100%(2)2 out of 2 people found this document helpful
This preview shows page 1 - 2 out of 3 pages.
Sumaia Akhand Sept. 26, 2019 CS 3580 Professor Brown Cybersecurity Ethics HW Case Study 2: Question 2.1: Of the ten types of ethical challenges for cybersecurity practitioners that we listed in Part Two, which of those types does the Equifax case study potentially involved? Explain your answer. -Ethical challenges in security breach vulnerability because the Equifax data breach problem could have been prevented if certain executives had followed the company's code of ethics. -Ethical challenges in data storage and encryption because the security researchers investigating the general quality of Equifac's cybersecurity efforts discovered that one at least of Equifax's system in Argentina was an unsecured network and was allowing logons with the eminently guessable ‘admin/admin’ combination of username and password, and giving intruders ready access to sensitive data including 14,000 unencrypted employee usernames, passwords and national ID numbers. -Ethical challenges in balancing security with other values and also with accountability for cybersecurity because Equifax did not inform customers about the data breach. Customers need to make changes and set up alerts as quickly as possible to prevent harm. Question 2.2: What significant ethical harms are involved in the Equifax case, both in the short-term and the long-term? Who are some of the different stakeholders who may be harmed, and how? -Privacy harm: many customers personal data was stolen -Customers were harmed as their personal information was stolen -Equifax was harmed since they were accountable and responsible for the customers data Question 2.3: What do you imagine might be some of the causes of Equifax’s failure to adopt more stringent cybersecurity protections and a more effective incident response? Consider not