Information Security Breach

Learning outcomes
1. Analyse and synthesise information security issues in modern organisations.
2. Demonstrate an understanding of the advantages, disadvantages, threats and vulnerabilities associated with various IT environments.
3. Demonstrate the concepts, principles and techniques relating to the security of information.
4. Evaluate the importance of information to organisations and society in general.

Background:
Information has many facets: value, confidentiality, integrity, privacy, legality, and so on. All information is not the same, not valued the same, and hence protection requirements may vary.
Task:
Critically analyses the case study provided to provide an information security perspective on the issues faced by the organisation.
Follow the processes provided in the unit materials, particularly the first five modules, to present a logical and clear analysis of the case study.
The case study can be found under the Reading List/Assignment 01.
Your report should include:

•  An outline of the process followed to devise the case study analysis i.e., did you follow any methodology on how to analyse a case study, what steps did you follow to write the main body of the report? This section need not be detailed, a brief outline of your analysis process.
•  Identification of the personal identifiable information (PII) that is held, used, and collected by the organization
•  Discuss the CIA triad and how these principles relate to the information security breach, i.e., what was breached in relation to C.I.A
•  What threats and vulnerabilities to the information exist in the case study
•  What protections were in place; what worked and what failed in this particular case.
•  Discuss the lessons learnt from the breach, for example, legal, financial, risk
•  What did the organisation do after the breach, i.e., what happened after the fact.
•  Why was this breach such an important case to learn from.