Nguyễn Bình – BABAWE19001 – MIS Final Exam

Part 2: Case Study: Is the Equifax Hack the Worst Ever -

and Why ?

Question 1:

Equifax experienced a harmful data breach due to various security and control weaknesses. The
organization concentrated on its data storage capabilities and failed to improve its technical
space. Equifax had ignored the opportunity to eliminate the risks associated with Apache Struts
vulnerability. Hackers focused on Equifax security systems’ weaknesses to access important
information from the company. For instance, an attacker was capable to access credit-report data
between April 2013 and January 2014 from the enterprise. Additionally, Equifax demonstrated
poor performance in website and security services. Equifax operated expired websites or those
with errors and security issues. For example, in February 2017, the company revealed that a
technical issue undermined the vital credit data of many consumers who employed LifeLock’s
identity-theft protection services. The Equifax data breach caused significant damage to
consumers’ sensitive personal and financial information. The hackers gained access to vital
pieces of information that could help them commit fraud.

Question 2:

Different management, organization, and technology factors contributed to the Equifax

data breach. The company’s management had sufficient information to eliminate Apache Struts'
weakness but failed to respond immediately. Moreover, the firm’s executives continued to run
the business after the certificates expired, which caused a lack of secure and legitimate validation
control of users’ connection with its websites. The organization refused to disclose important
information about the breach, which led to the adverse impact of the attack. Equifax’s
competitors discovered that the company used expired website systems that lacked technological
abilities to satisfy the demands of its development and growth. Due to the management,
organization, and technology factors, hackers were able to access the Equifax system and steal
consumers’ vital information, such as home addresses, social security, and DOB.

Question 3:

The Equifax hack made a damaging financial and legal impact. The fact that attackers
gained access to more than a hundred million US consumers’ personal information contributed to
a significant issue in society. The company experienced a third stock market value drop of its
original one, and it was forced to offer its consumers a free year of credit protection services.
Equifax announced that the attack harmed more than 2 million consumer's driving license
numbers and names. Besides the consumers suffering from long-term identity theft, they
experienced a permanent effect on losing critical information, such as DOB, social security
number, debt, and address history. The Equifax attack led banks to replace many credit cards,
which contributed to not only high expenses but also lawsuits. Despite the available financial and
legal challenges, the regulatory environment became humane for Equifax with the help of the
current administration. In the end, the consumers will be impacted most.

Question 4:

To prevent future data breaches, companies need to adopt high-security IT controls

systems. Organizations, such as Equifax, should hire skilled and experienced IT and
cybersecurity personnel to overcome risks associated with cybercrime. Firms should always keep
upgrading their security control systems. Although cyber-attacks keep happening, firms should
focus on eliminating the consequences connected to the hacks and update their websites and
security structures to prevent and eliminate attacks. Therefore, businesses should investigate and
take action whenever a sign of identity theft or fraud is recognized

Part 1: Answer the questions:

Question 3: How has e-commerce transformed marketing.

 Explain how social networking and the wisdom of crowds help companies improve
their marketing. 

- creating sites where thousands of people can interact offers business firms new ways to market
and advertise products and services and to discover who likes or dislikes their products

- wisdom of crowds: large number of people can make better decisions about a wide range of
topics or products than a single person

-actively seeking customer comments builds trust and sends a message to customers that the
company cares what they think and that their advice is valuable

 Define behavioral targeting and explain how it works on individual websites and on
advertising networks. 

- refers to tracking the clickstreams of individuals for the purpose of understanding their interest
and intentions

- to expose them to advertisements uniquely suited to their behavior

-websites collect data on visitor browser activity and store it in a database

- firms analyze this information about customer interests and behavior to develop precise profiles
of existing and potential customers

 Define the social graph and explain how it is used in e-commerce marketing.
 - a deception of all the people you know and all the people they know

- a mapping of all significant social relationships

- the products and services you buy will influence the decisions of friends, and their decisions will
also influence you

- word of mouth theory in digital format

Question 2: List and describe the three operations of a relational Database Management System (DBMS)

- In a relational database, 3 basic operations are used to develop useful sets of data: select,
project and join.
+ Select operation creates a subject consisting of all records in the file that meet stated criteria.
In other words, select create a subset of rows that meet certain criteria.
+ Join operation combines relational tables to provide the user with more information that is
available in individual tables.
+ Project operation creates a subset consisting of columns in a table permitting the user to
create new tables that contain only the information required.

Question 1: List and describe the components of IT infrastructure that firms need to manage

- IT infrastructure today is composed of seven major components. Example of products for each
component are given to illustrate these components.
+ Internet platforms – Apache, Microsoft, IIS, .Net, UNIX, Cisco, Java computer.
+ Hardware platforms – Dell, IBM, Sun, HP, Apple, Linux machines.
+ Operating systems platforms – Microsoft windows, UNIX, Linux, Mac OS X.
+ Enterprise software Applications – (including middleware), SAP oracle, Peoplesoft Microsoft,
BEA networking/Telecommunications – Microsoft Windows server, Linux, Novell, Cisco, Lucent,
Nortel, MCI, AT&T, Verizon.
+ Consultants & system integrators – IBM/KPMG, EDS, Accenture.
+ Data management and storage – IBM DB2, Oracle, SQL server, Sybase, My SQL, EMC systems.