In the first milestone, you identified a recent security incident that took place. There were multiple incidents that were chosen such as Capital One,Target, OPM, Equifax, Home Depot, and so many more
Running head: SECURITY INCIDENTS 0
SECURITY INCIDENTS
Institution Name
Student Name
Date
The administrative factor that led to the security incident in the capital one left out a lot of questions on how the intruder got in without the administration coming to notice. The capital one data breach investigations took place and found that a Seattle resident by the name Paige Thompson. She was involved in the computer fraud that led her to access about one hundred million applications of credit cards and getting access to other data that was made possible through the misconfigured firewall (Novaes Neto, 2020).
Thompson executed a command which later retrieved all security credentials for all the administration account, which enabled her to copy more than seven hundred folders that were hoisted by the amazon—making confusion of how all this was made without the knowledge of the administration. The administrative factors that were not secured led to this breach because the capital one was not monitoring the credit cards and identifying protections to its members over and over. Freezing of credit cards should be carried to ensure that if someone else tries to access other people's accounts, they will have to give passwords so that they access them. The administration should also be proactive towards cybersecurity and give out knowledge to their members about the cyber-attacks (Rao, 2016).
The physical control that led to this breach was that the capital one breach would have been caused because there was no enough performance in monitoring services by the organization. Thus if the organization did this, then they would have noted that they were being attacked. Hence organizations are supposed to use available tools or monitor the systems consistently and diligently because they are not supposed to assume the data integrity (Vorobiev, 2017).
Some of the technical issues that affected the capital one organization were that they did not use appropriate software-defined perimeter type of technology. Thus they assumed they would not have problems that made them not closing their cloud environment and software as a service for access through their own devices, location, and users. Avoiding all these technical issues will never be an effect on the capital one breach or to any organization (Novaes Neto, 2020).
Organizations should also be aware of their weakness and strengths. They should be able to fix their weakness so that it won’t be known to the outside people or hackers. This will be of benefit since the hackers will not use their weakness to them so that they can cause breaches to an organization (Rao, 2016).
REFERENCES
Novaes Neto, N., Madnick, S., de Paula, M. G., & Malara Borges, N. (2020). A Case Study of the Capital One Data Breach (Revised).
Vorobiev, E. G., Petrenko, S. A., Kovaleva, I. V., & Abrosimov, I. K. (2017, May). Analysis of computer security incidents using fuzzy logic. In 2017 XX IEEE International Conference on Soft Computing and Measurements (SCM) (pp. 369-371). IEEE.
Rao, B. T. (2016). A study on data storage security issues in cloud computing. Procedia Computer Science, 92, 128-135.
