Frenemy
busy bee
week67.docxRead this blog posting from Symantec: The "Frenemy" Within - Insider Theft of Intellectual Property
Then, read this article from Network World: What litigation tells us about the dangers of IP theft
Write a briefing statement for Padgett-Beale managers introducing them to the problem of intellectual property theft and explaining what measures the company should take to respond to this growing problem.
Your briefing statement should focus on the theft of digital assets containing the company's intellectual property (i.e. files, emails, etc.).
…………………………………………………………………………………………………………..
Hotels and Guests Under Attack
Must post first.
Being aware of and sensitive to the emotions of guests and employees allows a manager to respond appropriately when a cyberattack occurs. As you write this blog, you will need to find a balance between addressing the emotional aspects of a cyberattack (need for a supportive and calming response -- less information may be best) and the need to develop trust by providing information about a situation which can invoke fear and concern.
Begin by reading this definition of Emotional Intelligence and this discussion article about What Emotional Intelligence Is and Is Not.
Next, read one of these articles about a cyber attack that affected hotel operations and created fear and concern among guests and employees.
1. Hackers use ransomware to target hotel guests' door locks
2. Hackers are using hotel Wi-Fi to spy on guests, steal data
3. 20 hotels suffer hack costing tens of thousands their credit card information
Using what you've learned about emotional intelligence, write a blog posting that Padgett-Beale could use to inform and calm its guests and employees should a similar cyberattack affect one of the company's hotel properties.
…………………………………………………………………………………………………………………………
Training the IT Governance Board
You have been invited to attend a meeting of Padgett-Beale's IT Governance Board. This board operates under authority delegated by the corporate governance board and focuses upon the ensuring that the company achieves maximum value for each dollar spent on information technology capabilities. This board's charter gives it responsibility for governance, risk management, and compliance management (GRC) for corporate IT processes, policies, and technologies. Members of the board each serve for a three year term. Of the 24 members, 8 have just begun their terms.
For this meeting's program, the chairperson of the IT Governance Board has asked each of the management interns to prepare and deliver a 5-minute informative speech on a relevant topic (see list below). Your speech should be directed towards the newly selected members of this board who have not yet had time to become familiar with all of the board's responsibilities.
Choose one of the following IT management / IT security management frameworks as the topic of your speech.
1. COBIT
2. ITIL
3. ISO 27001/27002 (ISMS Program Management)
4. NIST Cybersecurity Framework
5. NIST Security and Privacy Controls (NIST SP 800-53)
6. NIST Risk Management Framework (NIST SP 800-37)
7. Business Model for Information Security (People, Processes, Policies & Technologies)
See the weekly readings for information about your selected topic. Post your written speech in this thread for critique and discussion with your peers.
………………………………………………………………………………………….
Extortion by Email
Read the article Extortion by Email and the analysis paper Extortion on the Job (posted in Week 7).
As you read, look for information about how the company managed IT risks related to malware and attacks.
What do you think? Were the company's policies and enforcement actions consistent with its desires to reduce risk? Why or why not?
