The case studies in this section reflect actual risks that were exploited in the real world. Each case study examines potential causes. By looking at these policies in the context of security policies, you can identify how they might be avoided.
The case studies examined in this section include:
- Private sector—Relates to leveraging PCI DSS to prevent credit card data being stolen
- Public sector—Relates to a breach by an NSA contractor that leaked details on the U.S. intelligence Internet surveillance program
- Critical infrastructure—Relates to an energy company using COBIT to better control technology growth and business risks
- Private Sector sector—Relates to an e-commerce ...