University of Innovation: Data Breach Incident Response Plan Report

Verified

Added on 2022/09/12

AI Summary

This report outlines an incident response plan developed for the University of Innovation following a data breach. The plan addresses the severity of the breach, which potentially exposed student personal and payment information. It details the formation of an investigation team, including database administrators and advisors from the National Crime Agency, to analyze the breach's causes and implement mitigation strategies. The plan emphasizes immediate actions, such as redirecting data to a redundant server to ensure data access and business continuity. It also outlines measures for containing, recovering, and preventing future incidents, including integrating access controls, auditing network security, and developing a disaster recovery plan. The report emphasizes the importance of confidentiality and a proactive approach to data security to safeguard student information and maintain operational integrity.

As per initial investigation, it is
identified that organizational
database has been hacked and
therefore, severity of this data
breach is significant as it might have
provided hackers access to student
personal information including
payment information as well
(Manworren, Letwat and Daily
2016).
The severity level of a data breach for the
University
Increased awareness among
students for not sharing their
account password to anyone (Brown
2016).
Access control needs to be
integrated with database for
restricting illegal access to data
(Gressin 2017).
Audit network security and online
activities of students needs to be
analyzed for enhancing security and
privacy of data as well (Trim and Lee
2019).
A plan for disaster recovery and business
continuity
In this incident response an
investigation team will be designed
for analyzing this data breach in
details to identify its reasons and
providing mitigation strategies as
well (Cheng, Liu and Yao 2017).
This investigation team will contain
database administrator of university
database, advisor from the national
crime agency and other team
members of information security
team as well.
The groups that are involved in incident
response
Once it is identified that main
database is hacked, data will be
redirected to another redundant
server within 10 to 12 hours and any
online activities involving to
database will not be allowed
(Gressin 2017). All network
connections within university will be
redirected to this new server for
ensuring data access. Access to
original data server will be regained
after issues is resolved and this will
be done within2 to 3 days.
Measures to contain, recover and prevent
similar incidents
Information on data breach in University of Innovation
References:
Brown, H.S., 2016. After the data breach: Managing
the crisis and mitigating the impact. Journal of
business continuity & emergency planning, 9(4),
pp.317-328.
Cheng, L., Liu, F. and Yao, D., 2017. Enterprise data
breach: causes, challenges, prevention, and future
directions. Wiley Interdisciplinary Reviews: Data
Mining and Knowledge Discovery, 7(5), p.e1211.
Gressin, S., 2017. The equifax data breach: What to
do. Federal Trade Commission, 8.
Manworren, N., Letwat, J. and Daily, O., 2016. Why
you should care about the Target data breach.
Business Horizons, 59(3), pp.257-266.
Trim, P. and Lee, Y.I., 2019. Cyber security,
communication and risk management. Sécurité &
Stratégie, 32(April), pp.26-31.
Created by: