CIS 500 Discussion Reply

Reply with 150-250 wordsCapital One Bank reported a data breach on July 19, 2019 which affected an estimated 100 million people in the United States and another 6 million customers in Canada.  According to a USA Today article, White, W. (2019, July 30) USA Today  Retrieved from https://www.usatoday.com/story/money/2019/07/29  on October 14, This data breach was conducted by a “former software engineer who was accused of stealing data” ……..in what is considered “to be one of the top 10 largest data breaches ever.”  Data involved in this data breach included “social security numbers, names, addresses, phone numbers, date of births” etc. It is my opinion, no one will ever know the financial loss of such a data breach which is why financial institutions should have a cyber insurance policy in place.   In addition to the costs of the actual data breach there are other associated costs that will include forensics investigators, downtime, staff overtime, additional staff and that doesn’t include the reputational loss costs.  When I worked for the bank one of the things, we used to say is customers are not loyal when it comes to the security and safety of their money.  I used to say, “one and done” meaning if the bank is ever impacted by a data breach there will be huge reputational risk implications.  I used to say also it’s not a matter of “if” the Bank was going to experience a data breach it’s more a matter of “if , when and how much data” are the attackers going to get which is why we had multiple layers of controls in place hoping to minimize the impact of a data breach. From my research of this data breach it appears that Capital One staff did everything they should have done.  I can’t think of anything else I could add.  They determined what caused the breach, they notified the FBI and then they notified the public in the required amount of time.  They then went into damage control and offered impacted customers identity theft insurance for a certain time period. In my opinion, non-public personal information such as social security numbers, name, address, date of birth, account numbers and transactional data should not be in the cloud.  Another point I’d like to make is when considering storing data in the cloud one needs to determine where the actual servers are located.  Are they located in the United States or offshore?    My thoughts regarding preventing cyber attacks are all related to hardening the system through access controls within an organization and it all starts with information assurance training for the end user and access control.  It would appear to me that maybe the Capital One data breach could have been prevented if the hacker did not have a back door into the system which relates to access control.  I do not know for sure what happened but that is just an educated guess.  White, July 30, 2019, Capital one data breach 2019: 13 things for customers to know, usatoday, https://www.usatoday.com/story/money/2019/07/29 
Approximate price: $22
We value our customers and so we ensure that what we do is 100% original..

With us you are guaranteed of quality work done by our qualified experts.Your information and everything that you do with us is kept completely confidential.You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.The Product ordered is guaranteed to be original. Orders are checked by the most advanced anti-plagiarism software in the market to assure that the Product is 100% original. The Company has a zero tolerance policy for plagiarism.The Free Revision policy is a courtesy service that the Company provides to help ensure Customer’s total satisfaction with the completed Order. To receive free revision the Company requires that the Customer provide the request within fourteen (14) days from the first completion date and within a period of thirty (30) days for dissertations.The Company is committed to protect the privacy of the Customer and it will never resell or share any of Customer’s personal information, including credit card data, with any third party. All the online transactions are processed through the secure and reliable online payment systems.By placing an order with us, you agree to the service we provide. We will endear to do all that it takes to deliver a comprehensive paper as per your requirements. We also count on your cooperation to ensure that we deliver on this mandate.