ISOL 536 – Residency Project
Equifax is one of the three major credit bureau that stores personal and business credit
profile information1. Organizations rely on Equifax credit data in order to make pertinent
financial lending decisions. In 2017, Equifax revealed that a data breach exposed the sensitive
personal information of 143 million Americans2.
In 2018, Equifax budgeted to spend $200 million on security and technology projects for
In this case study, assume that you work for an Information Technology Security firm in Atlanta
and your company has been hired to provide a threat model of Equifax consumer and business
data and provide remediation to address the security issue.
Create 20 pages written paper and 25 pages PowerPoint presentation document to address the
Your Company Information
▪ Company profile ▪ Leadership profile and expertise
▪ Equifax company background and history ▪ Discuss Equifax 2017 data breach
o Discuss the impact of the security incident
1 https://www.equifax.com/about-equifax/ 2 https://www.ftc.gov/equifax-data-breach 3 http://fortune.com/2018/09/07/equifax-data-breach-one-year-anniversary/
o Discuss the scope of consumers and businesses affected? o Discuss how Equifax handled the security incident. o Discuss how the government handled the security incident
Threat Model Proposal
▪ Propose strategies and discuss a threat model for managing Equifax consumer and business data.
Identify Threats ▪ Find and discuss at least three threats to Equifax information systems using one of the
threat model strategies. *NOT threat types! One for data flow, one for data store, one for a process.
Manage and Address Threats ▪ Discuss and recommend at least two remediations per threat identified in the earlier
section. Closing Section
▪ Discuss the likelihood of another data breach and recommend what Equifax needs to do to be prepared and possibly avoid it.
**The Written paper must comply to APA guidelines. Provide references and citations for source.