Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Banking System Breach Case Study ABCXYZ Bank is a regional bank with internation

ID: 3726459 • Letter: B

Question

Banking System Breach Case Study

ABCXYZ Bank is a regional bank with international branches around the world. Recently, unknown hackers broke into the bank's systems and stole confidential data about many clients. This included their full personal information, credit card numbers, details of their accounts and the recent transactions they made. They also stole a number of documents that were proprietary to the bank.

The hackers published some of the stolen data. They did not seek any benefits from this; they just wanted to show-off and damage the bank's repetition. They promised to publish more data and share the proprietary documents. The bank was under fire from the media, the public and the regulatory bodies.

Top management panicked and had an emergency meeting to decide on suitable actions. They also needed to prepare a public statement about the incident.

The bank's CEO suggested playing down the magnitude of the attack by stating that while a small portion of the leaked data was accurate, most of it was fabricated. This was not the case, as all the data leaked was in fact both accurate and recent. He further suggested claiming that the magnitude of the attack was very limited and that the IT security team managed to stop it. He further proposed stating that all clients' data is now secure and no further attacks can ever happen in future.

In this Assignment, you will analyse the legal and regulatory as well as the ethical and professional responsibilities of the bank in this case. You will then reach a conclusion as to whether the bank should proceed with the CEO’s suggestion in order to save its repetition.

To prepare for this Assignment:

Review the Learning Resources for week 2, particularly the resources on codes of conduct and professional practice for IT professionals.

Review the Learning Resources , especially the resources on data protection acts and regulations.

Research the relevant laws and regulations in your region.

Research similar cases where banking systems were breached and the reactions from banks and regulatory bodies. For example, see this article:

Goldstein, M., Perlroth, N. and Sanger, D.E. (2014) ‘Hackers’ attack cracked 10 financial firms in major assault’, The New York Times, 3 October. Available at: https://dealbook.nytimes.com/2014/10/03/hackers-attack-cracked-10-banks-in-major-assault/?mcubz=0 (Accessed 17 August 2017).

Submit a paper in which you address this scenario by:

Discussing the relevant laws and regulations that apply to the given scenario in your region or a region of choice.

Analysing the current situation of the bank and the various pressures and factors that need to be considered in making the decisions.

Analysing the impact of the stolen proprietary documents in terms of a breach of intellectual property laws.

Determining what the legal and regulatory obligations of the bank are in this scenario.

Examining what the ethical and professional responsibilities of the bank are in this scenario.

Addressing the main question, which is whether the bank should proceed with implementing the CEO’s proposals to save its repetition and avoid further reputational damage. Justify your answer in the light of IT professional and ethical practices and relevant legislations and regulations in your region.

Discussing alternative decisions that bank could take and their impact.

Your document should have 750-1,000 words (not including the list of works cited). Cite and reference all sources using the Harvard referencing style

Explanation / Answer

Let us take the example of United States of America.

The Consumer Data Security and Notification Act amends Gramm-Leach-Billey Act to entail leak of security breaches by the financial institutions.

Cyber security regulations similar to California's Notice of Security Breach Act for institutions that uphold personal information have also been introduced. The information Protection Security Act requires data brokers to "make sure data accuracy and confidentiality, authenticate and trach users, detect and prevent unauthorized activity and lessen potential harm to the individuals".

In the present situation the Bank is under a great pressure which includes pressure of the government, clients, and media. So the bank has to take a sensible decision taking into account all the mentioned factors so as to reduce the effect of the breach and avoid to spoil the reputation of the bank in the market.

The personal data like contact number, credit card numbers, particulars of the account and even the latest transactions has been stolen, so under the intellectual property law, it is a very big breach for an organization or even an individual and is a criminal offense which must have an effect in the prosecution of the guilty.

As per the legal obligation and regulations:

First, the importance of enabling cyber security, information sharing has to be emphasized.

Second, to account the data breaching to consumers if their personal information is sacrificed. So, that the consumers are aware of the situation when they are in danger and identity theft.

In the above scenario the bank is bound to these obligations.

In the above situation, ethical and professional responsibility of the bank is to reveal to its customers about the breach clearly and about its impact also, so that customers can take correct action to avoid damages (both personal and monetary). It also shows the honesty and loyalty of the bank to the customers and proves that they are professionally and ethically strong.

The CEO's suggestion seems to be a genuine one to prevent the disapproval of the bank from government, customers and media. It will downsize the amount of pessimistic reputation of the bank which it will have to face, if it discloses all the information related to the breach.

But, as we know that CEO is faking the facts and the truth is that all the information .So, hackers may post more data about the customers sooner or later, everybody will come to that bank lied about the information breached and if this really happens, it will lead to a legal action against the bank officials and will lead to the closing of the bank.

The alternative solution can be to disclose all the breach information to the customers and fabricate some facts (real and virtual) to the media and government so that the reputation of the bank will not get disfigured.

Related Questions

Bank loan to take cash discount The Reynolds Corporation buys from its suppliers
Question #2648338
Bank manager Art Hill wants to determine the percent of time that tellers are wo
Question #368501
Bank manager Art Hill wants to determine the percent of time that tellers are wo
Question #431815
Bank of Albany loaned Berkner Paint Company $1.650,000 on May 1, 20X0. The loan
Question #2615938
Bank of America Assets Liabilities Current Assets Current Liabilities Cash and C
Question #2766423
Bank of America Corporation and Subsidiaries Consolidated Statement of Cash Flow
Question #2516192
Bank of America has a new division called BankofAmerica Apps. They produce Banki
Question #2674772
Bank of America has determined that customers charge between $100 and $1, 100 pe
Question #3182167
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Banking Project Must be in C++ Design and implement a hierarchy inheritance syst
Next
Banking System This system tracks customers’ accounts in a bank, The system prov

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.