IT 380 Module Three Case Study Analysis Guidelines and Rubric
Overview: This case study analysis will help you analyze a cybersecurity scenario and identify which principles were violated. Each skill in this paper is an essential part of the final project and accompanying milestones in this course.
Prompt: Use the articles from the Module Three required resources to analyze the cyber security occurrence, determine which principles were violated, and recommend appropriate policies to prevent recurrence.
Scenario: In February 2015, as many as 80 million customers of the nation’s second‐largest health insurance company, Anthem Inc., had their account information stolen. This compromise affected customers in at least 14 different states where Anthem provided services.
The hackers gained access to Anthem’s computer system and got information including names, birthdays, medical IDs, Social Security numbers, street addresses, email addresses, and employment information including income data. Both current and former customers were exposed during this breach.
So, while this was an attack against a medical provider and it resulted in a massive data breach, regulatory requirements were not sufficient to help prevent this breach. Because no actual medical information appears to have been stolen, the breach would not come under Health Insurance Portability and Accountability Act (HIPAA) rules, which govern the confidentiality and security of medical information.
Based on the Test Out sections from this module and the additional module resources you have reviewed, your paper should address the following critical elements:
Identification of cyber security principles that were violated and rationale of cause
Analysis of cryptography that would have helped prevent this breach
Recommendation of additional policies that would have been useful to mitigate the breach or even prevent the breach
Rubric
Guidelines for Submission: Your paper should be submitted as a 2‐ to 3‐page (in addition to the cover and reference pages) Microsoft Word document with double spacing, 12‐point Times New Roman font, and one‐inch margins. All sources must be cited in APA format.
Critical Elements
Exemplary (100%)
Proficient (90%)
Needs Improvement (70%)
Not Evident (0%)
Value
Identification of Cybersecurity Principles That Were Violated
Meets “Proficient” criteria and correctly identifies which principles were violated with empirical supporting examples
Correctly identifies which principles were violated with supporting examples
Identifies which principles were violated but supporting examples have gaps
Does not identify a single principle
30
Analysis of Cryptography and Prevention
Meets “Proficient” criteria and analysis demonstrates keen insight of cryptography and prevention methods
Analysis demonstrates accurate knowledge of cryptography and prevention methods
Analysis demonstrates knowledge of cryptography but needs additional information to support prevention ideas
Does not analyze the cryptography and prevention methods
30
Policy Recommendation
Meets “Proficient” criteria and recommendation demonstrates understanding of policies that would remedy the situation appropriately
Recommends policies to ensure proper resolution of scenario
Recommends a single policy to remedy situation but recommendation has gaps in strategic implementation
Does not recommend any policies
30
Proper Use of Writing, Mechanics, and Grammar
Paper is free of errors in organization and grammar with applicable sources cited
Paper is mostly free of errors of organization and grammar; errors are marginal and rarely interrupt the flow; cites applicable sources
Paper contains errors of organization and grammar but errors are limited enough so that assignments can be understood; cites applicable sources
Paper contains errors of organization and grammar making the content difficult to understand
10
Total
100%
0 comments:
Post a Comment