Microsoft Word document, uploaded to eLearning.
1. Review the report, Equifax-Report.pdf
2. Provide responses to each of these questions:
a. What is a credit reporting agency? Describe their business model and the positive and negative aspects of that model in relation to the average citizen living in the United States? What are the biggest assets of a credit reporting agency?
b. Summarize the circumstances of the incident described in the report. Describe the sequence of events and failures that resulted in the loss of confidential information assets.
c. Who were the persons most significantly involved in the incident? Explain their roles and responsibilities, as well as your analysis of their behavior. Did each act appropriately?
d. How many customers were impacted by the incident?
e. Why do you think the incident was not reported to impacted victims sooner? Do you agree with the handling of the incident?
f. What do you consider the appropriate protection or compensation to provide to victims impacted by the theft of data from Equifax? If credit report monitoring is offered, how long should that service be provided at no cost to the victim?
g. What do you suggest to be the appropriate role of government in large security events with broad impact across the population?
h. What are 5 improvements that would help Equifax avoid an incident like this in the future? Refer to security controls that you have learned about this semester.
i. Should we, as persons who may appear in credit reporting agency records, have the ability to “opt out” of services?
j. Did you learn anything unexpected by reviewing the Equifax report?