Case 1.

A. What is the write up all about? What technology-related issues are apparent?

>The write up all about how two individuals downloaded data from a third-party cloud
server used by Uber, which contained names, email addresses and mobile phone numbers of 57 million
users (about twice the population of Texas) around the world. Uber waited almost a year before publicly
disclosing the breach. This will lead to privacy issues that not only the drivers but the company itself will
need to handle.

B. What possible impacts or problems may arise in conjunction with the data breach?

> This problem will cost the trust of not only the consumers, but the people who are
working in Uber. I know that Uber offers cheap prices for the people who are using it, but this problem
causes their business to shut down. Many drivers will not trust them anymore because they already
have an idea that if ever, they fill up all their information for Uber, it will be leaked. They will totally lose
their trust because a big company like Uber is easily penetrated by public hackers.

C. How can Uber Technologies, NC and other similar businesses prevent such from happening
again? What measures can you recommend?

>For this, I think they need to improve their general security. I’ve heard about this issue
when it was publicized, and I was shocked how easily their system penetrated. They can use techniques
likes better architecture, firewalls, VPNs, traffic monitoring and restriction, and even routine updates
can make a big difference.

D. Considering this scenario, would you consider technological developments as advantageous? Why
or why not? Justify your responses.

>Yes! Technological development as solutions provides digital protection to your business

that will ensure your employees aren’t at risk from potential threats such as hackers. It will ensure that
your business is secure from cyber threats and will also help to protect your customers, who could be
susceptible to a cyber breach by proxy.

Case 2.
A. What is the write up all about? What technology-related issues are apparent?

>Orbitz has announced that it discovered a potential data breach that exposed information
for thousands of customers. The incident, discovered by the company on March 1,2018, may have
exposed information tied to about 880,000 credit cards. The Expedia-owned company says that names,
payment card information, dates of birth, e-mail addresses, physical billing addresses, gender, and
phone numbers may have been accessed, but it doesn’t yet have “direct evidence” that any information
was taken from the website.
 B. What possible impacts or problems may arise in conjunction with the data breach?

>Since travel agencies are one of the motivators of a traveler to travel because of the
convenience when planning a trip, this will cause lowered numbers of travelers. And we all know that
tourism is one of the reasons why the economy of a country goes up. This will also cause the business of
Orbitz because instead of going to their travel agency, people will choose another famous travel agency
like Expedia to book their trip. This will also cost cutting of employees because they won’t need more
employees if they don’t' have a customer.

C. How can Orbitz, and other similar businesses prevent such from happening again? What
measures can you recommend?

>It is important to act immediately, especially this one which includes credit card
information of the customers. Every state has specific reporting requirements regarding how quickly
customers need to be notified of a data breach, with some giving as little as seven days to inform
consumers. Investigate why the breach happened, including compiling information on where and when
it occurred and what data was lost. Business owners may want to consider hiring a professional security
consultant to perform the investigation.

D. Considering this scenario, would you consider technological developments as advantageous?

Why or why not? Justify your responses.

>Of course. Since our Technology keeps on advancing, it might help a business to avoid
this kind of problem and the business owners should know how to response immediately. The biggest
problem with not having an incident response plan is that you do not know how to respond when you
are under a cybersecurity attack or dealing with the data breach aftermath. This can delay your response
and can increase the damage the data breach or cybersecurity attack can do to your business.