Topic:
Find some data breach/security incident (from 2015 – present) that interests you. For example, if you like gaming, find data breach incidents in the gaming industry. If you’re interested in accounting, find data breach incidents in accounting, financial, and banking industries.
Do not limit to only US companies. You should expand the search.
*Note: Enron has nothing to do with data breach! If you turn in a paper that has nothing relates to cybersecurity, you will earn zero credit. Someone lost a laptop or made a mistake is not a “data breach incident”.
What should be in the project? The following is an example (Equifax) Equifax Data Breach Example.pdf, but do not limit yourself.
Part 1: Report of the incident (30% of the project/grading) (3 pages)
The company – short description of the company (no need to mention “players” like in the example)
Instruments – what kind of attack, tactics, methods
The events – exactly what happened
Outcomes – aftermath
Part 2: Shown what you have learned (45% of the project/grading) (7- 9 pages)
Ethics analysis – here is your own input and analysis on what the company should have done ethically
Recommendations – here is your recommendations in 1) policy, 2) technological, and 3) organizational point of view, etc.
Conclusion – what have you learned from it