Hacking the AIS Technological advancements have predisposed many businesses across the globe to challenges related to system manipulation and hacking. Connectivity technology and the internet have eliminated almost all communication barriers that businesses and individuals faced previously. Some of the dangers and risks associated with these advancements include an increase in cyber criminals who invade into the private databases of companies and individuals. For this assignment, I will focus on JP Morgan hacking. This company is the most recent example of how a serious data breach can cause harm to not only the business but to also millions of individuals. The essay discusses the responsibility of the software provider in ensuring that the entity and its customers are guaranteed that their information is protected. Some of proposals are given for businesses such as JP Morgan so that they can ensure that their systems cannot be manipulated in future.

Background Information on JP Morgan

On October 2014, JPMorgan became a victim to cyber criminals when its systems were hacked. The incident was recorded as the largest theft of customer information from an American bank ever to happen in the US. When they broke into its computer systems, they exposed personal data of over 83 million accounts. The exposed data contained customer addresses, names, emails and phone numbers. The hackers entered the database via a compromised app which belongs to the company. This affected present account holders, former account holders, and individuals who had entered their contact details at the company’s mobile and online sites.

Company’s Level of Responsibility in Responding to the Security Breach

JPMorgan could have thwarted the data intrusion by installing a simple security fix to a server, which had been previously overlooked. The company spends huge amounts of money on computer security to protect against complex attacks like this one. However, JPMorgan seems to have ignored its responsibility. The attack started when the hackers stole the login details of one employee. This is the point at which the company could have countered the attack. A double authentication scheme called two-factor authentication could have been installed to prevent access to employees’ computers. Two-factor authentication demands a second one-time password for the user to access a protected system. Apparently, JPMorgan ignored to upgrade one of their network servers using the dual password system. This rendered the institution vulnerable to the attackers. The biggest problem is that...

At JPMorgan, this has been a cause for alarm as it is still common for names of acquired firms to pop up in search engines.
The Level of Responsibility When Third-Party Accounting System is Used

The software provider shares equal responsibility as the company affected. It was the vendor’s responsibility to build a secure network by limiting chances of being compromised by outsiders. The vendor should have prevented the attack by implementing a compartmentalized remote access method, and the hacking would have been much less serious. Also, the vendor should have detected and blocked unauthorized remote access technologies. Today, there are many digital remote access devices, which the vendor should have taken advantage of. In the case of JP Morgan, the vendor used the same port. It is their responsibility to block any unauthorized by using emerging devices such as next-generation firewalls (NGFWs) or Web filters. Usually, these methods contain upgraded applications like remote access devices which the vendor could easily blacklist. Moreover, the vendor could have tuned JP Morgan’s intrusion detection systems (IDSes) to detect such connections and alert those being initiated from within the network perimeter (In Bryant, 2016).

Additional Regulation as a Preventative Measure against Hacked Businesses

Businesses are operating in a new era of cybercrime, which threatens all machines and every internet-connect devices that companies rely on (In Bryant, 2016). The truth is that additional regulation is needed as a preventive measure against businesses being hacked. In a post-cybercrime world, no company can declare itself as wholly secure from hacking. However, they rely on some software flaws that cybercriminals have been using for years. This means that the country should get better at preventing cyber-attacks. The sad point is that companies are not motivated enough to step up their security practices even in the midst of news on attacks targeting some of the biggest corporations. In this view, the only way to prevent businesses from being hacked is through additional regulation.

The JP Morgan data breach exposed personal information of over 83 million customers. The available response measures seem to be inaccurate. The country should introduce a set of cyber security regulations requiring that each bank and financial institution must employ a chief information security officer (CISO)…