The private sector case study highlights the case of credit card information theft in a hamburger franchise through an insecure Wi-Fi hotspot connection. The following case study underlines the security framework compliance failure. PCI DSS framework was violated on four network segregation requirements, penetration testing, monitoring, and virus scanning (Bhardwaj et al., 2016). As a result, the failure to comply with the security framework led to a breach in security that a thief used. The example of a public sector security violation shows an even greater degree of carelessness. Snowden was able to access an immense amount of classified information free of charge. The following situation would not happen if only somebody checked the log reviews, access violations, or extracted documents once a month. On the other hand, the critical infrastructure employed a successful security framework COBIT to achieve better results with limited resources. The case study proves the necessity for careful allocation of resources and focuses on value to achieve better results through applying a proper framework.
Security policy frameworks are specifically designed to control the risks and avoid security breaches. Some simple policies that are regularly employed show significant results in the case studies. The complete negligence of security and essential compliance led to adverse consequences while using COBIT in challenging conditions allowed to enhance security. However, no matter what security policies are used, the system is never 100% safe because of its end-users (Straver & Ravesteyn, 2018). People make mistakes due to their human nature and are inevitable despite the degree of company organization and security programs.
References
Bhardwaj, A., Subrahmanyam, G. V. B., Avasthi, V., & Sastry, H. (2016). Design a resilient network infrastructure security policy framework. Indian Journal of Science and Technology, 9(19), 1-8.
Straver, P., & Ravesteyn, P. (2018). End-users compliance to the information security policy: A comparison of motivational factors. Communications of the IIMA, 16(4), 1.