User Account

All Pages

Conduct investigation of security management issues

Assignment Help Other Subject
Reference no: EM133003707

SIT284 Cybersecurity Management Assessment

Assessment 1: Case investigation report This is an individual assessment task and worth 30% (numerically marked) of your overall mark. This assessment requires you to conduct an investigation of serious security management issues in corporate organizations and prepare a report based on the findings of your investigation. Analysing real-life cybersecurity incidents provides you with crucial insights regarding cybersecurity posture of an organization and a thorough understanding of details related to the cybersecurity incidents before, during and after the incidents.

Learning Outcome 1: Assess security risks, threats and vulnerabilities to the organization and implement appropriate information security protection mechanisms.

Learning Outcome 2: Conduct investigation of security management issues in organization by analysing requirements, plans and IT security policies.

Brief description of assessment task

In this assignment, you will prepare a case investigations report for the board of a Marriott International.

Marriott International, the popular hotel chain, experienced a new data breach in mid- January 2020, affecting up to 5.2 million guest records globally. This is the second data breach Marriott has experienced in 16 months. There is quite a bit written about the latest Marriott data breach.

Your task is to critically and thoroughly analyse and synthesis the Marriott International 2020 data breach and write a case investigation report of approximately 2000 words along with a list of bibliography to support your findings.
Focus on the following:
• The analysis of the data breach.
• Analysis of cybersecurity governance and planning as related to the data breach.
• Analysis of data breach laws.

You can use the following to structure your report:
1. Introduction
2. Analysis of the breach
3. Analysis of cybersecurity governance and planning
4. Analysis of GDPR compliance
5. Conclusion
Please be sure to write in as much detail as is needed to respond in a way that clearly responds to the question at hand, while clarifying and elaborating with examples and details, where possible.

This assessment requires to gather and piece together data sourced from different sources and take an educated guess as to what may have transpired leading up to the loss of over 5 million guest records. It is suggested that you start working on this assessment by following:
• Start collecting and researching information.
• Think creatively.
• Write your report.
• Look at the assessment rubric and the unit learning outcomes to ensure that you understand what you are being assessed (and marked) on.

Q2.1: What is an attack vector and how do I identify them?
Q2.2: How do investigators figure out who might have hacked Marriott?
Q2.3 How do the threat actors identify and exploited the attack vector?
Q2.4: How to identify possible security flaws that allowed the threat actor(s) to get access to the system.
Q2.5 What should I look at for ‘how the breach was discovered and contained'?
Q2.6: How to determine the methods used by the threat actors to compromise login credentials and gain access to the system?
Q2.7: What should I consider regarding the security controls that may have failed?

3 Analysis of cybersecurity governance and planning
Q3.1: What does ‘focus on cybersecurity governance that directly impact planning for data breach' mean?
Q 3.2: What does ‘describe ways on how cybersecurity governance could have averted the Marriott data breach' mean.
Q 3.3: Ways that cybersecurity strategic plan can help organizations
Q 3.4: What are some of strategic options for improving cybersecurity governance.

4 Analysis of data breach related laws.

Q 4.1: Why does Marriott has an obligation to GDPR?
Q 4.2: What does an "eligible data breach" and data breach notification duties mean?
Q 4.3: What does a "notification timeline" to a supervisory authorities and communication to data subjects mean?
Q4.4: What do we know about Marriott's response to the data breach?
Q 4.5: What are GDPR notification rules regarding data breach notice to data subjects?
Q 4.6: How did Marriot communicate with the data subjects (guests)?
Q 4.7: Did Marriott provide guests how to get further information if they need to?
Q 4.8: What measures did Marriott take?
Q4.9: What does critical response factors (i.e., notification promptness, suitability, and quality) mean?
Q4.10: What is the risk of hackers using the victims' data for fraudulent purposes?
Q4.11: How Marriott's response minimizes the data breach impact

5 Word limits, references, and quotes
Q1: Is the limit of 2000 words absolute?
Q2: Which referencing, and citation style should I use?
Q3: Does the word limit apply to references?
Q4: What does ‘excessive use of quotes' mean?

6 General question
Q6.1: How do you give credence to the assertion you make.
Q6.2: What does ‘verifiable' claim mean?
Q6.3: What should the answer to ‘Lessons learnt and recommendation' cover?
Q6.4: Should we consider other compliance laws such as the Australian Data breach notification law?

7 Word limits, references, and quotes
Q7.1: Is the limit of 2000 words absolute?
Q7.2: Which referencing, and citation style should I use?
Q7.3: Does the word limit apply to references?
Q7.4: What does ‘excessive use of quotes' mean?

Attachment:- Cybersecurity Management.rar

Reference no: EM133003707

Questions Cloud

Prepare all the journal entries : Included in the lease payment is $3,000 for insurance and maintenance costs. Prepare all the journal entries for 20X4 related to this lease
What would new monthly car payment be : ames makes a care payment of $374.22 a month. What would his new monthly car payment be if he switched his loan to the credit union.
Describe trading and available for sale securities : Describe trading and available for sale securities and the past accounting for each. Describe the new method of accounting for the securities beginning in 2018.
Explain the timeline for the project : The CEO John is responsible for evaluating potential projects and financial decisions. What is the NPV of the project? Should John accept the project
Conduct investigation of security management issues : Conduct investigation of security management issues in organization by analysing requirements, plans and IT security policies
Identify balance assertion tested by each audit procedur : Trace selected quantities from the inventory listing to the physical inventory. Identify the balance assertion(s) tested by each audit procedure.
Discuss how can management control cash : Discuss how can management control cash.Discuss how can management control cash. Discuss if you believe the company has too much or too little cash.
What periodic money-weighted rate of return on investment : The stock paid a dividend of $1 per share at t=1 and at t=2. The periodic money-weighted rate of return on the investment is closest to
What is the npv of a european project : What is the NPV of a European project if Krona Corporation computes the NPV in euros as €100,000 and then converts that figure to dollars using the current spot

Reviews

len3003707

10/2/2021 2:05:26 AM

I HAVE NOW SENT YOU MY REPORT. PLEASE DONT GIVE ME A BAD MARK. I WANT TO ACE THIS WORK AND FOLLOW ALL THE REQUIRMENTS I HAVE SENT AND IT SHOULD INCLUDE EVERYTHING IN THERE. I NEED THE WORK DONE IN THE NEXT 48 HOURS. PLEASE I AM ASKING NICELY DONT BE LATE AND HAND IN TIME. PLEASE HAND IT IN SUNDAY 5PM AEST!!!!!! All together i need 2000 words done! can you do this work? I NEED THIS TO BE A+ WORK!!! please look at the rubric and all the documents i have sent over. i need a good mark for this!!!!! please deliver IN TIMEFRAME. PLEASE CHECK THE ENGLISH USED AND GRAMMAR. THIS IS WORTH 30% I DONT WANT TO GET A BAD MARK!

len3003707

10/2/2021 2:05:04 AM

I need an assignment done. It’s approximately 1700 words as I have begun the assignment. I will send all the necessary information over. I need this work done within the next 48 hours and not a minute late. This is a big assignment and it’s worth 30% I NEED A GOOD MARK ON IT . It’s about cyber security management. Can you do the work? i HAVE SEND ALL THE DOCUMENTS NEEDED. i will now send a sample of my teachers work that he showed us but THIS IS A SAMPLE AND IT USES THE WRONG INFORMATION BUT HE WANTED US TO UNDERSTAND THE FORMAT WE USED!

Write a Review

Other Subject Questions & Answers

  Define three common terms used in toxicology

Define three common terms used in toxicology. In addition, evaluate how media influence (including social media) may impact present situations in this field.

  Comparing the nursing specialty you have selected

Complete Step 1 by writing 2-3 paragraphs in the space below comparing the nursing specialty you have selected - or the one you prefer if your choice is still.

  Food preferences and consumption patterns in the population

What are the food preferences and consumption patterns in the population? What is the nutritional level of the population?

  Contrast the two approaches to intelligence

Identify and explain one example of each to illustrate your answer. This is on this Exam 2 long q,s but it is not shown here

  Explain how the author deals with the problem

Yesiltas (2018) noted that ISIS was a terrorist group created to eliminate the influence that the West had started having in the Middle East.

  Determine what math concept can be taught using the book

Determine what math concept can be taught using the book. What activities would you include? Describe them.

  Explain of specific challenges in mental health care system

Explanation of the specific challenges or gaps in the mental health care system for the care of individuals with chronic mental illnesses.

  Preopening of a hotel is extensive

The time (number of hours worked per week) involved in the preopening of a hotel is extensive. What are some specific non-work activities

  What programs are available to albert in community

What programs are available to Albert in your community

  Explain the components of the social engineering attack

Absolutely, there was no external malefactor; then, which component of the social engineering attack (SEA) is involved in Chief Executive Officer & Disgruntled.

  What is the factorial design of the above study

You read a recent cognitive psychology paper that demonstrated that people who are very tired are more likely to misremember events.

  Identify social or environmental factors

Identify social or environmental factors that may have influenced the individual's behavior. Examine the connection between these factors and theories.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd