Heartland Breach
migzs
HeartlandBreach.docx|
Points: 50 |
Case Study: Heartland Breach |
|||
|
Criteria |
Unacceptable Below 70% F |
Fair 70-79% C |
Proficient 80-89% B |
Exemplary 90-100% A |
|
1. Explain whether you believe adherence of regulations such as PCI are enough to protect a company from these types of breaches and why or why not. Weight: 20% |
Did not submit or incompletely explained whether you believe adherence of regulations such as PCI are enough to protect a company from these types of breaches and why or why not. |
Partially explained whether you believe adherence of regulations such as PCI are enough to protect a company from these types of breaches and why or why not. |
Satisfactorily explained whether you believe adherence of regulations such as PCI are enough to protect a company from these types of breaches and why or why not. |
Thoroughly explained whether you believe adherence of regulations such as PCI are enough to protect a company from these types of breaches and why or why not. |
|
2. Give your opinion on whether companies should formulate security controls based on anti-cybercrime techniques, such as end-to-end encryption, or those based purely complying with industry regulations. Provide a rationale with your response. Weight: 20% |
Did not submit or incompletely gave your opinion on whether companies should formulate security controls based on anti-cybercrime techniques, such as end-to-end encryption, or those based purely complying with industry regulations; did not submit or incompletely provided a rationale with your response. |
Partially gave your opinion on whether companies should formulate security controls based on anti-cybercrime techniques, such as end-to-end encryption, or those based purely complying with industry regulations; partially provided a rationale with your response. |
Satisfactorily gave your opinion on whether companies should formulate security controls based on anti-cybercrime techniques, such as end-to-end encryption, or those based purely complying with industry regulations; satisfactorily provided a rationale with your response. |
Thoroughly gave your opinion on whether companies should formulate security controls based on anti-cybercrime techniques, such as end-to-end encryption, or those based purely complying with industry regulations; thoroughly provided a rationale with your response. |
|
3. Suggest at least three (3) additional security controls and techniques based on the Heartland and similar breaches such as TJX. Provide an explanation for your suggestions. Weight: 25% |
Did not submit or incompletely suggested at least three (3) additional security controls and techniques based on the Heartland and similar breaches such as TJX; did not submit or incompletely provided an explanation for your suggestions. |
Partially suggested at least three (3) additional security controls and techniques based on the Heartland and similar breaches such as TJX; partially provided an explanation for your suggestions. |
Satisfactorily suggested at least three (3) additional security controls and techniques based on the Heartland and similar breaches such as TJX; satisfactorily provided an explanation for your suggestions. |
Thoroughly suggested at least three (3) additional security controls and techniques based on the Heartland and similar breaches such as TJX; thoroughly provided an explanation for your suggestions. |
|
4. Determine the types of monitoring that could be implemented to help quickly identify penetrations and hurdle the “point-in-time” security protections that regulations, such as PCI, provides. Weight: 20% |
Did not submit or incompletely determined the types of monitoring that could be implemented to help quickly identify penetrations and hurdle the “ point-in-time” security protections that regulations, such as PCI, provides. |
Partially determined the types of monitoring that could be implemented to help quickly identify penetrations and hurdle the “point-in-time” security protections that regulations, such as PCI, provides. |
Satisfactorily determined the types of monitoring that could be implemented to help quickly identify penetrations and hurdle the “point-in-time” security protections that regulations, such as PCI, provides. |
Thoroughly determined the types of monitoring that could be implemented to help quickly identify penetrations and hurdle the “point-in-time” security protections that regulations, such as PCI, provides. |
|
5. 2 references Weight: 5% |
No references provided |
Does not meet the required number of references; some or all references poor quality choices. |
Meets number of required references; all references high quality choices. |
Exceeds number of required references; all references high quality choices. |
|
6. Clarity, writing mechanics, and formatting requirements Weight: 10% |
More than 6 errors present |
5-6 errors present |
3-4 errors present |
0-2 errors present |
