Page 458 - Using MIS
P. 458

426       Chapter 10  Information Systems Security

        monitoring, continuously watch their credit, and fill out paper-  Questions
        work if fraudulent charges appear on their statements.    10-8.  Why did the attackers spear-phish a contractor to
           Insurance premiums for organizations other than Target    Target?
        will probably go up as well. Insurers may believe that more
        data breaches like this will occur in the future. Insurers will     10-9.  Explain how a third-party contractor could weaken an
        demand higher premiums, stricter controls, and more system   organization’s overall security.
        auditing from organizations.                           10-10.  Describe how data was stolen from Target.
           Just like car accidents, data breaches may not be viewed
        as important until after they occur. The data breach affected    10-11.  How might a data loss at one organization affect other
        Target enough that it’s upgrading its infrastructure, changing   organizations?
        internal systems, and looking for a Chief Information Security    10-12.  Explain why large organizations are attractive targets
        Officer (CISO). 28                                           for attackers.
           Will there be a more severe data breach in the future?
        Probably. Are organizations ready for it? Based on past perfor-   10-13.  Why might chip-and-pin cards reduce this type of theft?
        mance, we won’t be ready for it until after it happens.  10-14.  Why didn’t Target have a CISO before the data breach?








         MyMISLab       ™
         Go to mymislab.com for Auto-graded writing questions as well as the following
         Assisted-graded writing questions:
         10-15.  Suppose you need to terminate an employee who works in your department.
                Summarize security protections you must take. How would you behave differ-
                ently if this termination were a friendly one?
         10-16.  Read about MapReduce and Hadoop on pages 365–366 of Chapter 9 if you
                have not already done so. Is MapReduce suitable for password cracking?
                Explain your answer. Assume that it is. If it takes 4.5 years for one computer
                to crack a password, how long will it take 10,000 computers to crack one
                using Hadoop? If it takes 2 million years to crack a password, how long will it
                take 10,000 computers to crack one? What does this tell you about password
                construction?



























        28 Dune Lawrence, “Target Taps an Outsider to Revamp IT Security After Massive Hack,” BusinessWeek, April 29, 2014, accessed June 4, 2014,
        www.businessweek.com/articles/2014-04-29/target-turns-to-an-outsider-for-cio-bob-derodes-to-revamp-it-security-after-massive-hack.
   453   454   455   456   457   458   459   460   461   462   463