CS 257 - Case Study: Real-World Security Breach
| Assigned: | Monday October 19 |
| Selection Deadline: | Thursday November 12, 11:59pm |
| Paper Deadline: | Thursday December 3, 11:59pm |
Goal
This course covers a variety of topics directly related to information
security as applied in the real world. Technological advances are
enabling new applications and at the same time creating new
vulnerabilities. In recent years, we have witnessed a surge in
serious security breaches. The scale and effects of security breaches
seem to be ever increasing. The purpose of this assignment is to
become familiar with the current security breaches landscape through a
careful analysis of a select real-world security breach.
What to do
There are two parts to this assignment: a selection of the security
breach you want to cover and a case study of that security breach.
Security breach selection
First, research significant security breaches that happened in the
last couple of years (no more than 5 years) and decide on one that you
would like to analyze. Make sure you select a security breach that you
can analyze on a deeper level and one that you can find sufficient
information on.
Here are some links that you might find helpful in selecting a breach to cover:
Once you have made your selection, submit the following in a single PDF file:
- A single-sentence description of the breach (for example, “2015 Target Security Breach of
Customer Financial Information”).
- A one-paragraph description of the breach.
- At least 3 references that you used to familiarize yourself with the breach you selected.
Case study
You should prepare and submit a case study of the security breach you
selected, unless I notified you the security breach you chose is not
appropriate. (This is unlikely to happen but reach out to me before
the selection deadline if you are concerned about selecting an
appropriate breach to cover.)
The case study should take the form of an essay. Your essay should be
at least 500 words long and should thoroughly analyze the security
breach. At the minimum, you should include the following information:
- institution(s) involved in the security breach,
- a description of the incident,
- affected parties (e.g., customers, employees, others),
- types of information exposed in the breach,
- technical grounds underlying the breach,
- how the institution handled and responded to the breach,
- how the affected parties and/or the public reacted to the breach,
- impacts on the company (e.g., financial, legal, social).
Your case study must have a bibliography, and it must cite
references. Your bibliography must include enough information to allow
us to locate the sources. For example, just saying “Wikipedia” is not
enough. You would need to give the URL or search term or whatever that
would enable a knowledgable reader to locate the document. Please
refer to the Yale College Writing Center guidelines on using sources
for further information.
How to submit
There are two parts to this assignment and therefore two due dates and two submissions.
- Please submit your selection electronically using the Case Study: Selection Assignment on
Canvas by 11:59pm on Thursday, November 12, 2020.
- Please submit your essay electronically using the Case Study: Essay Assignment on
Canvas by 11:59pm on Thursday, December 3, 2020.
For each, be sure to submit a PDF file and include your name and date
inside the file itself as part of the document so that it will show if
the paper is printed. assignment name, e.g., <yournam>-paper.pdf
or <yournam>-paper.pdf. Create pdf
files yournetid.cs257selection.pdf and
yournetid.cs257casestudy.pdf
If you have trouble submitting, ask the instructor or the TA for
help. Do not submit by email. For guidance on how to write a good
essay, look at the Yale College Writing Center’s page, Components of a
Successful Essay