Over the past ten to fifteen (10-15) years, there have been many security breaches at major organizations. In many cases, the result becomes the demise of the organization. Recently, a certificate hacking incident at DigiNotar resulted in the demise of the company. Read the article titled “DigiNotar dies from certificate hack caper”.
Imagine you are an Information Security Manager in a medium-sized organization and your CIO has asked that you provide an analysis of DigiNotar’s certificate hacking incident and what it means to your organization.
Write a three to five (3-5) page paper in which you:
Summarize the security breach and explain its significance to a medium-sized IT consulting company, in regard to the importance of protecting the privacy of their customers.
Analyze DigiNotar’s initial response to the incident as well as their later responses to the incident.
Suggest how DigiNotar could have better handled this security breach.
Analyze the laws and regulations involved with this incident and describe the controls that your organization needs to implement to ensure they are compliant.
Describe the non-technical factors that impacted DigiNotar in this incident and how those factors are similar in your organization and how they are different in your organization.
Describe the elements that need to be included in the organization’s IT audit plans and framework to ensure that this type of incident, and other privacy-related incidents, do not occur in the organization.
Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
the required website is: http://www.computerworld.com/article/2511297/security0/diginotar-dies-from-certificate-hack-caper.html . each question is a header.