Case Study – Losing Data Hurts

Case Study – Losing Data Hurts

In case of a large-scale loss of customer data, an organization ought to act quickly by communicating with clients about the loss of their data. This contains full information on the type of breach, type of data leaked, and possible threats that come with breach incidences. The lender’s credit profile may also be harmed, and the company should provide resources, such as credit checks, to minimize the impact. Furthermore, they should often go through the security measures taken to ensure that such incidents will not recur.

The various forms of threat related to corporate data are hacking, social engineering, system and human errors, and insider threats. SANS has reported hacking as the number one cause of data loss incidences that impact millions of people. Social engineering and human errors are especially dangerous in such lines of business as insurance, while the danger of an insider threat, though decreased, stays rather high.

The more often data loss admissions occur, the higher the levels of suspicion that consumers have toward firms accepting their personal details. This willingness may decrease if consumers realize that corporations do not adequately protect the data shared by consumers. This could make for impersonal and distrustful relationships between the customer and companies that they previously trusted with their data.

A corporation should evaluate the nature of information processed to establish the level of risk that is required to meet at a given time. This entails establishing areas of risk and threats as well as opportunities and weaknesses for the organization and then allocating resources to address those risks. To safeguard data, it is crucial to incorporate proper security measures for business resources and train the employees; it is also necessary to conduct a data protection audit periodically.

Among various sectors, the health sector is most vulnerable to threats that stem from social engineering attacks and system or human errors since such threats act on an organization’s weaknesses. Employees can be deceived into releasing a company’s information or make errors in security. This sector stores and processes large amounts of personal information from the individuals the organization’s business relates to, which makes this sector vulnerable to such attacker’s methods.

Insider threat is now a cause of concern to corporations because employees or contractors with authorization to access sensitive information can maliciously or inadvertently compromise the organization’s information. In addition, inside threats can be tricky to crack because the attackers have legal permission to use the company’s systems and information. Although this class of threats has recently somewhat decreased, it is still highly significant.

Some of the reasons why data loss incidents have increased in the last few years are as follows. One relevant cause is the rising incidence of diverse and complicated cyber threats, including hacking. Data loss has surged in the last five years, particularly the last two years, with a 40 percent increase in public-reported data loss incidences (Boyle, 2020). This is because the nature of threats changes over time due to developments in technology and improvements in the capabilities of the hackers.

Implementing auditing tools can go a long way in minimizing data losses through constant surveillance and evaluation of the data undertakings at the business organization. These tools continuously monitor the access to confidential information and alert users about activity that other system users could interpret as suspicious or as an act of misuse. In this process, compliance with the data protection policies can be checked, and possible weaknesses can be worked out through structural and document audits. Auditing tools help reveal suspicious patterns when numerous logins, deletions, modifications, and other activities relating to data are recorded, thereby enabling organizations to counteract the possibility of leakage before it happens.

To facilitate initial, adequate, and standard policies for data protection, the overall procedure that an organization should adopt entails an organization risk appraisal to determine the type of data the organization deals with and the dangers affecting the data in question. They may come up with coherent policies that would detail the areas of responsibility of employees, particularly concerning data access and the use of the data in question. Employees must be trained on data security initiatives and the necessity to follow these measures in the organization’s policies.

References

Boyle, R. J. (2020). Corporate computer security, global edition (5th ed.). Pearson Education (US).

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

Analyze the “Losing Data Hurts” case study following the conclusion of Chapter 9 in the textbook, and then address the prompts below.
1. How should a corporation respond to a large-scale loss of customer data?
2. How might a corporation be hurt by acknowledging a large-scale data loss?

Case Study – Losing Data Hurts

3. As data loss admissions become more widespread, how could they affect consumers’ willingness to share information with corporations?
4. How should a corporation decide the appropriate level of resources to devote to securing its data?
5. Why is the health care sector such a big target for data thieves?
6. Why are corporations worried about insider threats with respect to data loss?
7. Why have the incidents of data loss seen a rise in the past few years?
8. Determine how using auditing tools can help prevent data losses.
9. Determine how to have standard and sufficient policies for securing data.
Organize your information, and present it in a well-organized two-page paper. If outside sources are used, please adhere to APA Style when creating citations and references for this assignment. APA formatting, however, is not necessary.