sainith pm discussion 2 and 2 replies

Read the case study “To Bid or Not to Bid” on page 1011 and then answer the questions on page 1012.

words :300 (attached textbook)

please provide replies to below 2 student posts each in 150 words

vinusha – Risks and Costs of Data Integrity Breaches

COLLAPSE

Week 3 Discussion:

In the era of digitization, Data is considered as wealth and life of an organization. Large amounts of sensitive data is stored across the organization and it is very important to implement proper steps to preserve the integrity and confidentiality of the data. Data breach is most vital security breach which effects the integrity and confidentiality of data resulting in significant financial loss for the organizations and it also effects the reputation of the organization. Organizations that store sensitive data are generally soft targets for data breaches. Besides confidentiality, Data integrity which generally refers to the completeness and consistency of data can be dangerous as it is not easily detectable if altered. In most of the data integrity attacks, the owners may not be aware of the exact numbers of records modified. Till date there are 62% of the data integrity attacks where the exact number of records modified has not been exposed.

It is very important that organizations should not compromise in financial, systems and operations integrity which store sensitive data and it is very important to implement security team across an organization to address the security issues and notify actions to be implemented to protect attacks. According to a research, almost 47% of the organizations do not have proper measures or separate team assigned to monitor the security of their databases. Integrity attacks concentrate on altering the data and besides loss to the organization, the data altered in the health care and pharmaceutical sector can also endanger the life of the patients. Protecting Integrity, Confidentiality and availability in an organization is the standard for evaluating the information system. “The ultimate security aim is to provide confidentiality, integrity, authenticity and availability in the presence of resourceful adversaries” (Aminzade, 2018).

Irrespective of the private sectors where the integrity attacks mostly happen for ransom and in some cases even due to the rivalry between companies, federal organizations such as military, health care that store PII data are prone to security threats. Health sector tops in the risk of data breaches as each year hundreds of records are compromised. According to a publication in the year Oct 2017 by Identity Theft Research center (ITRC), there are “1,120 total breaches till date in the following year and almost 171 million records are exposed” (GRETEL EGAN, 2017) estimated financial loss of 6 billion . Organizations that face data breach end up losing revenue.

The most recent example of an issue made possible by the data integrity attack is in the news article by Charlie. On January 23rd 2020 an unsecured databased which is owned by THSuite a point-of-sale system of marijuana dispensaries across the U.S., has been uncovered online without any authentication or security in place. This breach exposed PHI of 30,000 records and almost 85,000 records are affected. Along with the PHI data, cannabis used, price and quantity are also exposed. “As a medical data breach, it may be that there could be consequences under the US Health Insurance Portability and Accountability Act (HIPAA) of 1996”(Charlie Osborne, 2020). The access to the data base has been revoked after a week of identifying the data breach. The financial loss has not been estimated yet.

Most of the data breaches come into light lately if the hacker has no intention of informing the organization about the data breach. As data integrity is hard to recover once altered it is always suggested to back up the data and also validate when it is gathered. Regular audits and limiting the access to the data by restricting the access to unauthorized parties can help in mitigating data breach issues to an extent.

Aakash – DATA INTEGRITY BREACHES RISKS AND COSTS

Data is valuable, either it is of any organization or a health care unit. Data is of many types. Information needs to be kept in secure hands because it costs a lot when data integrity breaches. Cyber-attacks are making it more threatening to secure data appropriately. Not only in the regions of the United States but all over the world, organizations are facing the issue of increasing cyber-attacks. Even the data of health care units are not safe. Because in the recent few years, it observed that the confidential information of patients and their health record was theft.

Data integrity breaches due to some reasons. There may be a weak security system. A compromised information system may also cause a data integrity breach. Some of the double-faced employees of an organization may be a reason for the data breach. Many organizations cannot estimate the costs and risks associated with the data integrity breach. Data of any company or organization may use for some illegal purposes. Therefore, keeping it under a safeguard system may assist in managing it properly. The immune system of the organization’s information system should be strong enough that it must not be theft or threaten by an insider or outsider attack.

Now it is “clear that employee behaviors figure into a large number of data breaches” [1].it is not always the fault of devices that are held liable for data integrity breach. But sometimes a human error may cause data breach too. Almost 30% of the employee’s negligence causes a data integrity breach. It involves improper disposal of data, for granted security, unauthorized access to data systems, etc. According to the statics of 2017, more than 60% of data integrity breaches from malware, phishing, and cyber-attacks, etc.

Integrity monitoring assists in detecting the alteration an attacker made to the landscape of some company information or security system. Even via integrity monitoring, one may observe the activities for “targeting for a data security breach” [2]. It is essential to make file integrity. File integrity is also concern with regulations of the data breach. It detects the minor alterations that a red hacker has made to your landscape for some suspicious activity or attack. An integrity monitoring enables you to protect and correct all the changes made to your view by the hacker. Now the need is to put an action on the integrity control to do timely corrections in your landscape.

Yes, its army faced the data integrity breach too. It recorded that “DoD information leaked on to a public Amazon Web” [3]. According to record, a public server had almost 40 plus files that were viewable and downloadable containing confidential information. These 40 additional files contain information about intelligence and also have the data related to private keys. These keys used for accessing the hashed password and also disrupted intelligence too. Then a complete check and balance were put on the dissemination of information to the public.