CYB 320 Module three Activity Worksheet_JazmineWade
docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
320
Subject
Information Systems
Date
Apr 3, 2024
Type
docx
Pages
4
Uploaded by BarristerExploration6300
Jazmine Wade
Incident Report Components
Module 3-2 Activity
CYB 325 Incident Response and Investigation
Southern New Hampshire University
03/24/2024
After reviewing the 3 reading resources provided we found that even companies such as FEMA can fall victim to a data breach. FEMA plays a role in providing aid and support to individuals who may be impacted or displaced due to a natural disaster. The data breach that has been referenced is in regards to a data breach where FEMA experienced a privacy incident, by exposing personal information of 2.5 million individuals. The breach overall raised significant concerns around FEMAs data handling practices and security posture. In this report we identify factors that may have contributed to the data breach, identify assets that may have been impacted, as well as provide security recommendations to enhance security.
Overall we know that a big contributing factor of this data breach is due to the lack of FEMAs data handling policies and procedures. FEMA also failed to ensure that practices that met compliance were followed to safeguard and protect individual’s information who may have received aid from FEMA. Another contributing factor is the lack of employee awareness and training around data protection and least privilege. Ideally the contractor should have only had access to the least amount of information needed to complete their task. Which leads me to my next contributing factor of lack of access controls. Someone should have implemented access controls which could have prevented the contractor from gaining access to individuals data unless they were an authorized user. As mentioned previously the incident exposed 2.5 million individuals' personal information without their approval or authorization. The compromised data assets included a variety of personally identifiable information. This information included names, addresses, social
security numbers, and other sensitive information. This information is considered a critical data asset for identity protection and could be used for identity theft and fraud or other forms of manipulation.
Based on the recommendations from the Office of the inspector General there are multiple key security improvements to implement in order to enhance the security posture of FEMAs data protection practices. Firstly implementing strong encryption protocols for sensitive data at rest and in transit. This could help reduce the risk of unauthorized access and data exposure. Next, would be implementing stronger access controls through Role-based access controls. This will ensure that individuals only have access to data that is necessary for their roles. Lastly, conducting regularly scheduled security training for employees to raise awareness regarding best data handling practices, policies, and procedures to further reduce the chance of data exposure. While there are controls from the CIS controls document that can aid in root cause analysis, the 2 that I chose are CIS Control 2: Inventory and Control of Software Assets and CIS Control 6: Maintenance, Monitoring, and Analysis of Audit Logs. CIS Control 2 can be used to aid in root cause analysis by conducting a thorough inventory of software assets, which can then be used to identify possible vulnerabilities or weaknesses in the way that an asset or data set may
be used. This control also ensures that all software is authorized, up-to-date, and properly configured. CIS Control 6 can aid in root cause analysis by monitoring and analyzing audit logs to provide insights into system activities and potential security incidents. By examining audit logs, organizations can identify suspicious behavior that deviates from the baseline, unauthorized
access attempts, or misconfigurations that could contribute to an incident. This control implements a proactive detection and response to security incidents. Overall the data breach at FEMA highlights how important it is to have strong data protection in place and to follow security best practices. By dealing with what caused the incident, identifying what data was affected, making security upgrades, and using important
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
controls to identify the main issue, organizations can reduce the risk of having more incidents like this in the future.