CS#3
.docx
keyboard_arrow_up
School
George Mason University *
*We aren’t endorsed by this school
Course
320
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
3
Uploaded by KidPuppyMaster1919
Geraldine Arandid
MIS 310 – 001
Professor Chun Huang
1.
Knowing how the firm responded, what would you have done differently?
In this case, the company should report it immediately to the bank when it got
hacked by an unknown source so that the bank will track it and dispute the full amount.
Since it is a small family-owned construction company, there’s a possibility to hack easily
into their bank. According to Evans Consulting Services, one in five small to medium-
sized businesses is breached annually. Small businesses are indeed the targets of attacks
more frequently. The reason why small businesses got easily hacked is that they may have
outdated software, or they don’t have advanced software and other technologies. Also, it’s
a lack of security. Therefore, the company should report it immediately instead of waiting
for it.
2.
What are some steps you think the firm could have taken to prevent this incident?
To prevent this incident, the company should educate its employees on such
technologies, emails, and accounts. In the scene, it mentioned that one of the employees
opened a fraud email because they thought it was from their material supplier or vendor.
Also, one of the employees may click on a link in an email that looks legitimate in a
spear-phishing effort, allowing a hacker to access the employee’s email account in a
business email breach. While the company trains them, the company also must upgrade
its equipment, technologies, and software. After upgrading it, they must install the
software for security or protection from viruses and hackers. Other ways to implement or
avoid other cybersecurity include having remote access and multi-factor authentication for
cloud-based email, financial transactions with dual permission, and having regulations
and recommendations for social media use that adhere to the most recent security
standards. If the company already upgraded everything in its software and technologies
and trained its employees, the company should get cyber insurance because it can aid in
defending businesses even small businesses against cyber criminals. For example, the
small business should apply the Travelers may be able to pay for forensic examinations,
litigation costs related to a data breach, regulatory defense costs or fines, crisis
management costs, business interruption losses, cyber extortion, and more (Travelers).
Therefore, small business should improve their technologies, upgrade their software,
install security and protection for their databases such as authentication, and be well-
trained employees.
3.
Is your business susceptible? How are you going to reduce your risk? (You can use your
family business, a company you have worked for, or GMU as your fictitious business)
For instance, at George Mason University, every time when we log in to
Blackboard, the portal asks for Two Dual Self-authentication which sends me a push and
send a code. For dual self-authentication in sending me a push, college students must
download the app which is the Duo app because it connects the app and the information
from GMU. Another one is the send me a code. When the college student clicks the send
me the code, it will text or call you the code. Not just only when you log in to Blackboard,
but when also log in on Self-Patriot Web, and other GMU websites that are confidential.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help