Data Breach Research Papaer

Security breaches are occurring at a much more rapid rate in the world today. Major companies and corporations are revealing their breaches and telling the public false information. Many security breaches occur because of exploitation of vulnerabilities, exploits and attacks both internal and external within the system. Vulnerabilities are weaknesses in the requirements, design, and implementation, which attackers exploit to compromise the system. The purpose of this paper is to understand the vulnerabilities, framework, and types of attacks for security requirements and analysis centered on preventing a breach. The framework shows

Information security enabled by technology must include the means of lowering the impact of intentional and unintentional errors entering the system and to prevent unauthorized internally or externally accessing the system  actions to reduce risk data validation, pre-numbered forms, and reviews for duplications. It is crucial that the mission plan include the provision of a disaster recovery and business continuity plan. On the other hand, there is much more intrusion activity today than ever before. Obviously, there is an increased concern for attacks through companies’ network in an effort to either commit malice or affect the integrity of an organization’s most valuable resource. Therefore, it is important that companies do not get complacent in their IT infrastructure security. The fact of the matter, there is no perfect system; however, it behooves organizations to protect their information by way of reducing threats and vulnerabilities. Moreover, Whitman and Mattord (2010) said it best, “because of businesses and technology have become more fluid, the concept of computer security has been replaced by the concept of information security. Companies

Numerous data breaches and computer intrusions have been disclosed by the nation’s largest data brokers, retailers, educational institutions, government agencies, health care entities, financial institutions, and Internet businesses. A data breach may occur when there is a loss or theft of, or other unauthorized access to, data containing sensitive personal information that results in the potential compromise of the confidentiality or integrity of data. Sensitive personal information generally includes an individual’s name, address, or telephone number, in conjunction with the individual’s Social Security number, driver’s license number, account number, credit or debit card number, or a personal identification number or

The data breaches of 2012 compromised almost twenty-eight million private records. The year 2015 is still underway, therefore no information gathered by Privacy Rights Clearinghouse so far for 2015 was utilized. Instead, as of 2014, there have been around four thousand data breaches made public since 2005, compromising about seven hundred thirty million private records. Of the four thousand public data breaches that have occurred between 2005 and 2014, one thousand six hundred public breaches are business-related, either through financial and insurance businesses, retail and merchant businesses among other types of businesses. Business-related data breaches between 2005 and 2014 constitute forty percent of the publicized data breaches,

Data breaches happen daily, in too many places at once to keep count. But there is some huge breach versus a small one and we will take some examples from the biggest or most significant breaches of the 21st century to show how much risk or damage the breach caused for companies, insurers and users or account holders.

Computer security breaches have been occurred in too many places since information technology is used. Security practitioners declare that those breaches incident cost vast businesses that is estimated more than $1 billion, according to Pinsent Masons, (2014). There are also non-financial costs that companies may suffer. Figure 1 is illustrated World's Biggest Data Breaches that happened last decade.

While all of these technologies have enabled exciting changes and opportunities for businesses, they have also created a unique set of challenges for business managers. Chief among all concerns about technology is the issue of information security. It seems to be almost a weekly occurrence to see a news article about yet another breach of security and loss of sensitive data. Many people will remember high profile data breaches from companies such as T.J Maxx, Boston Market, Sports Authority, and OfficeMax. In the case of T.J. Maxx, a data breach resulted in the loss of more than 45 million credit and debit card numbers. In many of these incidents, the root cause is a lack of adequate security practices within the company. The same technologies that enable managers can also be used against them. Because of this, businesses must take appropriate steps to ensure their data remains secure and their communications remain

Identity theft has been an issue long before the internet had been invented. Before the internet became widely used, many thieves would “dumpster dive” or go through victims garbage to find bills or any other personal documents that could be used to commit fraud. They would also use phone scams to offer prizes to those who gave their birth dates

Health care, government and education are common targets of data breaches. However, fraudsters are dominating headlines with a data breach of the affair-driven website, Ashley Madison. The breach gives cyber security professionals and citizens, a strong insight into how secure systems are in comparison to how safe users think their info may be.

About 73 percent of breaches happen from outside the organization (Patel-Predd, 2008). Companies today invest large amounts of money in data security in order to protect their information. However, data breaches still continue to happen and the number of them is steadily increasing in small and big companies, which often are found in situations where they have to decide about what changes they should make in order to avoid future data breaches.

Data breaches are increasingly common as companies are faced with securing a multitude of networks, devices, applications, users, and files used in the course of conducting business. And with global workforces and the rise of cloud computing, security perimeters are more difficult to define than ever before. These issues combine to create a perfect storm – a climate ripe for hackers to take advantage of. (Lord, 2017) Below are the trending data loss trends to watch out for:

It can be tougher to feature the roots when the data is stolen rather than lost. A company may be able to lower and alleviate breaches resulting directly from a human error through a consolidation of data handling policies, access control and training. In a few cases where the human error does not lead to the exposure of sensitive data but instead creates conditions that make theft or hacking easier, then

For starters it is one of information on identities is plentiful. Due to the extent of online use and social media, information is readily available, and unlimited. (“Working Together Against Identity Theft”). Furthermore the crime is easy to get away with. All purchases and crimes committed under identity theft are in the victim's name making it easy to avoid apprehension (Kirchheimer). In short, Identity Theft is of the simplest crimes to commit and get away with.

With advances in technology constantly happening, it can be hard to keep up with all of the latest trends. If organizations cannot keep up with the latest trends, it can lead to flaws in their security. Any flaws in security can have a detrimental effect on an organization’s database. Almost every organization has some sort of database, whether it is for maintaining customers, inventory, or vital information.

Any organization is critically dependent on data to perform its functions. Security breaches resulting from malicious code attacks, denial of service, employee negligence and theft, unauthorized access, policy violations, (ROCHA, 2012) and vendor leaks and mistakes, are on the increase. There was a total of nine mega breaches in 2015 as reported by Symantec which reported an alarming 429 million exposed identities ("Cyber Security Incident Response: Shifting from Reactive to Proactive | Ayehu", 2016) .In the light of the above fact, it becomes not a question of if, but when a compromise will occur (Williams, 2015, pg.1) A security breach has disastrous impact on an organization as it leaves in its wake financial, legal and compliance and reputational risk. The health and financial services sector incur most costly data breaches because of higher fines ad above average rate of lost in business and customers (Ponemon, 2016). According to Ponemon (2016), majority of data breaches results from malicious and criminal attacks which take considerable time to detect and contain and has thus have a higher remediation cost. It is worthy to mention the Office of Personnel Management breach, where they could not put their fingers on what was taken during the breach which generates distrust among affected parties. The Sony and the OPM breach increasingly makes it clear that attackers use anti-forensic and evidence destroying