It is $2017,$ and the events of the Equifax breach are in the news on a daily basis

You work for a mid$-$sized organization that collects customer PII for online purchases. You are a key member of the CISO$$s cybersecurity leadership team and recently completed a six$-$month professional course providing a comprehensive look at the many facets of cybersecurity. Always wanting to learn from current events, your CISO reaches out to you regarding the Equifax breach.

Below is the CISO$$s email:

Good morning!

I am so glad you recently completed that cybersecurity course. I think your knowledge will really come in handy given current events.

I$$ve been watching the news lately, and I$$m getting concerned about this Equifax breach. Our CEO has been catching snippets of it as well. I know she will ask me about this in our next executive leadership meeting in two weeks. I really need to know more about this, and I need to be prepared to answer her questions when they arise. To do that, I need two things from you:

First, please write a three$-$to$-$four$-$page point paper answering the following questions:

What happened? Provide me with an overview of the Equifax breach, including the vulnerability the attackers exploited to gain access.

What organizational and governance issues do you believe contributed the most to the breach?

Based on your research and learning, what was one of the major root causes that contributed to the breach? What outstanding issue or immediate vulnerability was identified as the root cause of the breach? What specific systems or software were vulnerable to attack and exploitation?

What do you think were Equifax's major missteps in response to the breach that caused further damage?

Knowing how Equifax responded, what would you have done differently if you had been the head of its incident response team?

What are some steps you think Equifax could have taken to prevent this breach or lessen its impact? What processes or practices could have been employed or enhanced in order to effectively prevent or mitigate such an outcome?

What are the key lessons you learned from the Equifax case study? What lessons are there for other organizations $($specifically$,$ ours$)?$

Second, I need you to prepare a slide presentation highlighting the answers to the questions above. While I can$$t bring you with me$,$ I$$d like to make sure you get credit for your hard work on this. Please make a recording of yourself presenting this to the CEO so she hears about it directly from you.