MKTwain - CMGTCB-559 - Comp 3 Reflection

docx

School

University of Phoenix *

*We aren’t endorsed by this school

Course

559

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

3

Uploaded by PrivateOtterPerson4789

Report
Mark Twain December 16, 2023 CMGTCB/559 – Competency 3 Reflection Recent Cyber Security Attacks Over the last few years cyber security incidents have seen an increase in many industries, however, lately they seem to be targeting healthcare systems. There are several theories as to why these events have been targeting healthcare systems, but the simple answer is that there are vast amounts of data on individuals that the healthcare system collects, utilizes, and stores. The sensitivity and amount of this data is very valuable to hackers, and so much can be gained from one breach, such as PII, financial information, medical records, and even dependents or family members of those victims of the breach. Most recently, Norton Healthcare, based in Kentucky, was the victim of such a breach. In May of 2023, Norton Healthcare experienced a breach that resulted in data on patients and employees to be compromised, at first Norton started it was about 501 individuals that had been affected. Now in December, 7 months into the investigation, they have concluded that the breach may have affected up to 2.5 million individuals! Norton claims that the ransomware attack resulted in data such as names, contact info, social security numbers, date of birth, health information, insurance information, as well as financial information to be compromised, however medical records and user MyChart accounts were not affected. The information that they did say was compromised is enough to be highly valuable to hackers. Developing an Incident Response Plan First of all, it should be common practice for institutions that hold this amount of data on individuals to have safeguards in place so that when such a breach occurs, the information obtained cannot be directly linked to an individual. For example, all information collected from a patient should be assigned to a patient number, this patient number should be used for all matters pertaining to their treatment and health in their health records file. Apart from that, that patient number will be assigned to the patient’s name, and DOB in a highly secure database that doesn’t reside on the same network or storage devices that the health information is on, this way if the data breach is in one database, it doesn’t necessarily mean they have access to all the information of this patient that is stored on a different database. In the event of a breach, if systems are put in place and configured as such, the network will take risk mitigation steps to avoid more data from being accesses by separating itself from the health information database in order to secure the PII of the patients. Amazon Web Services has services that can automatically put things into motion depending on what they are programmed to do, such as shutting down storage devices/ containers that have been breached while backing it up in other containers that were previously set up to do so in such an event. This is an option that I would put into an incident response plan, by having automated services and intrusion detection systems in place, this can reduce the amount of data accessed during a breach or even stop a breach as soon as it is detected. Having cloud services with redundancies built into them in case of a breach will help mitigate these risks.
Here’s an example; a system has detected that there are attempts to access it that are not from a common place or by an authorized user, the system deploys its mitigation programming that was defined previously by those who set it up. As the intrusion is detected, the system either automatically backs itself up on another encrypted storage device before shutting itself down on the compromised side or has already backed itself up earlier in the day and immediately shuts down the compromised storage device to prevent a full breach and access to its data. In either case, the system redeploys itself to the organization in a new e topic of most value would be ncrypted way and minimizes downtime that may have resulted from the breach. This will only be possible if steps are taken to set this up in the event of a breach during the creation of the incident response plan. A plan such as this will have had to been explained and presented to senior management with data that shows how often breaches to healthcare systems happen so that the plan can be ready for “when” this happens, not “if” it happens. The incident response plan can even be tested by using a test environment within the Amazon Web Services dashboard where a mock-breach can be set up. Certified Information System Manager Industry Exam There are several cyber security certifications in the industry, depending on your industry, role or career aspirations, one certification may be best suited for your career path. In my current path, if I were to pursue a CISM certification, I believe the Information Security Risk Management topic would be most valuable because this topic focuses on what to look out for, how to stay on top of these threats in your given industry and how to make sure your organization and response is best suited to respond to this risk. It also will help in providing guidance on developing the appropriate response to a risk that may happen in the organization. Taking the exam and obtaining the certification will help me in coordinating my team to develop a proactive approach to risk management, instead of the usual reactive response once we’ve been affected by a breach. Having the certification and knowledge will also help me in being able to justify the costs of developing mitigation plans when asking for budget allocations from the financial executives. Knowing how to walk-the-walk and talk-the-talk will only get me so far, but having the certification backing will show senior management that I know what I am talking about, thus helping me advance in my role at my organization.
References NOTICE OF SECURITY INCIDENT . (2023). Norton Healthcare. https://nortonhealthcarecom/news/norton- healthcare-network-update/ Alder, S. (2023, December 11). Norton Healthcare Data Breach: Up to 25 Million Affected . Norton Healthcare Notifies 2.5 Million Individuals About May 2023 Ransomware Attack. https://www.hipaajournal.com/norton- healthcare-data-breach/ What is covered on the CISM exam? (2023). DOMAIN 2 – INFORMATION SECURITY RISK MANAGEMENT. https://www.isaca.org/credentialing/cism
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

MKTwain - CMGTCB-555 - Competency 2 - Reflection.docx
MKTwain - CMGTCB-582 - Competency 1 Reflection.docx
MKTwain - CMGTCB-582 - Competency 2 Reflection.docx
MKTwain - CMGTCB-559 - Final Reflection 02.08.24.docx
MKTwain - CMGTCB-559 - Comp 1 Reflection.docx
MKTwain - CMGTCB-559 - Comp 2 Reflection.docx
Unit 6 Risk Management .docx
QSO 640 MODULE 4 PRE-TEST .docx
QSO 640 Module 6 - Pre-Test.docx
final project 3.docx
MKTwain - CMGTCB-555 - Competency 3 - Reflection.docx
MKTwain - CMGTCB-554 - Competency 2 Reflection.docx