Categories
Writers Solution

Identity theft is becoming more common as technology continues to advance exponentially

Project 2: Identity Theft ResponseStart Here

Transcript

Identity Theft Response

Identity theft is becoming more common as technology continues to advance exponentially. Mobile devices, applications, and email make it more convenient for individuals to access records and financial accounts, but also increase the risk of identity theft.

As the CISO, you will be drafting an incident response plan to address identity theft for your financial organization.

Identity Theft Response is the second of four sequential projects in this course. The final plan will be about 10-12 pages in length. There are 16 steps in this project and it should take about 14 days to complete. Begin with Step 1, where you will identify types of cyberattacks in which personally identifiable information could be vulnerable.

Competencies

Your work will be evaluated using the competencies listed below.

·         1.3: Provide sufficient, correctly cited support that substantiates the writer’s ideas.

·         2.2: Locate and access sufficient information to investigate the issue or problem.

·         8.4: Design an enterprise cybersecurity incident response plan.

Project 2: Identity Theft ResponseStep 1: Identify Potential PII Attacks

Since this project will require an enterprise cybersecurity incident response plan with considerations specifically to identity theft, types of attacks must be identified. In a table or spreadsheet, identify the types of attacks that could result in denial of access to or theft of PII (personally identifiable information). Consider both internal and external incidents and those associated with employees and/or customers. Submit your list of potential PII attacks for feedback from your CIO (course instructor).

Submission for Project 2: Potential PII Cyber Incident List

Previous submissions

0

Top of Form

Drop files here, or click below.

Add Files

Bottom of Form

You will build upon this list of identified attacks throughout this project to form your Incident Response Plan. In the next step, industry-specific standards related to these types of attacks will be addressed.

Step 2: Align Industry-Specific Standards

Now that you have identified potential attacks in the previous step, you should research and identify state or federal government standards established for the protection of PII (where they exist) as well as industry codes. Keep in mind that while you are concerned in particular about standards that govern the financial industry, there are different standards specific to other industries. As a CISO, you need to be aware that regulations can vary—for example, standards are different in the health care field.

Add an additional column to the prepared list of potential types of PII attacks from the previous step. In this second column, note what standards might be required when addressing each incident type. You should align government-mandated and sector-voluntary standards to the PII attacks identified.

Refer to the provided industry-specific regulations for additional background on existing regulations. As you consider standards for your organization, continue building upon this table in the next step.

Step 3: Exceed Policy Standards to Fulfill Company Demands

In the previous step, you identified the policy standards for relevant PII attacks. In this step, address any types of attacks that were not aligned in the previous step or those in which given standards are considered inadequate by senior leadership. As CISO, you are aware of your organization’s expectations to guarantee the highest level of security for the organization and individuals in regards to theft of PII (personally identifiable information).

To complete this phase of the project, you will add an additional one to two columns to include upgraded or superior solutions on items considered to still be vulnerable. The alternatives that you add should reflect your organizational demands, initiatives, and vision. You will assess and prioritize this list of solutions in the next step.

Step 4: Assess Alternatives

Now that you have created a list of alternative solutions, assess your recommendations and prioritize them in a final column. Prioritize each alternative by placing a number “1” next to the first priority, a number “2” next to the second, and so on.

To the right of the prioritized solutions, in a sentence or two, state why you selected that alternative in that particular position. Submit the updated PII Solution Alternatives Table for feedback.

Submission for Project 2: PII Solution Alternatives Table

Previous submissions

0

Top of Form

Drop files here, or click below.

Add Files

Bottom of Form

This table will be used as an appendix in your final Incident Response Plan. In the next step, you will begin to develop a strategy for breach management.

Step 5: Complete the Executing the Response to a Cyberattack eLearning Module

So far, you have identified potential PII attacks and developed a set of PII solution and prevention alternatives. Before outlining a strategy for breach management, review Executing the Response to a Cyberattack. A response to cyberattack typically includes prevention measures, which you have already considered, but it also includes defense, detection, recovery, and response concerns. These areas should be developed with business considerations and subject to the advice of company leaders.

Now that you have become more familiar with an overview of how to execute a response to a cyberattack, proceed to the next step to outline a breach management strategy.

Step 6: Outline Breach Management Strategy

The next several steps will fit the alternatives into a breach management strategy. Strategic thinking can be challenging in a project environment. A “project” is work- and task-oriented, and it includes specific deliverables produced within a defined timeframe. Such projects have a limited budget and are developed to exact specifications. This project’s charter is to present a strategic view of responding to a potential breach in the area of the system containing PII.

This section of the planning should explore areas other than cyber technology. It is about policies, required and recommended, that expand the project notes you have been creating to address corporate concerns outside of the technology realm, such as legal implications, reporting, etc.

Briefly outline, for use in the next few steps, a strategic approach in response to a breach allowing access to PII—customers and/or employees. Think of the policy aspects that will have to be addressed. You will continue to use the findings determined here and over the next few steps to produce a breach management strategy.

Breach management options will be considered in the next step.

Step 7: Determine Breach Management Options

Using the outline of the strategic approach developed in the previous step, determine both the technical and strategic options available in addressing a breach of PII. The eventual goal is to help senior management understand the level of effort required in an appropriate response to a breach. Take note of these options for future use.

Once complete, you will be ready to research legal issues in the next step.

Step 8: Research Breach Management Legal Issues

With breach management options identified in the last step, begin to research associated legal issues. Breach management in response to exfiltration of PII is well documented in a legal context. Multiple resources are available that address the issue. This section of your research and breach management strategy report should carefully identify all the concerns being raised in the courts surrounding previously documented cases.

The idea is to find evidence of court cases being litigated that are a result of a PII breach—not necessarily the outcomes of those legal proceedings. Identify the issues that your policy strategy should address and draft a discussion. This discussion will be used in a future report. After considering legal issues, move to the next step, which will be a look at cyber insurance.

Step 9: Research Breach Management Cyber Insurance Options

Redirect the research from legal issues in the last step to cyber insurance options in this step. As the number of PII breaches grows, so does the new industry of cyber insurance. Draft several paragraphs that state the options now available for this component of risk mitigation. Be sure to include what is covered by most readily available insurance policies, as well as what is not covered.

As an example: Is the institution covered for a customer PII breach if it is determined the breach was caused by an employee? The intent is not to make you a cyber insurance expert, but to offer senior leadership some of the strategic, big-picture options. This draft will be used in a future report.

In the next step, you will research the regulatory requirements of breach management.

Step 10: Research Breach Management Reporting and Other Requirements

Publicly traded enterprises and health care organizations are subject to governmental regulations and requirements where PII is concerned. In addition, some industries voluntarily impose standards upon their members. This is the section of the breach management strategy to address those issues.

What are the minimum reporting requirements applicable to financial institutions (in this case)? What standards are in place that must be met to prevent additional damage to the institution in the way of fines, warnings, or other sanctions as a result of noncompliance with regulations on reporting the breach?

Actual requirements for other industries could be similar, overlapping, or not, determined by the business sector, inclusion in critical infrastructure classification, and a number of other factors. The financial sector is our example for this project and not to be considered comprehensive or all-inclusive across all sectors.

In the next step, you will compile the report on breach management strategy.

Step 11: Compile the Breach Management Strategy Report

After considering the elements of breach management strategy over the last several steps, compile all drafts and revise into a complete five- to seven-page Breach Management Strategy that will present policies to senior leadership for the response to a PII breach.

You will need to include an overview of your strategic approach, options available, legal issues, cyber insurance, reporting and other requirements, and finally the proposal. Your proposal should identify issues/impacts with mitigation strategies, and include regulatory responses where they exist. Note how financial industry reporting requirements differ from health care or other industries.

Submit the Breach Management Strategy for feedback. This report will help complete your work on the final incident response plan.

Submission for Project 2: Breach Management Strategy

Previous submissions

0

Top of Form

Drop files here, or click below.

Step 12: Compose Policy Components of an Incident Response Plan (IRP)

Now that you have a proposed breach management strategy, you are ready to begin development of an incident response plan (IRP) specific to a breach of PII. Compose the key policy components of an incident response plan in a list to be used as a basis for the next step.

Step 13: Itemize the Steps of an IRP

Start at the key policy component list from the last step and add postincident requirements already identified to itemize the actions it will take to accomplish these goals. Keep in mind the level of effort required and time involved to accomplish each element of the IRP.

You now have all the information necessary to create a comprehensive IRP. To get your mind set in the right direction, imagine that a breach affecting PII has occurred. It is the organization’s worst cyber incident. What do you do? How does the organization respond? What steps need to be taken to meet all the requirements you have identified in the Breach Management Strategy?

This step is to create a list or an outline; the use of a spreadsheet is recommended to facilitate subsequent steps in the project. The primary column is all of the actions or tasks that need to be completed in the IRP. As part of this first list, identify what department is responsible for what action by considering the functional areas of a financial institution.

You will build upon this list in the next step by adding the element of time to your spreadsheet documentation.

Step 14: Assign a Typical Timeline for an IRP

As a result of your Breach Management Strategy, are there specific timelines required by the regulatory compliance you referenced? If so, that should be your starting point for creating the IRP timeline. These are referred to as project “milestones.” Look at the list you created in the previous step and put those milestones in a required response time sequence.

When building the timeline, pay attention to elements that depend on previous elements—things that must be completed before a following action can be started. In project management, these are referred to as “critical path” items.

This section of creating the IRP must have all critical path items covered within regulatory milestones. It is not mandatory to assign perfect values to the actual time it takes to accomplish each action item. It is mandatory to show the milestone dates.

As an example, one reporting requirement for a financial institution suffering a PII breach is likely to be to notify all affected customers within 72 hours of the breach. That means you will have a customer notification milestone at three days in the IRP.

After you have added the milestone dates to your spreadsheet documentation, you will plan for implementation of the incident response plan in the next step.

Step 15: Plan for the IRP Implementation

This is the step where you tie together the requirements (milestones), the timeline (critical path), and which department will be responsible for what elements in the plan (accountability). Ensure all of the rows and columns in the spreadsheet are in alignment to accomplish the goal of minimizing the impact of the PII breach. It is the final step in creating the IRP. This spreadsheet will be included in your final IRP.

Now, it is time for the final step, in which you will explain the results of all your hard work on the IRP to senior leadership.

Step 16: Complete the Incident Response Policy Plan (IRP)

The resulting IRP should be a total of 10 to 12 pages that present an actionable plan to fully address a breach of the organization’s PII. It should include a final paragraph on your thoughts about how the recommendations are likely to be received.

This final step is to bring all the work together. Use what has been created in the previous steps as detail to support your completed plan on incident response. Synthesize the material and include all CIO (instructor) feedback received.

Include in your comprehensive IRP the review and findings from a policy approach to maintain or exceed compliance with all regulatory demands. In addition, demonstrate your adherence to the best possible outcome for victims of a PII breach.

Remember, confidence in and approval of the approach is mandatory. It has already been determined that a breach of the organization’s PII is a serious matter. The CEO and the rest of the executives are depending on your expertise to address the situation quickly and effectively. This IRP is that plan of action.

Submit the complete report to the CIO for approval and delivery to the senior leadership team.

Check Your Evaluation Criteria

Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them. To view the complete grading rubric, click My Tools, select Assignments from the drop-down menu, and then click the project title.

·         1.3: Provide sufficient, correctly cited support that substantiates the writer’s ideas.

·         2.2: Locate and access sufficient information to investigate the issue or problem.

·         8.4: Design an enterprise cybersecurity incident response plan.

Submission for Project 2: Incident Response Plan

Previous submissions

0

Top of Form

Drop files here, or click below.

Bottom of Form

Bottom of Form

GET SOLUTION BELOW

CLICK HERE TO MAKE YOUR ORDER

TO BE RE-WRITTEN FROM THE SCRATCH

NO PLAGIARISM

  • Original and non-plagiarized custom papers. Our writers develop their writing from scratch unless you request them to rewrite, edit or proofread your paper.
  • Timely Delivery. capitalessaywriting.com believes in beating the deadlines that our customers have imposed because we understand how important it is.
  • Customer satisfaction. Customer satisfaction. We have an outstanding customer care team that is always ready and willing to listen to you, collect your instructions and make sure that your custom writing needs are satisfied
  • Privacy and safety. It’s secure to place an order at capitalessaywriting.com We won’t reveal your private information to anyone else.
  • Writing services provided by experts. Looking for expert essay writers, thesis and dissertation writers, personal statement writers, or writers to provide any other kind of custom writing service?
  • Enjoy our bonus services. You can make a free inquiry before placing and your order and paying this way, you know just how much you will pay. A verdict was rendered against three parent chaperones. How was the third parent included in the case?
  • Premium papers. We provide the highest quality papers in the writing industry. Our company only employs specialized professional writers who take pride in satisfying the needs of our huge client base by offering them premium writing services Identity theft is becoming more common as technology continues to advance exponentially

Get Professionally Written Papers From The Writing Experts 

Green Order Now Button PNG Image | Transparent PNG Free Download on SeekPNG Our Zero Plagiarism Policy | New Essays
Categories
Writers Solution

The global airline industry continues to grow rapidly, but consistent and robust profitability is elusive

 CASE STUDY: Airline Start up Project Brief  LADEYI is a company looking to establish a low cost airline to cater for the  Australasian market and is seeking a feasibility study to determine the feasibility of a  supply chain being set up to support the business venture.  Background Context “The global airline industry continues to grow rapidly, but consistent and robust  profitability is elusive. Measured by revenue, the industry has doubled over the past  decade, from US$369 billion in 2004 to a projected $746 billion in 2014, according to  the International Air Transport Association (IATA). Much of that growth has been driven by low-cost carriers (LCCs), which now control  some 25 percent of the worldwide market and which have been expanding rapidly in  emerging markets; growth also came from continued gains by carriers in developed  markets, the IATA reported. Yet profit margins are razor thin, less than 3 percent  overall. In the commercial aviation sector, just about every player in the value chain — airports,  airplane manufacturers, jet engine makers, travel agents, and service companies, to  name a few — turns a tidy profit. Yet it’s one of the enduring ironies of the industry  that the companies that actually move passengers from one place to another, the most  crucial link in the chain, struggle to break even. Airlines need to make large and ongoing improvements to operate more efficiently.  With few exceptions, the most successful airlines are those with the strictest cost  controls. The biggest (albeit cash-intensive) lever to reduce costs lies in fuel efficiency,  as jet fuel typically accounts for 40 to 55 percent of operating expenses. Cost reduction can also be achieved through enhancements in organizational structure,  operating model, and work practices. In particular, legacy airlines have often built up  complex processes over decades that cost far more than the streamlined processes of  the LCCs.” (Price Waterhouse Coopers, 2015) “The aviation industry in Australia has a long history and currently it has a number of  airlines operating within the country and all over the world. The importance of airlines  in Australia has grown very rapidly because the country is an island and also has a  thriving economy. Defunct airlines and planned airlines are the two types of airlines  which are in operation in this country. The main sectors of the Australian civil aviation  industry are the international airlines sector, general aviation sector and its safety and  the domestic regional airlines sector. The aviation industry of Australia also comprises  of some small segments like hand gliding, gliding, autogyros and ultra-light aircraft. “The international airlines in Australia carry cargo and passengers to and from various  parts of the world. The total number of international airlines which provides services to  Australia is 49. As Australia is an island more than 90% of the visitors to this country  come by air. The total annual average of passengers who come to Australia from around  the world is about sixteen million. Though airlines are the main carrier of passengers  in Australia the freights are mostly carried by the ships to various destinations”.  (Australia Net, 2007)The potential growth of the business and commercial markets within China suggest a  growth in demand for air travel around the region. As part of any business development  there are a number of areas that need to be explored in order to establish the business  case for the venture. An essential part of the business being considered is the logistics  and supply chain that is required to ensure the continuity of business. This is even more  the case as the model that the company is looking to adopts is one of low cost and this  inevitably puts greater pressure on the margins that the company is looking to pay for  goods and services. The company have a range of areas to consider in relation to supply  chain and are looking for a consultancy to provide an independent feasibility study  within this area. The main aspects that have emerged from initial investigation are a  need to understand: • The current local supply chain to support the business and its capacity • Current logistics infrastructure to support the airline growth oppose to competition • Environmental analysis to support CSR operations • Problem solving and business tools application AirAustralasia understand the highly competitive nature of the modern airline industry  and so are keen to ensure that they have a clear examination of the issues that will  inform the supply chain requirements to run the business. Client Requirement The client is looking for a consultant to provide a report in critically discussing how  they would addresses the above aspects with a clear analysis of the supply chain  required to support the setting up of a low cost airline within the Australasian market,  meeting the aims and objectives identified. 

GET SOLUTION FOR THIS ASSIGNMENT, Get Impressive Scores in Your Class

CLICK HERE TO MAKE YOUR ORDER

TO BE RE-WRITTEN FROM THE SCRATCH

GET SOLUTION FOR THIS ASSIGNMENT

CLICK HERE TO MAKE YOUR ORDER

TO BE RE-WRITTEN FROM THE SCRATCH

NO PLAGIARISM

  • Original and non-plagiarized custom papers- Our writers develop their writing from scratch unless you request them to rewrite, edit or proofread your paper.
  • Timely Deliveryprimewritersbay.com believes in beating the deadlines that our customers have imposed because we understand how important it is.
  • Customer satisfaction- Customer satisfaction. We have an outstanding customer care team that is always ready and willing to listen to you, collect your instructions and make sure that your custom writing needs are satisfied
  • Confidential- It’s secure to place an order at primewritersbay.com We won’t reveal your private information to anyone else.
  • Writing services provided by experts- Looking for expert essay writers, thesis and dissertation writers, personal statement writers, or writers to provide any other kind of custom writing service?
  • Enjoy Please Note-You have come to the most reliable academic writing site that will sort all assignments that that you could be having. We write essays, research papers, term papers, research proposals. The global airline industry continues to grow rapidly, but consistent and robust  profitability is elusive

Get Professionally Written Papers From The Writing Experts 

Green Order Now Button PNG Image | Transparent PNG Free Download on SeekPNG Our Zero Plagiarism Policy | New Essays
Categories
Writers Solution

SHRM content areas related to HRD. Unit 5 continues with Performance Management

 The Unit 5 discussion topics continue to address SHRM content areas related to HRD. Unit 5 continues with Performance Management. While performance management and performance appraisal are often confused, they are not the same. Performance management takes a broad view of activities intended to improve individual and organizational performance. This includes determining expectations, measuring employee action and results and coaching. The intent is to link individual’s work to attain organizational goals. Performance appraisals are a focused assessment of an employee’s performance within a set time parameter. Employees are measured against expectations resulting in decisions related to organizational talent and decisions. A performance appraisal typically involves the utilization of rating tools and forms followed by a formal conversation between an employee and their manager. Performance management, particularly performance appraisals, are being eliminated by many high profile organizations (Accenture, Adobe, Microsoft, and GE). Studies have indicated that only 30% of workers think that their organization’s performance management helps to improve the organization’s performance. Less than 40% described their organization’s performance management as having clear performance goals or honest feedback. Some SHRM professionals have suggested that organizations rid themselves of traditional performance management due to its negative impact on organizational performance. The SHRM report, Performance Management that Makes a Difference, also reports that a Deloitte study of its own performance management discovered that performance management took two million employee hours to set performance goals, submit evaluation forms and to participate in performance reviews. Further, the technology required to support the Deloitte performance management process was calculated to be many thousands of dollars. The study indicated that the organizational cost was not work the organizational benefit. Too often, performance management is not done well, the discussion topic for this unit is intended to help you better understand performance management and what is involved in actualizing its potential. Topic 1: SHRM Content Area (Performance Management) Figure 1 in the SHRM effective practice article, Performance Management,  provides an overview of the performance management process. Put that performance management process into your own words. What are some possible outcomes from effective performance management? Using an organization, you have worked with, how would you assess their application of the Performance Management process? What success has that organization had with possible positive performance management outcomes? What recommendations would you make to improve their performance management practice?

Assignment statusSolved by our Writing Team at CapitalEssayWriting.comCLICK HERE TO ORDER THIS PAPER AT CapitalEssayWriting.com