Case 1: The Cambridge Analytica-Fb Knowledge Scandal
1) What Went Improper i. Fb misused information in 2018
ii. The publicity of Cambridge Analytica; iii. The questioning of information security and the disclosure laws for private information.
2) Prevention i. Knowledge auditing ii. Knowledge harvesting and use transparency
iii. stringent information customers’ coverage
3) Applied measures i. Restrictions on the usage of private info ii. Preauthorization to entry the person’s info
iii. Functions Evaluate iv. Restricted information entry for unverified apps
4) Consequence i. Manipulation of the outcomes of the 2020 US Elections ii. Restricted information entry for real researchers
Case 2: Yahoo Case 2013
1) What Went Improper i. The absence of an exhaustive safety technique.
ii. No procedures to safe a corporation’s servers and private person info, akin to names, passwords, and phone numbers, in a complete method.
2) Prevention i. Complete insurance coverage protection utilization
ii. Notification of the assault to members to keep away from extra harm
3) Applied safeguards, akin to methods for passwords on demand
ii. information encryption for emails.
iii. Passwords for non-Yahoo providers change.
4) Consequence i. Monetary loss
ii. Authorized fits
Greater than 1 / 4 of its three billion clients deserted Yahoo for alternate options akin to Gmail.
Case 3: Salem Hospital Knowledge Breach
1) What Went Improper i. Unauthorized entry to the e-mail accounts of employees
ii. A hacker obtained sure hospital information, together with names, therapy info, and start dates.
2) Prevention i. Strengthen e-mail safety to forestall unlawful entry.
ii. Safe trade of affected person info iii. Safe personal recordsdata for workers
iv. Workers don’t use private e-mail to trade or hold affected person info.
3) Applied measures
i. Institution of a extra stable software basis and IT infrastructure.
ii. Fast investigation to determine the perpetrator iii. Securing all e-mail accounts
iv. Strict coaching for personnel
4) Consequence i. No information misuse
ii. Fast safety restoration
Employees coaching program
Case 4: Well being Breach in Utah
1) What Went Incorrect
Utah Division of Know-how servers compromised
ii. Compromised the information of 21,000 present and former purchasers iii. Laptop malware, requiring the person to click on F12 on the browser, inadvertently gathered person information
2) Prevention i. Compliance with laws, requirements, and necessities
ii. clarification of the administration management; iii. compliance with Well being Insurance coverage Portability and Accountability Act (HIPAA) laws.
3) Applied measures
i. Implement the HIPAA coverage in opposition to encryption.
ii. Revise antiviral insurance policies
iii. Ongoing Schooling for Workers iv. Implementation of the BYOD Coverage v. Privateness of Networks