Thursday, December 12, 2019

Information Security Breach

Question: Discuss about theInformation Security Breach. Answer: Introduction Anthem is a health insurance company and it is well known company for its on-time services. But somehow it allowed hackers to gain access of information from its database that information was of 80 million Americans. This is such a wide range of people whose information has breached in this attack. This attack was happened in February 2015. This attack is considered most vulnerable attack in history of healthcare industry because number of people were influenced by this attack. Now in next segments of this report, we will discuss about justification of choice of this news article. Discussion Justification about Selected News of Anthem The reason behind selection of this news of information security breach in Anthem is that it is one of the most vulnerable security breaches that has happened in year 2015. So it is important to discuss about this attack in this report. This attack will provide awareness to maintain appropriate security for networks and databases. If we talk about relation of this news to information security subject content, then it is cleared from news that information has leaked from database of Anthem Company and this database was loaded with personal, health and payment information of 80 million Americans. On the behalf of this information we can say that this news is related to information security breach. (Times, 2015) Reasons for Breaches There are various essential reasons exist, in every information security breach like Anthem Healthcare Company and any other breach. In this segment of report we will emphasize on technical and non-technical reasons of this vulnerable information security breach. (Armerding, 2016) Technical Reasons for Anthem Company Information Security Breach Lack of use of security tools into system that resides database into it. According to analysis it is found that, anti-virus and network monitoring software solution was not installed into system. Through Anti-Virus it is possible to scan any vulnerable entity easily that can make our system weak and hackers can take advantage of that point. The access of information from database of a company should be done by authorized persons. Unauthorized access to database can definitely lead to hack or misuse of data. The permissions for authorized users should be set by administrator of database. In this Anthem attack, unauthorized access of database is considered main reason. Next technical reason of Anthem Attack is improper execution of security policies in organizations. It is commonly observed in business organizations that security policies are followed by employees appropriately and these security policies consist of use of strong login credentials, use of anti-virus and other security features. (Kirk, 2016) According to indicators of this attack, phishing attack was also implemented by using a fraudulent email to get information of employees of company such as network ID and password. (Riley, 2016) These are some technical reasons for Anthem Information Security Breach that had not taken seriously by Anthem Company. (Anthemfacts.com, 2016) Non-Technical Information Security Breach for Anthem Company Besides these above listed technical information security breaches for Anthem Company, some non-technical reasons are also found. The main non-technical issue that has found in this attack is sophisticated hackers means they were skilled enough to hack Anthem Company but company was not possible defend against them. Besides this, weakness in administration department for assigning permissions to authorized persons is also a non-technical reason for Anthem Healthcare Insurance Company. Besides this, unawareness of employees of company about information security is also a main reason for information security breach. Self-awareness is very much necessary for people about these security threats, so that they can control small security issues at their own level. Assesses of Severity Damage and Social Impacts of Anthems Information Security Breach In above discussed information about Anthem Information Security Breach has so much influence over company and its customers. Near about 80 million Americans have faced this problem.( Fast Company, 2015) The victims of this attack were both current and former members of Anthems Company. If we evaluate severity of damage of this attack then we can say that millions of people who are attached with Anthem Company, they have no idea that Anthem held their personal details. Network credentials were hacked by hackers and by using those credentials, hackers were being successful to conduct this vulnerable attack. The major information that is hacked by hackers in this information security breach, consists of names of members of Anthem Company, date of birth, social security numbers and email addresses etc. Hackers can misuse this information to connect with these members and collect their credit card information and other financial information. Therefore, the overall effect of Anthems infor mation security was vulnerable for every member of Anthem Company and reputation of this company. (Modern Healthcare, 2016) If we talk about social impact of this attack then, customers of this company are in shocked after knowing about this information breach. They are losing their trust on this company and asking them questions that are they able to provide security for our confidential and important information? This attack has increased the responsibility of technical experts of Anthem Company and now they have to make efforts to keep secure their databases. This can also put influence over market position of company and competitors will try to get advantage from this. So it is will be better for Anthem Company to come out from this trauma as soon as possible and it should enhance its level of security and privacy. (Modern Healthcare, 2016) Now in next segment of this report, we will emphasize on some effective remedies that will help to get prevention from above discussed security threats. Remedies for Anthems Information Security Breach Here are some remedies that are provided by Anthem Company to get prevention from these types of security breaches. Now Anthem Company will provide identity protection services to all its individuals. Company has arranged AllClear ID to protect identity of customers. Better monitoring services will be provided to customers of this company so that every network and system activity can be monitored properly. This will help to detect hackers easily.( Small, 2013) Advanced system security solutions such as spyware, network monitoring tools and anti-virus will also be used in every system of this company and every employee will be strictly asked to follow security policies and rules. With the help of technical experts, better ways will be found out to resolve this problem of databases insecurity. New technicians will be hired those can tackle this problem appropriately. (com, 2016) Anthem Company will also concentrate to suggestions that are provided by customers of this company. This will be a better to make a good relationship with customers for enhancing business. All systems must come under administrator of IT department and he/she must set permissions for all senior and junior level employees of company. An employee must not allow to view any restricted area without permission. This will help to enhance authorized access of information in company. (Yadron, 2016) At developers end encryption techniques must be used to maintain security of programming codes. Encrypted data is hard to understand and hack by hackers. The above discussed remedies must be implemented successfully by company. These remedies are helpful enough to resolve problems of security breaches. It is responsibility of both developers, employees and customers of this company to follow all security policies and rules to resolve these problems. (Riley, 2016) Conclusion After this whole discuss we can say that the purpose of report is to understand security breach of Anthem Company thoroughly and to increase awareness regarding these threats among members of this company. In this report, effective remedies are discussed that can help to get rid of this information security. Now, it is accountability of company towards its all customers to secure their information from these types of security breaches and it must not let them loss their trust on company. It is better to make long term business relationships with customers. (Yadron, 2016) References Times, L. (2015). Anthem is warning consumers about its huge data breach. Here's a translation.. latimes.com. Retrieved 26 September 2016, from https://www.latimes.com/business/la-fi-mh-anthem-is-warning-consumers-20150306-column.html Armerding, T. (2016). The 15 worst data security breaches of the 21st Century. CSO Online. Retrieved 26 September 2016, from https://www.csoonline.com/article/2130877/data-protection/data-protection-the-15-worst-data-security-breaches-of-the-21st-century.html?page=3 Kirk, J. (2016). Premera, Anthem data breaches linked by similar hacking tactics. Computerworld. Retrieved 26 September 2016, from https://www.computerworld.com/article/2898419/data-breach/premera-anthem-data-breaches-linked-by-similar-hacking-tactics.html Anthemfacts.com.(2016). Anthem Facts. Retrieved 26 September 2016, from https://www.anthemfacts.com/ Modern Healthcare. (2016). Details of Anthem's massive cyberattack remain in the dark a year later. Retrieved 26 September 2016, from https://www.modernhealthcare.com/article/20160330/NEWS/160339997 Krebsonsecurity.com. (2016). anthem breach Krebs on Security. Retrieved 26 September 2016, from https://krebsonsecurity.com/tag/anthem-breach/ Yadron, A. (2016). Health Insurer Anthem Hit by Hackers. WSJ. Retrieved 26 September 2016, from https://www.wsj.com/articles/health-insurer-anthem-hit-by-hackers-1423103720 Riley, C. (2016). Insurance giant Anthem hit by massive data breach. CNNMoney. Retrieved 26 September 2016, from https://money.cnn.com/2015/02/04/technology/anthem-insurance-hack-data-security/ Fast Company.(2015). Why The Anthem Security Breach Was Such A Wake-Up Call For The Health Industry. Retrieved 26 September 2016, from https://www.fastcompany.com/3042091/why-the-anthem-security-breach-was-such-a-wake-up-call-for-the-health-industry Small, M. (2013). From data breach to information stewardship. Network Security, 2013(10), 5-8. https://dx.doi.org/10.1016/s1353-4858(13)70112-0

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.