Description
Instructions:
1) Read the the case study Big four accounting firm suffers client data exposure.pdf Big four accounting firm suffers client data exposure.pdf – Alternative Formats
2) Answer two questions in the case study. Using Q & A style, label number of the question and follow with your answer.
Formatting Requirements:
Please submit a Word document and use the following format to organize and submit all written home work:
Font: 12 points
Spacing: 1.5 lines
Pages 2-3 pages or Word Count: 500-750
Body of text:
Do not repeat the case to be analyzed or the synopsis of the given homework. However, you should copy/state each question asked before providing your answer/argument to the question.
References:
If you quote the work of others, you must provide the citation at the end of your homework. APA format and citation.
Somethings I am looking for:
Clear reasoning behind your decision making.
Think about how you can tie your course readings to the evidence presented in the case study. If you use resources outside the course readings, be sure to explain how they are tied to the case study.
Consider using the additional resources in the case study to support your arguments.
SafeAssign release statement:
By submitting this paper, you agree: (1) that you are submitting your paper to be used and stored as part of the SafeAssign™ services in accordance with the Blackboard Privacy Policy; (2) that your institution may use your paper in accordance with your institution’s policies; and (3) that your use of SafeAssign will be without recourse against Blackboard Inc. and its affiliates.
Unformatted Attachment Preview
Deloitte – Big four accounting firm suffers client data exposure
In September 2017, Deloitte, one of the big four global accountancy firms and also one of the
biggest names in cyber security consulting (Gartner’s security consultancy of the year in 2016)
disclosed that they had been the victim of a cyber attack which compromised a server that
contained the emails of an estimated 350 clients, including four US government departments,
the United Nations and some of the world’s biggest multinationals.
The hacker compromised the firm’s global email server through an “administrator’s account”
that, in theory, gave them privileged, unrestricted “access to all areas”.
The account required only a single password and did not have “two-step“ verification, sources
said.
Despite assurances from the company that the hack had only “impacted” six clients and that it
was confident it knew where the hackers had been. It said it believed the attack on its systems
which began the previous year was over.
The company was criticized for their disclosures with some claiming the incident was more
widespread than they acknowledged and that the company cannot be 100% sure what was
taken given the nature of the attack (administrator credentials were stolen).
Triggered by the news of the data breach, the information security community relished the
opportunity to investigate and expose what they considered to be poor security practices
adopted by company’s employees.
Questions:
1. Knowing how the firm Deloitte responded, what would you have done differently?
2. What are some steps you think the firm could have taken to prevent this incident?
Purchase answer to see full
attachment
