Information Security Report: OPM Data Breach Analysis

Verified

Added on 2023/05/30

AI Summary

This report analyzes the 2015 OPM data breach, examining the underlying information security issues and their impact on privacy, civil liberties, and intellectual property. The analysis highlights the failure to adhere to Critical Security Controls (CSCs) and the Federal Information Security Management Act (FISMA) standards, leading to the exposure of 20 million user records. The report discusses the significance of cyber-crime, unauthorized access, and malicious malware, and emphasizes the role of intellectual property rights, patents, and trademarks in securing sensitive data. It proposes the implementation of robust information security frameworks and policies, advocating for encryption, proper IT security budgets, and adherence to regulations to prevent future breaches. The report stresses the importance of proactive measures by CIOs and IT departments to safeguard data and protect against various cyber threats.

Running Head: INFORMATION SECURITY 0
Information Security
Individual Task
Student name

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Information Security
1
Table of Contents
Analysis of security issues...............................................................................................................1
References........................................................................................................................................2

Information Security
2
Analysis of security issues
The United States Office of Personnel Management (OPM) is facing data breach problem in
which 20 million user data is leaked personally identifiable information form their server. There
are some issues related to the organization privacy. Organizations having many intellectual
properties, but few issues are arising in some cases related to security. There is some personal
information of a vendor at their portal but when they share that information on the internet with
other person, it will be an issue of security. Federal Information Security Management Act
(FISMA) is a standard audit for checking safety about personal data of various persons, such as
coworkers, friends, family.
Privacy has become a huge topic in the information security in present scenario. Many
organizations are exchanging, purchasing, collecting and selling information for growth of
organization, so they are looking for protection of their privacy through government agencies as
well as personal security systems.
Critical Security Controls (CSCs) is applicable in that type of incident, which is published by the
Center for Internet Security (CIS). Information Security is a huge research filed in present time,
as every organization is having their secure data related to products and services at their end.
Privacy is also a concerned thing about this issue.
OPM is not following CSC and they faced that data breaches. It is a lesson for federal CIOs.
OPM is facing this problem because of not following CSC’s for managing databases. They
should provide proper budget for the IT security department. So there should be encryption
techniques for data transfer and if someone trying to break that security, then it will be a
punishable offence (Bulgurcu, et al., 2010).
Cyber-crime is a biggest issue for information security. It has different types, such as identity
theft, copyright infringement, click fraud, unethical hacking, and viruses. Unauthorized access is
an issue for information security system. Although, all the systems having username and
password for accessing a system, but hackers break the authorization and leak the data from the

Information Security
3
system. Sometimes they just damage data from the help of viruses. There are many malicious
malwares on the web, such as ransomware and threats (Humphreys, 2008).
Government is also facing these types of attacks in their databases. There are few laws and rules
for securing information. Some communities are responsible for handling crimes, which are
related to the cyber (Tipton & Nozaki, 2007).
It is a responsibility of the IT department for securing their databases form data breaches. CIO
must take actions for implementation of different CSC to safeguard the personal data of their
organization. Intellectual property rights are so helpful in this thing. Patents and trade-off are the
best way to securing information and innovation of an organization. Intellectual property
provides a security for all the personal information and documents. CSC provides prevention of
data and information sharing from the authenticable source. CSC provides open source hashing
tools for detection of data breaches. If, it is used by the OPM then they cannot lose millions of
PII data.
It is lesson for the OPM that always follow the rules and regulations as well as fulfill the
standards according to the FISMA. Patents are the best way for securing own work and it is a
proper way for using their personal creation. Trademarks are also providing information for
information security of an organization, such as sign, design, and products. Trade secrets are
providing helps in case of securing particular formula, practice, and compilation of information
(Zhang, et al., 2010).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Information Security
4
References
Bulgurcu, . B., Cavusoglu, H. & Benbasat, I., 2010. Information security policy compliance: an
empirical study of rationality-based beliefs and information security awareness. MIS quarterly,
34(3), pp. 523-548.
Humphreys, E., 2008. Information security management standards: Compliance, governance and
risk management. information security technical report, 13(4), pp. 247-255.
Tipton, H. F. & Nozaki, M. K., 2007. Information security management handbook. USA: CRC
press..
Zhang, X., Wuwong, N., Li, H. & Zhang, X., 2010. Information security risk management
framework for the cloud computing environments.. s.l., IEEE, pp. 1328-1334.