Data breach has always been a sensitive topic, let alone when the data breach is related to banking. In the mean time, there’s a breach was found happened to the online banking system of the competitive bank of First Union Bank, and the hacker had stolen quantities of customers’ personal information and data. It has been an alarm for all the banks, it reminds the whole society to be alert of the damage caused by the data breach.
The Chief Information Officer of the First Union Bank is aware of how much it would cost the bank if we don’t adopt a measure to avoid the similar attacks, so he requests security plan to the IT Department. This plan is aim to protect the First Union Bank from this type of incident, which the attack …show more content…
Yet hackers could attack a Web environment at each level independently, and security issues at each level need to be addressed. Also, as an additional and important approach, it’s extremely important to update all the applications in use and to harden your web and database servers (p.253).
Although as the document of 2013 Data Breach Investigations Report mentions, “all kinds of organizations — from government agencies to iconic consumer brands, internet startups to trusted financial institutions — have reported major data breaches in the last year.” But beyond these kinds of organizations, the attacks that take commerce organization as targets are becoming more and more.
People can’t help to wonder why the hackers would like to take them as target. The document of 2013 Data Breach Investigations Report says there’s almost 75% of the attacks are opportunistic, which means those attacks were not aim at a specific individual organization or a company, but the huge majority of those are basically financially motivated.
When talking about who is most specious to be the attackers, there’re three types of them, activists, criminals, and …show more content…
Also, there’s 10% of breaches were spotted by users (2013 Data Breach Investigations Report, 2013).
As the last part of the 2013 Data Breach Investigations Report, it recommends few points of suggestions, to which I partly agree with.
I agree with the followings: Perform regular checks to ensure that essential controls are met. Collect, analyze and share incident data to create a rich information source that can drive security program effectiveness. Regularly measure things like “number of compromised systems” and “mean time to detection”, and use these numbers to drive better practices. Evaluate the threat landscape to prioritize a treatment strategy. Don’t buy into a “one-size-fits-all” approach to security. Don’t underestimate the tenacity of your adversaries, especially espionage- driven attackers, or the power of the intelligence and tools at your disposal (2013 Data Breach Investigations Report, 2013). All of above could help the bank to be fully prepared for the attack and moreover, it provides doable solutions to deal with the breaches.
Although, I disagree with the