Research 1

juskickz1

Review rubric and document 

  • 2 years ago
  • 50
files (2)

RubricAssessment1.pdf

6/13/24, 5:56 PMRubric Assessment - CSIA 300 6982 Cybersecurity for Leaders and Managers (2245) - UMGC Learning Management System

Page 1 of 1https://learn.umgc.edu/d2l/lms/competencies/rubric/rubrics_assessm…4&d2l_body_type=5&closeButton=1&showRubricHeadings=0&viewTypeId=3

Discussion Rubric CSIA Course: CSIA 300 6982 Cybersecurity for Leaders and Managers (2245)

Total

Overall Score

Criteria Exceeds Meets Needs Improvement Does Not Meet Criterion Score

Quality of the Initial

Post: Expresses

coherent, well-

reasoned thinking as

supported by evidence

included in the

discussion post.

Accuracy: Specifically

addresses topics and/or

questions in the

discussion instructions.

/ 15

Quality and frequency

of interactions:

Responses in the 2

replies are substantive

and add value and

advance the

conversation.

/ 15

Timeliness: Posts initial

response by before

Sunday at 11:59 PM ET

and additional critiques

and follow-up

responses by Tuesday

at 11:59 ET.

/ 10

15 points

Posts a complete, and

coherent initial response

to the discussion prompt

that fully addresses all

the elements of the

discussion topic or

question.

Posts ideas that address

assigned topics and/or

questions and

demonstrates a creative

approach.

10 points

Posts a somewhat

coherent response to the

initial discussion topic,

but the response is

missing major points.

5 points

Covers some aspects of

the question(s) posed,

thoughts are mostly

clearly expressed or well

thought-out, but not all.

May contain some helpful

follow-through. Missing

attribution to the text or

sources where

appropriate.

0 points

Did not post or

mischaracterized

concepts or facts related

to course content. Did

not present a discernible

or reasonable logic.

15 points

Respectfully responds to

peers and/or instructor in

a timely fashion and adds

value to the conversation

by providing constructive

feedback, asking follow-

up questions, and

presenting thoughtful,

reflective comments.

Posts are timely and meet

expectations for the

frequency of posts.

10 points

Responds to a fellow

student, adding some

value to the discussion.

5 points

Peer responses have

some or minimal relevant

content, and/or are off-

topic, and/or contain(s)

no relevant information.

0 points

Does not post a response

to the topic assignment.

10 points

Posts complete and

timely responses to the

discussion topic or

question.

7 points

May miss set deadlines or

lack a sufficient number

of posts.

3 points

Did not post or respond

during the time period

allowed.

0 points

Did not post and did not

respond during the time

period allowed.

Exceeds 40 points minimum

Meets 30 points minimum

Needs Improvement 20 points minimum

Does not meet 0 points minimum

ResearchReport1-cisa300.docx

Research Report #1: Data Breach Incident Analysis and Report 

Scenario 

Padgett-Beale Inc.’s (PBI) insurance company, CyberOne Business and Casualty Insurance Ltd, sent an audit team to review the company’s security policies, processes, and plans. The auditors found that the majority of PBI’s operating units did not have specific plans in place to address data breaches and, in general, the company was deemed “not ready” to effectively prevent and/or respond to a major data breach. The insurance company has indicated that it will not renew PBI’s cyber insurance policy if PBI does not address this deficiency by putting an effective data breach response policy and plan in place.  PBI’s executive leadership team has established an internal task force to address these problems and close the gaps because they know that the company cannot afford to have its cyber insurance policy cancelled. 

Unfortunately, due to the sensitivity of the issues, no management interns will be allowed to shadow the task force members as they work on this high priority initiative. The Chief of Staff (CoS), however, is not one to let a good learning opportunity go to waste … especially for the management interns. Your assignment from the CoS is to review a set of news articles, legal opinions, and court documents for multiple data breaches that affected a competitor, Marriott International (Starwood Hotels division). After you have done so, the CoS has asked that you write a research report that can be shared with middle managers and senior staff to help them understand the problems and issues arising from legal actions taken against Marriott International in response to this data breach in one of its subsidiaries (Starwood Hotels). 

Research 

1. Read / Review the readings for Weeks 1, 2, 3, and 4. 

2. Research the types of insurance coverage that apply to data breaches. Pay attention to the security measures required by the insurance companies before they will grant coverage (“underwriting requirements”) and provisions for technical support from the insurer in the event of a breach. Here are three resources to help you get started. 

a. Woodruff Sawyer- Guide to Cyber Liability Insurance

b. Prepare Your Business with Cyber Insurance Coverage and Solutions

c. Woodruff Sawyer- Cyber 101: Understand the Basics of Cyber Liability Insurance

3. Read / Review at least 3 of the following documents about the Marriott International / Starwood Hotels data breach and liability lawsuits. 

a. Marriott Starwood Data Breach Highlights Silent Cyber Risk in Acquisitions   

b. Marriott Hotels fined £18.4m for data breach that hit millions 

c. Marriott First Response Letter   

d. What every hotel owner (and operator) needs to know about “data security” after the Wyndham Worldwide case 

e. The Marriott data breach   

f. Marriott International Update on Starwood Reservation Database Security Incident   

4. Find and review at least 2 additional resources on your own that provide information about data breaches and/or best practices for preventing and responding to such incidents.  

Write 

Write a 4-5 page report using your research. At a minimum, your report must include the following: 

1. An introduction or overview of the problem (cyber insurance company’s audit findings regarding the company’s lack of readiness to respond to data breaches). This introduction should be suitable for an executive audience and should explain what cyber insurance is and why the company needs it. 

2. An analysis section in which you discuss the following: 

a. Specific types of data involved in the Starwood Hotels data breaches and the harm  

b. Findings by government agencies / courts regarding actions Starwood Hotels / Marriott International should have taken  

c. Findings by government agencies / courts regarding liability and penalties (fines) assessed against Marriott International. 

3. A review of best practices which includes 8 or more specific recommendations that should be implemented as part of Padgett-Beale’s updated data breach response policy and plans. Your review should identify and discuss at least 2 best practices for each of the following areas:  people, processes, policies, and technologies. Be sure to describe the difference between processes and policies. 

4. A closing section (summary) in which you summarize the issues and your recommendations for policies, processes, and/or technologies that Padgett-Beale, Inc. should implement. 

Submit for Grading 

Submit your research paper in  MS Word format (.docx or .doc file) using the Research Report #1 Assignment in your assignment folder. (Attach your file to the assignment entry.) 

Additional Information 

1. To save you time, a set of appropriate resources / reference materials has been included as part of this assignment. You must incorporate at least five of these resources into your final deliverable. You must also include 2 resources that you found on your own. 

2. Your research report should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings to organize your paper. 

Take Note

The CSIA program recommends that you follow standard APA formatting since this will give you a document that meets the “professional appearance” requirements. APA formatting guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use. 

3. You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.   

4. You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.).