The National Institute of Standards and Technology (NIST) provides an
extensive amount of information, resources, and guidance on IT and information
security topics. The Federal Information Security Management Act (FISMA)
provides standards and guidelines for establishing information security within
federal systems. However, there have been, and continues to be, numerous
security incidents including data breaches within federal systems. Review the
information about FISMA at the NIST Website, located at http://csrc.nist.gov/groups/SMA/fisma/index.html. Additionally,
review the information, located at http://www.govtech.com/blogs/lohrmann-on-cybersecurity/Dark-Clouds-Over-Technology-042212.html,
about the data breaches within government systems.
Select one (1) of the data breaches mentioned to conduct a case analysis,
or select another based on your research, and research more details about that
incident to complete the following assignment requirements.
Write a three to five (3-5) page paper on your selected case in which
- Describe the data breach incident and the primary causes of the data
- Analyze how the data breach could have been prevented with better adherence
to and compliance with regulatory requirements and guidelines, including
management controls; include an explanation of the regulatory requirement (such
as from FISMA, HIPAA, or others).
- Assess if there are deficiencies in the regulatory requirements and whether
they need to be changed, and how they need to be changed, to mitigate further
data breach incidents.
- Use at least three (3) quality resources in this assignment. Note: Wikipedia
and similar Websites do not qualify as quality resources.