Minimizing Damage From J.P. Morgan's Data Breach

Data breaches should not happen to large banks like J.P. Morgan who spend $250 million on security every year. This paper will explore in depth what J.P. Morgan could have done better to prevent and minimize the theft of 83 million customer records by applying techniques from defense-in-depth. In addition to addressing the human factor that enabled hackers to enter J.P. Morgan's network, implementing security measures to stop malware from using employees' computer as entry point, fine-tuning access control, performing better detection of hackers inside the corporate network, and regular pen-testing for catching vulnerabilities are some of the necessary steps needed to strengthen J.P. Morgan's network.