See the attached instruction and data file
Carefully read the case “Who Stole Our Customer Data”. It is available in DC CONNECT as a separate file. In the case assume that all events take place in CANADA and the applicable laws are all Canadian. With respect to the scenario of this case, answer the following questions. Answer each question from the perspective of the individual noted.
(A) If you were the Chief Information Security Officer of the company (a very senior executive) describe what you would/should do from the initial discovery of the hack/data loss until the next shareholders’ meeting of the company, 11 months in the future. Provide a good level of detail and be sure to address (at minimum)
• Activities related to immediate incident response • Investigation, forensics, reconstruction
• Damage quantification
• Resourcing and expertise required
• Law enforcement
• Internal and external communications
• Short and medium-term remediation planning and execution • Administrative matters
This part should be about 1,200 – 1,500 words.
(B) If you were the Vice-President, Legal Affairs and Privacy of the company (a lawyer) describe what you would/should do from the initial discovery of the hack/data loss until the next shareholders’ meeting of the company, 11 months in the future. Provide a good level of detail and be sure to address (at minimum)
• Identification of applicable legal & regulatory requirements and standards • Identification of applicable privacy requirements and standard
• Initial required legal actions, including interaction with law enforcement
• Estimation of potential civil liability [discuss]
• Estimation of potential regulatory exposure (PUBLIC Company) [discuss]
• Estimation of potential audit and reputational damage [discuss]
• Go forward position on cyber insurance
• Resourcing and expertise required
• Internal and external communications
This part should be about 1,000 – 1,200 words.
(C)If you were a highly specialized, senior cyber security investigator specially hired by the company to investigate the hack and provide detailed recommendations for the improvement of computer security and data protection in the company, describe/provide:
• Your initial planning efforts for your security audit
• The most important technical, human & organizational areas to investigate • At least 3 forensic/investigative tools or techniques you would use, and
how / where / when you would use them
• Areas of LEGAL RISK in your investigation (what you can/cannot do and
why, performing an investigation for the Court vs. for recovery of data) • 10 solid, sensible and practical recommendations to improve security,
privacy and internal control at the company
This part should be about 1,000 – 1,200 words.
(D)As President of the company, prepare a 20 minute LIVE PRESENTATION to class representing the company’s first public statement and press conference regarding the breach.
• Begin the presentation with about a 3 - 4 minute statement about what happened, what is known/unknown and what the company is doing and planning to do, in general terms.
• Then, for the rest of the time, discuss/answer the following questions, as if they were asked by reporters attending the press conference:
o What exactly was lost?
o Have all the customers been notified? If not, why?
o Who was responsible for the hack (perpetrator)?
o Who was responsible for the hack from the perspective of company
operations? Did any company employee fail to do their job? How
could this have happened?
o What is this going to cost to remediate?
o What are the estimated damages?
o Has anyone been fired? Will anyone be fired?
o Are you (president) going to resign?
o Are the police involved? If so, what do they say
o Has the Privacy Commissioner been notified? If so, what is his/her position? Will the company be fined or sanctioned?
o Is there any chance of recovering the lost data?
o Does the company have any cyber insurance? If not, why not? o How will this affect the company’s future business plans?
