Padgett-Beale Inc.’s (PBI) insurance company, CyberOne Business and Casualty Insurance Ltd

at
Categories
Tags

 

Scenario
Padgett-Beale Inc.’s (PBI) insurance company, CyberOne Business and Casualty Insurance Ltd, sent an audit team to review the company’s security policies, processes, and plans. The auditors found that the majority of PBI’s operating units did not have specific plans in place to address data breaches and, in general, the company was deemed “not ready” to effectively prevent and/or respond to a major data breach. The insurance company has indicated that it will not renew PBI’s cyber insurance policy if PBI does not address this deficiency by putting an effective data breach response policy and plan in place. PBI’s executive leadership team has established an internal task force to address these problems and close the gaps because they know that the company cannot afford to have its cyber insurance policy cancelled.

Unfortunately, due to the sensitivity of the issues, no management interns will be allowed to shadow the task force members as they work on this high priority initiative. The Chief of Staff (CoS), however, is not one to let a good learning opportunity go to waste … especially for the management interns. Your assignment from the CoS is to review a set of news articles, legal opinions, and court documents for multiple data breaches that affected a competitor, Marriott International (Starwood Hotels division). After you have done so, the CoS has asked that you write a research report that can be shared with middle managers and senior staff to help them understand the problems and issues arising from legal actions taken against Marriott International in response to this data breach in one of its subsidiaries (Starwood Hotels).

Research
1. Read / Review the readings for Weeks 1, 2, 3, and 4.

2. Research the types of insurance coverage that apply to data breaches. Pay attention to the security measures required by the insurance companies before they will grant coverage (“underwriting requirements”) and provisions for technical support from the insurer in the event of a breach. Here are three resources to help you get started.

a. https://woodruffsawyer.com/wp-content/uploads/2019/06/40842_Woodruff-Sawyer-Cyber-Buying-Guide_Final.pdf

b. https://www.travelers.com/cyber-insurance

c. https://wsandco.com/cyber-liability/cyber-basics/

3. Read / Review at least 3 of the following documents about the Marriott International / Starwood Hotels data breach and liability lawsuits.

a. https://www.insurancejournal.com/news/national/2018/12/03/510811.htm

b. https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2019/07/statement-intention-to-fine-marriott-international-inc-more-than-99-million-under-gdpr-for-data-breach/

c. https://www.bbc.com/news/technology-54748843

d. http://starwoodstag.wpengine.com/wp-content/uploads/2019/05/us-en_First-Response.pdf

e. https://www.consumer.ftc.gov/blog/2018/12/marriott-data-breach

f. https://news.marriott.com/2019/07/marriott-international-update-on-starwood-reservation-database-security-incident/

4. Find and review at least one additional resource on your own that provides information about data breaches and/or best practices for preventing and responding to such incidents.

5. Using all of your readings, identify at least 5 best practices that you can recommend to Padgett-Beale’s leadership team as it works to improve its data breach response policy and plans.

Write
Write a three to five (3-5) page report using your research. At a minimum, your report must include the following:

1. An introduction or overview of the problem (cyber insurance company’s audit findings regarding the company’s lack of readiness to respond to data breaches). This introduction should be suitable for an executive audience and should explain what cyber insurance is and why the company needs it.

2. An analysis section in which you discuss the following:

a. Specific types of data involved in the Starwood Hotels data breaches and the harm

b. Findings by government agencies / courts regarding actions Starwood Hotels / Marriott International should have taken

c. Findings by government agencies / courts regarding liability and penalties (fines) assessed against Marriott International.

3. A review of best practices which includes 5 or more specific recommendations that should be implemented as part of Padgett-Beale’s updated data breach response policy and plans. Your review should identify and discuss at least one best practice for each of the following areas: people, processes, policies and technologies. (This means that one of the four areas will have two recommendations for a total of 5.)

4. A closing section (summary) in which you summarize the issues and your recommendations for policies, processes, and/or technologies that Padgett-Beale, Inc. should implement

Sample Solution

result of good initiative, and is again the obligation of the pioneer to guarantee the gathering are working effectively together. Exceptionally working groups are fundamental inside associations to expand efficiency and part fulfillment, by using the gifts of all gathering individuals really inside the requirements of the errand, individual connections and the gathering objectives (Pettinger, 2007). Figure 2: Tuckman’s Model of Group Development (Agile Scrum Guide, 2019) Tuckman in his Model of Group Development gives effectively recognizable stages that a gatherings execution can be estimated against, making it helpful for observing execution, Figure 2 shows Tuckman’s model. Positioning gathering execution against this scale can give pioneers an unmistakable comprehension of how the gathering are working, permitting them to carry out strategies to change this in the event that presentation is inadmissible (Pettinger, 2007). Inside associations, the hypothesis can be inexactly applied to making groups by gathering comfortable people with the point that they will arrive at the norming and performing phase of the model faster. For short and straightforward errands this is an incredibly viable approach to getting sorted out gatherings, because of the expanded momentary efficiency. Anyway there are huge issues with gathering people thusly, especially when assignments become more perplexing, and eventually the model ought to fundamentally be utilized for checking the advancement of gatherings (Pettinger, 2007). Figure 3: Belbin’s Team Roles (PrePearl Training Development, 2019) A more utilitarian methodology of collection people is to use Belbin’s Team Theory (Belbin, 2017). Belbin distinguishes 9 key jobs that should be satisfied inside a gathering to guarantee a positive outcome, the jobs are summed up in Figure 3. The jobs cover a wide range of abilities that should be available inside a gathering to guarantee a positive outcome, and becomes fundamental when assignments are extended and complex. Associations can track down the Belbin jobs every individual fits through a poll, and in this manner adjusted gatherings can be shaped covering every one of the jobs. In any case, as with Fiedler’s possibility model, the hypothesis when meant practice can frequently turn out to be exceptionally unrealistic for associations to consistently execute. This is to a great extent on the grounds that the association is compelled by the characters of their representatives, their might be an overflow of one character type and a shortfall of another, the main arrangement is to enlist remotely to fill the missing jobs inside groups. This can bring about a broad finance for an association and colossal monetary ramifications as they can’t legitimately excuse representative’s assuming they have such a large number of one character type. The significance of Belbin jobs in a group became obvious for Group 1 on the main day of the outside administration course, the gathering had 5 individuals who filled the completer finisher and practitioner jobs, but had nobody filling the asset agent or screen evaluato

This question has been answered.

Get Answer
WeCreativez WhatsApp Support
Our customer support team is here to answer your questions. Ask us anything!
👋 Hi, Welcome to Compliant Papers.
Hi, how can I help?