CS#3

.docx

School

George Mason University *

*We aren’t endorsed by this school

Course

320

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

3

Uploaded by KidPuppyMaster1919

Geraldine Arandid MIS 310 – 001 Professor Chun Huang 1. Knowing how the firm responded, what would you have done differently? In this case, the company should report it immediately to the bank when it got hacked by an unknown source so that the bank will track it and dispute the full amount. Since it is a small family-owned construction company, there’s a possibility to hack easily into their bank. According to Evans Consulting Services, one in five small to medium- sized businesses is breached annually. Small businesses are indeed the targets of attacks more frequently. The reason why small businesses got easily hacked is that they may have outdated software, or they don’t have advanced software and other technologies. Also, it’s a lack of security. Therefore, the company should report it immediately instead of waiting for it. 2. What are some steps you think the firm could have taken to prevent this incident? To prevent this incident, the company should educate its employees on such technologies, emails, and accounts. In the scene, it mentioned that one of the employees opened a fraud email because they thought it was from their material supplier or vendor. Also, one of the employees may click on a link in an email that looks legitimate in a spear-phishing effort, allowing a hacker to access the employee’s email account in a business email breach. While the company trains them, the company also must upgrade its equipment, technologies, and software. After upgrading it, they must install the software for security or protection from viruses and hackers. Other ways to implement or avoid other cybersecurity include having remote access and multi-factor authentication for cloud-based email, financial transactions with dual permission, and having regulations and recommendations for social media use that adhere to the most recent security standards. If the company already upgraded everything in its software and technologies and trained its employees, the company should get cyber insurance because it can aid in
defending businesses even small businesses against cyber criminals. For example, the small business should apply the Travelers may be able to pay for forensic examinations, litigation costs related to a data breach, regulatory defense costs or fines, crisis management costs, business interruption losses, cyber extortion, and more (Travelers). Therefore, small business should improve their technologies, upgrade their software, install security and protection for their databases such as authentication, and be well- trained employees. 3. Is your business susceptible? How are you going to reduce your risk? (You can use your family business, a company you have worked for, or GMU as your fictitious business) For instance, at George Mason University, every time when we log in to Blackboard, the portal asks for Two Dual Self-authentication which sends me a push and send a code. For dual self-authentication in sending me a push, college students must download the app which is the Duo app because it connects the app and the information from GMU. Another one is the send me a code. When the college student clicks the send me the code, it will text or call you the code. Not just only when you log in to Blackboard, but when also log in on Self-Patriot Web, and other GMU websites that are confidential.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help