GROUP DISCUSSION

Group 2 : Lalith, Maitry Patel, Tharun Lagadapati, veeranjaneyulu singu

NOVEMBER 18, 2024

INFORMATION SECURITY
New England College
1.What are the main components of a network security architecture?
a) Network Devices
b) Transmission Media
c) Protocols
d) Topology
e) Clients and Servers
f) Data Storages
g) Security Mechanisms
h) Network Interfaces
i) Cloud or Virtualization Components
j) Management Software

a) Network Devices:

Firewalls stand between your company's private network and the public internet. It monitors

both incoming and outgoing network traffic and independently allows or blocks traffic based

on a predetermined set of rules. Some of the rules could be to deny access to unwanted

incoming traffic from specific IP addresses, allowing access only to trusted sources. Most

firewalls will come out-of-the-box with a listing of untrusted IP addresses to protect against

well-known threats. A network administrator can also whitelist and blacklist certain domains

in order to configure network security rules to the company's needs. Configuring firewalls

beyond their respective defaults is always a configuration best practice in order to further

harden network security.

b) Transmission Media

Wired Media: It includes copper cables-like Ethernet and fibre optic cables that provide very

high-speed and reliable connections. Wireless Media: It employs radio waves, such as Wi-Fi

and Bluetooth, or satellite communications to provide flexibility and connectivity without

necessarily using cables.

2. Research a recent data breach. What were the causes of the breach? What were the
consequences? What could have been done to prevent the breach?

The Ticket Master Breach:

On May 15, 2024, Ticketmaster confirmed the breach of their security affecting over

40 million users. Researchers of incident response said the threat actors breached the company's

internal network by exploiting a vulnerability in the customer service portal; after gaining

unauthorized access the attackers have exfiltrated huge volumes of customer data, full names,

email addresses, payment details, and history regarding purchased tickets. This included the

swift action that was taken by Ticketmaster in closing down affected systems, informing

customers, and working with cybersecurity experts in an attempt to investigate the breach.

Despite all these efforts, the damage had already been done, and the data stolen soon started

popping up for sale in dark web forums shortly after the attack.

Consequences: The ticket master data breach in May 2024 saw very serious ramifications for

the company and its customers: Customer Impact: Sensitive data, including names, e-mail

addresses, physical addresses, and partial credit card information of more than 500 million

users, were stolen. This exposed those users to a number of identify-theft and financial-fraud

risks. Reputation Damage: Community reputation at Ticketmaster was badly marred. A breach

of this nature, on such a huge scale, would surely have shaken the confidence of the customers

in the platform and might therefore decrease user interaction and sales. Legal and Financial

Consequences: The breach exposed the company to possible class-action lawsuits and

regulatory scrutiny. Laws on data protection, such as the GDPR in Europe, may even lead to

heavy fines for this type of incident. Wider Implications: This is one of the largest breaches

that happened in recent times, pointing toward vulnerabilities in the practice of customer data

protection. It strongly underlined the importance of cybersecurity measures in order to prevent

similar attacks.
Prevention: The Ticketmaster breach is a stark reminder of the persistent threat posed by

cybercriminal groups like Shiny Hunters. Indeed, organizations should stay on their toes; they

will need to be up to date in security matters and teach employees about the latest cyber threats.

3. Discuss the importance of mobile device management solutions.

1) Increased Security Data Protection: MDM ensures that sensitive corporate information

stored on mobile devices remains safe through encryption, remote wiping, and secure access

protocols. Threat Mitigation: It prevents unauthorized access malware, which are usually used

to attack the mobile phone through viral phishing.

2) Regulatory Compliance: MDM solutions offer organizations a way to ensure compliance

with data protection regulations like GDPR, HIPAA, and CCPA through the regulation of

storing and accessing sensitive information on mobile phones.

4. Discuss the importance of cybersecurity awareness training. What topics should be covered

in such training?

Risk Reduction: Users will learn to identify phishing emails, suspicious links, and other attack

vectors. The risk of successful breaches will be greatly reduced.

Compliance - Training provides the needed leverage in cases concerning regulatory

compliance, such as GDPR, HIPAA, or CCPA, without legal risks being at large.

Incident Response: Educated staff can take quick action on incidents themselves and may

minimize further damages or downtime. Cultural Shift: Establishes a security conscious work

environment that fosters proactive protection of sensitive data.