SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsIn May 2015 it was widely reported that United Airlines detected a systems breach thatcompromised its customers' flight records, in addition to other data. This theft ofpassenger manifests is believed to have been perpetrated by the same attackers that stoleup to 21.5 million social security numbers from the U.S. Office of PersonnelManagement (OPM) and medical records from Anthem Blue Cross in 2014-2015. Usingopen-source internet research methods, this paper examines the nature of the breach, andproposes specific near, mid and long-term actions that should be taken by UnitedAirlines' senior security staff, using the Top 20 Critical Security Controls, to mitigate theimpact of the system breach and to reduce the likelihood of further incidents. This paperis written from the view of an external security consultant addressing United Airlines'senior security staff via a formal, written report.