Academic journal article Journal of the International Academy for Case Studies

South Carolina Department of Revenue: Mother of Government Dysfunction

Academic journal article Journal of the International Academy for Case Studies

South Carolina Department of Revenue: Mother of Government Dysfunction

Article excerpt

CASE DESCRIPTION

This case describes a successful spear phishing attack, the factors that precipitated it and the response to the crisis by top management. The primary issues concern the mismanagement of information systems security by top management, the conflict in goals between executive management and the information security professionals, and crisis response.

This case can be used to highlight several different perspectives. One perspective involves the management of information systems and information systems security, a second involves information silos, and a third concerns crisis management. This case is suitable for graduate and advanced undergraduate management information systems classes. The case has a difficulty level of five. Students should spend from ten to fifteen hours outside of class analyzing the case, depending on the breadth and depth of the analysis the instructor desires.

CASE SYNOPSIS

In 2012, the South Carolina Department of Revenue (DoR) was a victim of a spear phishing attack that led to the biggest data security breach on record for a U.S. state government. This case describes how the spear phishing attack began, what the attacker did, and the conditions that made the DoR vulnerable to the attack. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.