Physical Access SecurityCIS560: Security Access/Control Stra, Lecture notes of Accounting

Physical Access SecurityCIS560: Security Access/Control StrategyArticle 1: Absa bank embroiled in data leak The first article I selected highlights the security breach that occurred at Absa bank. Absa is a South-Africa based financial services group that provides both business and personal banking along with wealth management services. They currently hold assets in excess of $91 billion. As such, this makes them a desirable target for theft and fraud. Absa notified its clients and customers of an oisolated internal data leak? via email on Monday November 30th, 2020. They did not release when this leak was discovered, nor have they been able to pinpoint when the data leak started. Absa determined that personally identifiable information (PII) was included in the breach. This includes ID numbers unique to accounts, home addresses, account numbers, and other sensitive information was externally leaked. It is not known how many banking customers were impacted from the attack, but Absa pla

Typology: Lecture notes

2023/2024

Available from 07/07/2024

helperatsof-1
helperatsof-1 🇺🇸

4.2

(5)

14K documents

1 / 7

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Irias1
Running header: Physical Access Security
Physical Access Security
CIS560: Security Access/Control Strategy
Article 1: Absa bank embroiled in data leak
The first article I selected highlights the security breach that occurred at Absa bank. Absa
is a South-Africa based financial services group that provides both business and personal
pf3
pf4
pf5

Partial preview of the text

Download Physical Access SecurityCIS560: Security Access/Control Stra and more Lecture notes Accounting in PDF only on Docsity!

Running header: Physical Access Security Physical Access Security CIS560: Security Access/Control Strategy Article 1: Absa bank embroiled in data leak The first article I selected highlights the security breach that occurred at Absa bank. Absa is a South-Africa based financial services group that provides both business and personal

Physical Access Security banking along with wealth management services. They currently hold assets in excess of $ billion. As such, this makes them a desirable target for theft and fraud. Absa notified its clients and customers of an “isolated internal data leak” via email on Monday November 30th, 2020. They did not release when this leak was discovered, nor have they been able to pinpoint when the data leak started. Absa determined that personally identifiable information (PII) was included in the breach. This includes ID numbers unique to accounts, home addresses, account numbers, and other sensitive information was externally leaked. It is not known how many banking customers were impacted from the attack, but Absa plans to collect a random pool of customer accounts to verify recent transfers. If anything seems suspicious or out of the ordinary, Absa will contact those clients to verify those transactions. There is currently no knowledge of the financial impact that was taken, but additional security measures are being taken. The financial services group has blamed the incident on a rouge employee. Criminal charges have been brought against the individual responsible. It is also noted that data was found on devices and those devices have since been destroyed. This incident comes at a time after the company was named the Non-profit team of the year in the 2020 Cyber Security Awards. This incident could have been prevented or at least minimized with some intervention between the rogue employee and management. Typically, management should be alerted of an employee who is running into issues on the job. It usually starts with dissatisfaction in the workplace, unsolicited harassment from others, or extreme opinion on job responsibilities. These people who raise these red flags consistently may end up being the ones who commit violations within the workplace. This could have been caught and addressed with the employee. Even if this employee was terminated, their access should have been removed immediately. This stems

Physical Access Security This has resulted in millions of dollars in payout and restitution, including $180 million for all payouts. Upon entering this compliance agreement, they are required to make payments to the states in which they filed with. These payments are still being tallied but have already passed $ million. This is a huge financial hit for Home Depot. Now that state and federal lawsuits are involved, upper management understands that they cannot simply pay their way out of this. They have heightened security obligations that they must meet. They are required to appoint a Chief Information Security Office who will be responsible for implying and maintaining their security program. They’ll have a direct line of management to report to along with a designated team for support. I’m surprised that Home Depot, as large as they are, did not already have this in place. This move seems very irresponsible and reactive of them. This enterprise should have implemented something like this well in advanced to prevent such incident from happening. Additional requirements for the Home Depot include new encryption policies, PCI-DSS compliance, and improved audit policies. Their laundry list of safeguards displays their lack of information security as a whole. Both employees and customers have been in high risk this entire time of data breach. This is gross neglect of company safeguarding, and I hope that the Home Depot finds this as a sobering wake up call.

Physical Access Security https://www.natlawreview.com/article/data-breaches-can-cost-plus-ongoing-obligations-ask- home-depot-lessons-and-takeaways Article 3: Kmart suffers ransomware attack Kmart is already seeing struggles as a business, exacerbated by the COVID 19 pandemic. Kmart announced that they suffered a ransomware attack last week. The incident involved encrypted devices and servers that were connected to the company’s networks. From there, the devices were able to eliminate back-end servers and gain access to the network. The note that was left indicated that the Windows domain was compromised. No definite details were released about what kind of information was taken or compromised. In an attempt to save Kmart financially, the company was purchased by Transformco in

  1. They were apparently impacted by this attack as well. This attack comes at an especially bad time for the holidays, so this attack was definitely premediated. The group responsible was Egregor, a group who specialize in ransomware attacks. They set up their attacks before threatening a mass media release in exchange for money or corporate information. They have claimed to hack other big corporations such as Ubisoft and Barnes & Noble. All companies are susceptible to ransomware attacks. What makes them unpredictable is that the data extraction may or may not contain sensitive information. It isn’t immediately known because this data is being held hostage until an exchange is agreed upon. If it isn’t the company simply has to wait until the information is released. At this point, Kmart or other businesses have lost control of the potentially damaging data leak. Prevention can become very difficult in the case of sophisticated ransomware attacks. But, it all begins with inadequate data security. Encryption and tokenization techniques can help

Physical Access Security Lastly, security testing is never mentioned in these data breaches. All of these new initiatives and practices can be put into play, but extensive testing needs to be done to assess the risk both internally and externally. In the event of major data breaches, it is understandable that first priority is to stop the bleeding. Access control does not stop there. CIOs and their staff have to learn to heal these wounds properly by testing the strategies that have been put in place. The recovery plan needs to be tested both on a technological level and a human one. Your staff needs to understand what they can do to mitigate the attack while and after it has happened. This will help further build that security culture.