Part 1

Before you begin working on this discussion post, please make sure that you have read the Week 1 readings!

Welcome to Padgett-Beale and your first week as a management intern.

The Chief of Staff will be hosting a working lunch this week for your group of interns. In addition to the usual introductions and "getting to know you" discussions, you've been advised that there will be a discussion of the following article.

https://securityintelligence.com/seasonal-employee-security-risks-present-danger-proactive-defense/

Each intern has been asked to write and bring a discussion paper containing their written responses to the following questions:

  • What steps can (should) managers take to reduce security risks associated with hiring seasonal or temporary employees? (Consider whether or not the Secure Computer User training course would be appropriate for these employees.)
  •  How can managers show leadership in the area of cybersecurity defenses and best practices?

Consider the ways in which these types of companies are likely to use seasonal employees and the types of digital assets / information to which these temporary employees may have access.

Part 2

  Responding to Guest Concerns about Cyberattacks 

 

your internship assignment is with the company's Guest Relations office.

You have been asked to draft a letter to guests to address concerns about the impacts of possible cyberattacks. Recently there have been news reports describing cyberattacks on the hospitality industry. This letter should reassure guests that the company is taking positive steps to protect guest privacy. Consider the technical and people perspectives.

There are legal requirements for such a letter. This  Data Security Breach Notice Letter guidance document from Hutnik, Kelley Drye & Warren LLP provides guidance for companies facing the need to write notification letters.

Consider the required "tone" for such a letter. The letter must be factual but, more importantly, it is necessary to show an appropriate amount of empathy and understanding for the recipient's feelings. Empathy and emotional intelligence are important leadership skills for managers.

To learn more about emotional intelligence, read this definition of Emotional Intelligence.  Then, read about three types of empathy: https://www.verywellmind.com/what-is-empathy-2795562

The letter should be between 200-250 words and written concisely so the explanation is clear and not overly technical. The point is to ensure guests that the situation is under control and that you've taken steps to make sure they can feel confident that their information is safe. Remember accountability and empathy in your letter.

Part 3

 Cybersecurity Issues for Business Travelers 

 Post your initial response of at least 150 words 

Here  interns are reflecting on cybersecurity issues that must be considered when employees travel for business. In your opinion, what are the security issues associated the technologies (cell phones, computers, etc.) used when traveling? In your opinion, is there a false sense of security that this is only a concern with international travel? 

Part 4

 Privacy Policies & Compliance Issues 

 Post your initial response of at least 150 words 

 

After completing the course readings for the week, do additional research into the potential privacy, data security, and liability issues facing companies similar to Padgett-Beale. Find an event within the past three years that describes an issue related to this week's course material and describe the event. And then, provide your opinion on what should be done to make sure it doesn't happen again? For example, did the event result from a potential lack of employee training? If so, what type of training would you recommend? 

For examples of guest privacy policies, please see these resources:

  1. https://www.lhw.com/Privacy-Policy
  2. https://www.ihcltata.com/privacy-policy/
  3. https://www.fourseasons.com/privacy/

Part 6

 Post your initial response of at least 150 words 

 

Padgett-Beale's Corporate Security Office has recently completed an investigation into how a competitor may have obtained copies of the confidential architectural drawings and design plans for a new type of resort that the company had planned for a recently acquired island property. It is suspected that an Advanced Persistent Threat mechanism may have been used to exfiltrate information.

In your opinion, what processes and procedures should be used to discourage or make it difficult for employees, managers, and executives to inadvertently misuse and/or steal the company's intellectual property (consider data classification and markingseparation of duties, and least privilege).