analysis and
technical defense architecture: Research of ICS in nuclear power plant construction stage.
In Proceedings of the 3rd IAEA International Conference on Nuclear Security: Sustaining
and Strengthening Efforts (ICONS 2020)(to appear).
Kim, S. and Choi, M., 2020. Educational requirement analysis for information security
professionals in Korea. Journal of Information Systems Education, 13(3), p.11.
Logan, P.Y., 2020. Crafting an undergraduate information security emphasis within
information technology. Journal of Information Systems Education, 13(3), p.3.
References
Andoh-Baidoo, F. and Lee, J.U., 2020, January. Post Data Breach Use of Protective
Technologies: An Examination of Users’ Dilemma. In Proceedings of the 53rd Hawaii
International Conference on System Sciences.
Aung, W.P., Lwin, H.H. and Lin, K.K., 2020, February. Developing and Analysis of Cyber
Security Models for Security Operation Center in Myanmar. In 2020 IEEE Conference on
Computer Applications (ICCA) (pp. 1-6). IEEE.Ayaburi, E.,
Bronk, R. and Dewitte, P., 2020, January. Maritime Cybersecurity: Meeting Threats to
Globalization’s Great Conveyor. In Proceedings of the 53rd Hawaii International
Conference on System Sciences.
Chen, D.F., Zou, F., Zhang, L. and Yi, J., 2020, January. Research on the Breach of
Relationship Norms by Opportunistic behavior in the Context of Big Data. In Journal of
Physics: Conference Series (Vol. 1437, No. 1, p. 012113). IOP Publishing.
Cockcroft, S., 2020. Securing the commercial Internet: Lessons learned in developing a
postgraduate course in information security management. Journal of Information Systems
Education, 13(3), p.7.
Covert, Q., Steinhagen, D., Francis, M. and Streff, K., 2020, January. Towards a Triad for
Data Privacy. In Proceedings of the 53rd Hawaii International Conference on System
Sciences.
Desai, M. and Jaiswal, S., 2020. Importance of Information Security and Strategies to Prevent
Data Breaches in Mobile Devices. In Improving Business Performance Through Innovation
in the Digital Economy (pp. 215-225). IGI Global.
Gunduz, M.Z. and Das, R., 2020. Cyber-security on smart grid: Threats and potential
solutions. Computer Networks, p.107094.
Guo, Y., Lou, X., Bajramovic, E. and Waedt, K., 2020. Cybersecurity risk analysis and
technical defense architecture: Research of ICS in nuclear power plant construction stage.
In Proceedings of the 3rd IAEA International Conference on Nuclear Security: Sustaining
and Strengthening Efforts (ICONS 2020)(to appear).
Kim, S. and Choi, M., 2020. Educational requirement analysis for information security
professionals in Korea. Journal of Information Systems Education, 13(3), p.11.
Logan, P.Y., 2020. Crafting an undergraduate information security emphasis within
information technology. Journal of Information Systems Education, 13(3), p.3.
11IS AUDIT REPORT
Mercer, S.T., 2020. The Limitations of European Data Protection As A Model for Global
Privacy Regulation. AJIL Unbound, 114, pp.20-25.
Ncl.com. 2020. Cruise Freedom™ | Norwegian Cruise Line | Technology And Mobile Apps.
[online] Available at: <https://www.ncl.com/in/en/cruise-freedom> [Accessed 19 April
2020].
Ncl.com. 2020. Cruises & Cruise Deals | Caribbean Cruise Holidays | Norwegian Cruise
Line. [online] Available at: <https://www.ncl.com/shorex/login> [Accessed 19 April 2020].
Ncl.com. 2020. Cruises & Cruise Deals | Plan Your Cruise Holiday | NCL. [online]
Available at: <https://www.ncl.com/in/en/> [Accessed 19 April 2020].
Novaes Neto, N., Madnick, S., de Paula, M.G. and Malara Borges, N., 2020. A Case Study of
the Capital One Data Breach. Stuart E. and Moraes G. de Paula, Anchises and Malara
Borges, Natasha, A Case Study of the Capital One Data Breach (January 1, 2020).
PrivSec Report. 2020. #Privacy: Norwegian Cruise Line Hit By Data Breach - Privsec
Report. [online] Available at: <https://gdpr.report/news/2020/03/23/privacy-norwegian-
cruise-line-hit-by-data-breach/> [Accessed 19 April 2020].
Shahriar, H., Whitman, M., Lo, D., Wu, F. and Thomas, C., 2020, February. Case Study-
based Portable Hands-on Labware for Machine Learning in Cybersecurity. In Proceedings of
the 51st ACM Technical Symposium on Computer Science Education (pp. 1273-1273).
Viganò, E., Loi, M. and Yaghmaei, E., 2020. Cybersecurity of critical infrastructure.
Yamin, M.M., Katt, B. and Gkioulos, V., 2020. Cyber ranges and security testbeds:
Scenarios, functions, tools and architecture. Computers & Security, 88, p.101636.
Mercer, S.T., 2020. The Limitations of European Data Protection As A Model for Global
Privacy Regulation. AJIL Unbound, 114, pp.20-25.
Ncl.com. 2020. Cruise Freedom™ | Norwegian Cruise Line | Technology And Mobile Apps.
[online] Available at: <https://www.ncl.com/in/en/cruise-freedom> [Accessed 19 April
2020].
Ncl.com. 2020. Cruises & Cruise Deals | Caribbean Cruise Holidays | Norwegian Cruise
Line. [online] Available at: <https://www.ncl.com/shorex/login> [Accessed 19 April 2020].
Ncl.com. 2020. Cruises & Cruise Deals | Plan Your Cruise Holiday | NCL. [online]
Available at: <https://www.ncl.com/in/en/> [Accessed 19 April 2020].
Novaes Neto, N., Madnick, S., de Paula, M.G. and Malara Borges, N., 2020. A Case Study of
the Capital One Data Breach. Stuart E. and Moraes G. de Paula, Anchises and Malara
Borges, Natasha, A Case Study of the Capital One Data Breach (January 1, 2020).
PrivSec Report. 2020. #Privacy: Norwegian Cruise Line Hit By Data Breach - Privsec
Report. [online] Available at: <https://gdpr.report/news/2020/03/23/privacy-norwegian-
cruise-line-hit-by-data-breach/> [Accessed 19 April 2020].
Shahriar, H., Whitman, M., Lo, D., Wu, F. and Thomas, C., 2020, February. Case Study-
based Portable Hands-on Labware for Machine Learning in Cybersecurity. In Proceedings of
the 51st ACM Technical Symposium on Computer Science Education (pp. 1273-1273).
Viganò, E., Loi, M. and Yaghmaei, E., 2020. Cybersecurity of critical infrastructure.
Yamin, M.M., Katt, B. and Gkioulos, V., 2020. Cyber ranges and security testbeds:
Scenarios, functions, tools and architecture. Computers & Security, 88, p.101636.
12IS AUDIT REPORT
Appendix
Case study URL: https://gdpr.report/news/2020/03/23/privacy-norwegian-cruise-line-hit-by-
data-breach/
Appendix
Case study URL: https://gdpr.report/news/2020/03/23/privacy-norwegian-cruise-line-hit-by-
data-breach/
1 out of 13
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.