Data or Security Breaches Issue and Organizations

Question: Discuss about the Data or Security Breaches Issue and Organizations. Answer: Introduction In 2015, many big industries faced data breaches. While the data breaches continuously increased in 2015, investments are likewise done in security technologies to overcome these hacking issues. This study includes the report of about top ten breaches which occurred in 2015 and reasons, impact remedies are also included in this paper. News Article The 10 Biggest Data Breaches Of 2015 written by Sarah Kuranda was published on July 2015 in online newspaper CRN News which has been discussed in this study. Justification 2015 was a very big year for data breaches, however, even 2016 is not exempt from data breaches. This news article is selected because it helps us to take a look back at the huge data breaches in 2015. In the year 2015, most of the industries such as healthcare, financial, education as well as federal markets are affected by a number of data breaches. This news article is commonly related to the information security and protection content, as this article helps the readers to learn about several data breaches that generally affect the data or information security or protection of the industries. This news article increases the customers' awareness about security concerns and helps them to invest in different data security technologies (Kuranda, 2015). In 2015, data breaches, data hacking as well as the cybercrime was on top business concerns that acquired more media attention as well as compromised the unity of different organizations. This news article helps to check that there is n o business organization which are left untouched or unaffected from this sort of Data security breaches in the year 2015. Reasons CareFirst: CareFirst BlueCross breach had occurred in May 2015, was a notable breach as it has affected the continued vulnerability of the healthcare organization. There are a lot of technical and nontechnical reasons which caused this data breach as the organization used Mandiant-led safety audit with the help of which hackers easily found and gained the access to the database in which information about members has been stored. Kaspersky: An alternate sort of cyber attack that was caused because of technical reasons as there is less security of data software used in the organization. In 2015, Kaspersky revealed that an infiltration has been done in its various interior frameworks. Kaspersky revealed its events as well as its venues with links about its sensitive meetings, including latest negotiations for the nuclear deals and this is the main reason for this data breach (Thole, Solms and Moll, 2015). Premera: This breach happened because the customers record frameworks of health insurance organization were not fully secured and Premera organization in March 2015 discovered that a breach affected its records of almost 11.2 million customers due to lack of security software (Serious data protection breaches to be heavily fined in UK, 2008). Harvard University: In July 2015 data breach occurred at the Harvard University education center. This breach influenced almost 8 schools and regulatory workplaces, However, it remained unclear which type of data was being hacked by the cyber criminals. Therefore, this also occurred because of the lack of security in Havards Database. Hacking Team: Technical reasons of this breach were that the Hackers were able to develop the spy tools to hack data from the Government agencies as well as some high-level hackers were able to hack the data of small hackers (NMC pledges to improve data-handling processes following security breaches, 2015). LastPass: In June 2015, password management organization LastPass disclosed that they are the victim of the cyber-attack in which data such as email addresses, servers passwords, reminders and authentication hash. This hack is done because of lack of encrypted passwords within the organization. Army National Guard (ANG): In July 2015 ANG faced a data breach and the reason for this data breach was that there was a very improper way to handle or manage transmission of data to the non-accredited information center through contract staff. Therefore, hackers easily get the access to the users accounts (Greene, 2015). Anthem: Anthem organization never applies any law to encrypt its information or data. Therefore, Anthem faced several civil lawsuits as they do not have any data encryption, which was also considered as a major technical reason for the security breach. According to the Bloomberg News, the organization itself may be responsible for the security breach as they were themselves changing their security passwords time and again (Kuranda, 2015). Office Of the Personnel Management: Reasons for this attack remains unclear because the attack was motivated through commercial industries. OPM association had been warned several times about its security fall and vulnerabilities, but they never took it as an important aspect, therefore, they had to face such security breaches (Major breaches affect millions, 2015). Impacts CareFirst: Information of about 1.1 million customers such as their name, date of birth, subscriber information and email have been compromised in this breach. Hackers encrypted the password and gained access to different Social Security medical reports and employment records. This also impacts the financial data of customers as well as of the organization (Ramanan, 2015). Kaspersky: This breach impacts the information about the latest cyber technologies developed by Kaspersky Lab. Attackers also attack several security frameworks developed by the organization and after being hacked these security frameworks are never been used (Kaspersky asks for decryption help, 2008). Premera: This breach impacts the personal details of the healthcare customers, hence, there is a loss of financial data of customers. Overall, results show that the breach in Premier causes a damage to the organizations reputation and it was considered that about 40% damage of its personal details has already been done. MultiBank Cyberheist: After this attack almost Twenty percent respondents reported that there is a worst business disruption as well as the cost to examine this breach damage to the financial status of an association (Kuranda, 2015). Harvard University: Theft and unauthorized disclosure of sensitive information of Harvards students and the university itself, were hit by a data breach in 2015. Almost 18,000 individuals had suffered due to this attack. Harvard University faces the challenge of highly tight budget as a high investment was required for the security of the Universitys database. Hacking Team: This breach puts a severe impact on the financial position of the organization. There was a loss of about $100,000 because of the data hack. The organization was not able to perform further activities to secure itself from further breaches (Whittaker, 2016). LastPass: In this security breach, a large number of personal passwords of individual accounts were stolen. The good thing about this was that the hackers weren't able to get customers encrypted password vaults. Still, this breach certainly sounds the worst, but the agreement among security professionals believe it is not the worst breach. Army National Guard (ANG): This breach potentially uncovered the Social Security number, street number and personal data of around 850,000 present and previous National Guard individuals. This breach also highlights the value of having very strong security approaches for inner threats, including those which were posed by the outside contractors (Kuranda, 2015). Anthem: Anthem breach caused system failures as well as data corruption in the organization. Attacks on the organizations website as well as on its internet gateway affect the customers. According to the technical staff of Anthem, there was a big loss of financial data. More than half of the customers were impacted by this security breach. Office Of the Personnel Management: This attack impacts on millions of workers of Personnel Management office. There was a minor impact of a security breach on the business of the organization. However, it has a major impact on the individuals as their personal details were stolen (Data breaches hit software firms, retailers and banks; some arrests made, 2014). Remedies CareFirst: Hackers are more targeting the healthcare industries for its repository's information. Therefore the affiliated security plan was built up in the association to stop hacking of data. Kaspersky: Kaspersky uses Moscow-based data security model and some new technologies, like Kasperskys Safe Operating Framework, Kaspersky Fraud Interference, along with Anti-APT model to secure its sensitive data. Premera: Premera organization makes it a smart-enough association so that it does not get duped by cyber crooks and social technology scams. Credentials are provided only to authenticated users (Kuranda, 2015). MultiBank Cyberheist: Association provides strong passwords to the users which are utilized as the master passwords to secure the user accounts and different security schemes are applied by the organization to stop this hacking. Harvard University: Harvard university should check for discrepancies on a daily basis. The organization also takes benefit of the credit policy, identity theft policy as well as monitoring service (British Airways among latest breaches, 2015). Hacking Team: Hacking team utilized continuous on-site checking of outsiders interference in the organization. They establish a genuine governance procedure that keeps an eye on what is done by third-parties which process their client's data. LastPass: LastPass agency encourages its executives, not to use passwords which are based on the data that is easily accessible through the social-media sites and rather use more secure passwords. Army National Guard (ANG): Wassenaar Agreement was utilized by the organization in which it continuously performs security researchers as well as it prevents the data by utilizing penetration testing software (A fifth of UK consumers are victims of theft via data breaches, 2015). Anthem: This issue will overcome only through the top-down policy which clearly describes an organizations hazard appetite and approaches from where, as well as how the critical data resources can be managed and stored. Office Of the Personnel Management: It is important to check how the sensitive data governs, as well as how the data security plans are arranged in the organization. Different governance policies have been used to acknowledge that who has the complete access to delicate information of the clients (Kuranda, 2015). Conclusion This study concludes that in 2015 many noteworthy security breaches occurred consistently which were considered as a major problem for industries who faced data breaches. Every industry such as retail, monetary, health care, legal and military associations should be focused regarding the security of their sensitive data. It has also been concluded that some serious steps should be taken by the associations against the hackers to stop all types of data breaches. References A fifth of UK consumers are victims of theft via data breaches. (2015). Network Security, 2015(12), pp.1-2. British Airways among latest breaches. (2015). Network Security, 2015(4), pp.2-20. Data breaches hit software firms, retailers and banks; some arrests made. (2014). Computer Fraud Security, 2014(8), p.3. Greene, T. (2015). Biggest data breaches of 2015. Kaspersky asks for decryption help. (2008). Network Security, 2008(7), pp.1-2. Kuranda, S. (2015). The 10 Biggest Data Breaches Of 2015 (So Far). [online] CRN News. Major breaches affect millions. (2015). Computer Fraud Security, 2015(10), p.3. NMC pledges to improve data-handling processes following security breaches. (2015). Nursing Standard, 30(12), pp.8-8. Ramanan, S. (2015). The Top 10 Security Breaches Of 2015. Serious data protection breaches to be heavily fined in UK. (2008). Computer Fraud Security, 2008(6), p.3. Thole, E., Solms, C. and Moll, C. (2015). Cyber Security: How to DealWith (Cross Border) Data Breaches?. Computer Law Review International, 16(5) Whittaker, Z. (2016). These companies lost your data in 2015's biggest hacks, breaches.