Best Practices for Future PII Protection

BC.

The scenario describes a situation where Personally Identifiable Information (PII) was obtained by an organization, but ended up in an open forum, leading to C-level executives being victims of a whaling attack. The question asks which of the given options could prevent these issues from happening again.

Option A, implementing a reverse proxy, would not directly address the issue of PII being leaked or compromised. A reverse proxy is used to improve security and performance by intercepting requests from clients and forwarding them to servers, allowing for increased control over access to the server.

Option B, implementing an email Data Loss Prevention (DLP) solution, would be a suitable option to prevent PII from being leaked in emails. A DLP solution scans outgoing emails for sensitive data, such as PII, and prevents them from being sent. This would prevent employees from accidentally or intentionally leaking sensitive information in emails.

Option C, implementing a spam filter, would not directly address the issue of PII being leaked or compromised. A spam filter is designed to identify and block unsolicited or unwanted email messages, including those that could contain phishing attacks or malware.

Option D, implementing a host-based firewall, would not directly address the issue of PII being leaked or compromised. A host-based firewall is used to block unauthorized access to a specific device, which would not necessarily prevent PII from being leaked from other devices or networks.

Option E, implementing a Host-based Intrusion Detection System (HIDS), would be a suitable option to prevent PII from being compromised by detecting and alerting on unauthorized access attempts or suspicious activity on a specific host. This could help identify and mitigate potential attacks before they can cause damage.

Therefore, the two options that could prevent these problems in the future are implementing an email DLP (Option B) and implementing a HIDS (Option E).