quick case study for the cybersec folks here. got this real story in my dpo class & wanted ur thoughts.
IT guy at a bank, last day of his notice period. a trainee saw him puttin some CD-ROMs in his bag & told security. they checked him at the exit and found a full export of the bank's top clients on the discs. guy got fired for gross misconduct & a police complaint was filed.
any red flags or stuff that stands out to u technicaly or otherwise ? i have my own ideas on this cas but curious what u guys think first?
thx 😎
def a rookie move! ^^ thx for the reply, appreciate it! yeah this case raises so many questions & i'm just guessing here. clearly a ton of security issues.
"Why was it a trainee... notifying security?" totally agree. besides the CDs, my main trigger was the trainee reporting it directly to security, skipping any manager or coworker. why? and why did no one else notice anything? makes me wonder if it’s really a single-man job... accomplices in the team maybe?
"Are there protocols in place...?" i d assume protocols exist but were bypassed. plugging in an external burner would def raise eyebrows or trigger dlp/edr. so i bet the workstations had built-in drives. in my dpo class, everyone just laughed bc it’s "old tech" nobody uses anymore... maybe the cybersec team thought the same? blocked usbs & set protocols for ports but underestimated optical? i have gen z students in my opsec classes who don't even know what a tower's cd-player is if i show them a photo. or they know it’s a player but don't realize it's a burner too.
what's ur take?