In our previous session, we discussed, risk. In information security, a simple formula for risk is
Risk = Probability x Impact. When risks aren’t managed adequately, security incidents (violations of policy or harm to a company), or worse, breaches (loss of data or records) can be a result. Today, you will be writing an essay based on a recent breach. You can submit the essay directly in iLearn, or attach a file (txt or docx).
1. Provide a link to the article or articles you reference.
2. Review the list of breaches that have been documented here. Select one breach, or find your own that has occurred in the last 3 months. You can use the internet to collect more information about the breach.
3. Describe what lead to the breach using the terms we learned in the last session (Risk, Probability, Impact, Vulnerability, Threat Actor) to briefly outline what happened.
4. What controls would you implement to help prevent a recurrence of this breach or mitigate the damage? Use the terms we discussed last week (Administrative, Physical, Technical, and Detective, Preventative, Corrective), along with concepts we discussed this week (Defense in Depth), and the controls.