Charlette_Tallant_Unit_2_Case Study 1

docx

School

Post University *

*We aren’t endorsed by this school

Course

120

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

4

Uploaded by MajorCrownVulture37

Report
Case Study 1: Security Consultant Suffers Cyberattack Charlette Tallant Post University CIS120_30 1/21/2024
Identify what you believe to be the area of most severe consequences for Deloitte-direct impact, business disruption, recovery, legal, or reputation. Justify your response. The most severe consequence for Deloitte would be reputation damage. Deloitte is a company that has tens of thousands of dedicated professionals in independent firms throughout the world to provide audit, consulting, financial advisory, risk management, tax, and related services to select clients. Deloitte contributes to society, building confidence and trust, upholding integrity, and supporting the community. They lead the profession by challenging themselves to do what matters most, delivering innovative ideas that reflect their unique capabilities. For the reputation is about inclusion, collaboration, high performance, and purpose. Deloitte is routinely recognized as on the best workplaces in the US, they strive to be an organization where professionals can thrive. Therefore, when the breach took place, it took away from their reputation that became an embarrassment. How would you evaluate Deloitte’s response to this cyberattack? What did they do well? Where could they have done better? Discovering unauthorized access to the email platform, as part of their standard and comprehensive incident response process, which included mobilizing a team of cyber-security and confidentiality experts inside and outside of Deloitte. (Key facts about the Deloitte email cyber-incident, 2017) Deloitte’s team immediately contained the attack and made sure of the size and scope of the attack. They contacted the clients that were impacted and alerted the authorities about the breach. The shocking fact about the breach is that it went unnoticed for months, which points out the inefficiency of their data system to identify potential or actual data threat. Identify the three highest priority changes that need to be made to the Deloitte security program.
The attack was discovered to be the result of an administrative account not having multi-factor authentication. That should be the highest priority for Deloitte to include in their data structure. Deloitte’s immediate attention should be adding extra layers of protection such as IP listings, and user behavior analytics that will help to identify outside sources accessing administrative accounts. (Graves, 2017) One critical control is encryption so email exchanges cannot be read without the participants’ keys. Another is to regularly scrub emails wherever they reside. (Stiennon, 2017)
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
References: https://www2.deloitte.com/us/en/pages/advisory/articles/data-privacy-as-a-strategic- priority.html; https://www.helpnetsecurity.com/2017/09/25/industry-reactions-deloitte- cyber-attack ; Key facts about the Deloitte email cyber-incident, 2017

Related Documents

RBrown_Module 03 Assignment - Security Threats and Countermeasures_021824.pdf
1.4 Capstone Case Project- Getting Started.docx
ProjectReportWordDoc-2.docx
CTI2318-2102-Lab3-Jenifer Rodriguez .pdf
CTI2318-2022-Lab1-Jenifer-Rodriguez.docx
DAT 260 Project .docx
Case Study 1 Facebook Building Efficient.docx
Charlette_Tallant_Unit5_Module_6_Business-Driven_Decision-Making_Exercises.docx
2.3Learning Platform _ CompTIA.pdf
Charlette_Tallant_Unit5_CaseStudy_Business Intelligence and Analytics in Major League Baseball.docx
3.6.10 Practice Questions.pdf
CREPID method.docx