Data Breach Flashcards
causes of data breach
- payment card fraud
- hacking/malware
- insider breach
- physical loss
- portable device loss
- stationary device breach
- unintended disclosure
- unknown breach
payment card fraud
fraud to debit or credit cards not accomplished via hacking
ex. skimming device at point of service terminals
hacking/malware
outside party infects a computer with malicious software
insider breach
someone inside organization with legitimate access intentionally breaches information
physical loss
non-electronic, paper documents are lost, discarded or stolen
portable device loss
laptop, smartphone, flash drive, or other electronic device is lost, discarded or stolen
stationary device breach
stationary computer is lost, discarded, stolen, or improperly accessed
unintended disclosure
man error or otherwise that results in sensitive information being posted publicly, mishandled, or sent to the wrong party in either physical or electronic from
unknown breach
other type of data breach that does not fall into one of the categories above
data breach incident response
requires complying with state laws of every jurisdiction with organization does business or retains information on customers located there
steps
1. confirm the breach
2. secure operations and contain the breach
3. analyze and fix vulnerabilities
4. notify appropriate parties
5. take proactive steps to avoid future breaches