Industry: Telecommunication Company: Verizon Overview: Verizon data breach – 6 Million customer account exposed Introduction: Verizon contractor failed to secure large batch of customer information i
Project Proposal Outline
Industry: Telecommunication
Company: Verizon
Overview: Verizon data breach – 6 Million customer account exposed
Introduction: Verizon contractor failed to secure large batch of customer information including PII. Data leak started from amazon S3 cloud server due to lack of configuration issue and failure to maintain S3 default security patch.
Organization brief summary:
Strategic planning
Core business activities
Cultural practices
Financial performance and goals.
Risk Types –
Markets and credit risk
Liquidity risk.
Operational risk and Regulatory risk
Social and legislative risk.
Traditional Risk Management – One-dimensional, standardized methods, reactive methods.
Enterprise Risk Management – Multi-dimensional, non-standardized methodologies, Retention, loss prevention and detection, proactive methods.
Benefits and limitations:
Standardized risk reporting
Identify potential risk
Improved focus and perspective on risk effective coordination of regulatory and compliance matters
Creation risk focused culture for the enterprise.
Efficient use of internal resources.
Key roles and responsibilities: Build a risk-aware culture, design risk register and action plans, forecast risk, take risk as responsibility, educate internal resources with best practices (Kedharnath Chowdary Poluru)
Key items to improve and risk associated: Employee approval flow for configuration update, mitigate risk, enhanced authentication, deception and collection methodologies to secure infrastructure, internal audit control.
Conclusion and References –
