Question Consider the Citibank incident in 2005 where more t

Question

Consider the Citibank incident in 2005 where more than 3.9 million customer’s personal financial information disappeared during shipment from its Weehawken, NY facility.

Was this an unpreventable incident, or did Citibank fail to implement enough safeguards to minimize this incident from occurring? Could Citibank’s corporate culture have played a part in the incident occurring? Which aspect of the contingency planning process came up short, the IR, BP, CP or a combination of a few. What benefits, if any, would have been gained if Citibank had developed such a plan you have proposed? If you were Citibank’s CSO, what would you have done differently? What practices and procedures would you have put in place? How should the media have been secured, transmitted, and stored? How would you have guided the efforts of the CSIRT, or were they not needed for this type of incident? Why do you believe that your direction would have worked?

take that incident as refernce and provide me answers for questions provided in second paragraph.

please provide me with citations and APA GUidelines.

Solution

Citibank

The information was lost by UPS. This happened while the information was in transit to a credit bureau. It was the biggest breach of employee or customer data reported so far. The data loss occurred in spite of the security procedures required of the couriers by Citibank. Customers had received their loans. There was little risk of the accounts being compromised. Without the customers\' approval, additional credit could not be issued. The tapes were produced in a sophisticated mainframe data center environment, and, would have been difficult to decode without the right equipment and special software.

The tapes included personal identification information, for example, Social Security numbers. The thieves who managed to access the data could commit identity thefts or open accounts at other financial institutions. Account information is sent regularly by financial institutions to credit bureaus. This is for keeping consumers credit reports up to date.

CSIRT is a service organization responsible for reviewing and, receiving computer security incident reports. Organizations can define computer security for their sites in the following manner:

·         The act of violating an implied or explicit security policy

·         Any suspected event in relation to security of computer networks or computer systems

Activities for CSIRT include:

·         An attempt to gain unauthorized access to a system or its data

·         unwanted denial of service or disruption

·         unauthorized processing or storage of data or use of a system

·         changes to firmware, system hardware, or software characteristics without the owner\'s knowledge, instruction, or, consent

Computer security incident activity is a network or host activity that threatens the security of computer systems. CSIRT is required as intrusions are possible despite the presence of an information security infrastructure. CSIRT can recommend and research workarounds and solutions.

NIST\'s 7 step contingency planning process

·         Conducting a policy statement

·         Conducting a business impact analysis

·         Identifying preventive controls

·         Creating recovery strategies

·         Developing an information system contingency plan

·         Ensuring training, plan testing, and, exercises

·         Ensuring plan maintenance

(West-Brown, 2003)

(Kossakowski, 2001)

(Kossakowski & Stikvoort, 2000)