Prior to beginning work on this discussion read Chapter 3 from the course text and the Governing Information Technology Risk (Links to an external site.) article.
As a CIO, you will be responsible for protecting proprietary and valuable data in your companys possession. Some employees (aka Malicious Insiders) may be tempted to steal or share the valuable information held by your company. There are several specific protocols and methods (e.g., key logging and monitoring emails) that a CIO can employ to find malicious insiders and/or detect their activities.
For your initial post you will take on the role of the CIO of a company with 10,000 employees that has various types of proprietary and valuable data. The company is interested in taking precautionary measures to ensure that this data is protected. Address the following in your initial post:
Taking into consideration the broad legal issues related to data protection, construct at least two specific, reasonable protocols you could use to detect malicious insiders and/or their activity within your company. Provide a rationale for your statements based on your source(s).
Taking into consideration the ethical issues related to employee monitoring, construct at least two specific, reasonable protocols you could use to prevent the activities of malicious insiders, so that they are not able to gain access to proprietary and valuable data. Provide a rationale for your statements based on your source(s).
minimum 250 words.
Software Liability Boilerplate:
Prior to beginning work on this interactive assignment, read Chapter 3 from the course text. Review the instructions below and research at least one additional scholarly and/or credible professional source to support your statements. (Access the MISM Credible Resource Guide (Links to an external site.) for assistance with finding appropriate credible professional resources.)
For this interactive assignment, you will take on the role of the CIO of a company that has many customers on its network. The business model that your company created includes customers on your network who use specific third party software at no extra cost. You are in the process of negotiating the purchase of a license of this third party software, but you have concerns about your companys liability exposure should the software fail. For example, you are concerned that your customers will use the third party software, input personal or other sensitive data, and then have that software crash or fail on its own, through no fault of your company. This could lead to your customer suffering real or perceived personal harm. As a result, the customer might sue your company for this harm.
In anticipation of purchasing the software license, you seek to include language in the software licensing agreement that would protect your company from harm suffered by your customers should the third party software crash or fail on its own. Include the following in your initial post:
Create boilerplate language for the software license agreement necessary to protect your company from this liability risk.
Provide an example of other language, either from an existing company case study or a fictitious example that would not sufficiently protect your company from this liability exposure.
Explain why this language does not sufficiently protect your company, supporting your statements with evidence from your sources.
minimum of 300 words.
Questions of Liability: Critique of the Target® Hack:
Prior to beginning work on this assignment, read Chapter 3 of the course text, the Inside Target Corp., Days After 2013 Breach (Links to an external site.) article, and review any relevant information from this weeks lecture. Review the instructions below and research at least one additional scholarly source and a minimum of three credible professional sources to support your statements. (Access the MISM Credible Resource Guide (Links to an external site.) for assistance with finding appropriate credible professional resources.)
In 2013, Target Corporation was hacked. Credit and debit card data of 40 million of Targets customers were exposed. Hackers reportedly infiltrated Target via access from an outside vendor, Fazio Mechanical. Often, CIOs will deal with outside vendors who ask for access or need to access some of their companys data. Shortly after Target was hacked, the organization has hired you, a risk management expert, to address their handling of Fazio Mechanicals access to Targets network and data. Based on this scenario, address the following in a five page paper:
Analyze current company protocol(s) and draft new protocols you would use to reduce Targets liability from non-permitted access to their network and data via outside vendors.
Explain how the protocol(s) would reduce the risk of liability to Target.
Explain whether or not Target can ethically impose a protocol(s) on the internal operations of an outside vendor so that their internal operations more easily conform to Targets security protocols and internal operations, with the overall intention of reducing Targets liability.
Explain whether Target or Fazio Mechanical is more at fault for exposing Targets customers data, providing rationale(s) for your decision.
The Questions of Liability: Critique of the Target® Hack paper
Must be five double-spaced pages (1500 to 1600 words) in length (not including title and references pages) and formatted according to APA style as outlined in the Writing Center (Links to an external site.).
Must include a separate title page with the following:
Title of paper
Course name and number
Must use at least one scholarly source and three credible professional sources in addition to the course text.
The Scholarly, Peer Reviewed, and Other Credible Sources (Links to an external site.) table offers additional guidance on appropriate source types. If you have questions about whether a specific source is appropriate for this assignment, please contact your instructor. Your instructor has the final say about the appropriateness of a specific source for a particular assignment.
Must document all sources in APA style as outlined in the Writing Center.
Must include a separate references page that is formatted according to APA style as outlined in the Writing Center.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more