Skip to content
Home » (everything below is on the attachment) Scenario Padgett-Beale Inc.’s (PBI) insu

(everything below is on the attachment) Scenario Padgett-Beale Inc.’s (PBI) insu

    (everything below is on the attachment)
    Scenario
    Padgett-Beale Inc.’s (PBI) insurance company, CyberOne Business and Casualty Insurance
    Ltd, sent an audit team to review the company’s security policies,
    processes, and plans. The auditors found that the majority of PBI’s operating
    units did not have specific plans in place to address data breaches and, in
    general, the company was deemed “not ready” to effectively prevent and/or
    respond to a major data breach. The insurance company has indicated that it
    will not renew PBI’s cyber insurance policy if PBI does not address this
    deficiency by putting an effective data breach response policy and plan in
    place. PBI’s executive leadership team
    has established an internal task force to address these problems and close the
    gaps because they know that the company cannot afford to have its cyber
    insurance policy cancelled.
    Unfortunately, due to the sensitivity of the issues, no
    management interns will be allowed to shadow the task force members as they
    work on this high priority initiative. The Chief of Staff (CoS), however, is
    not one to let a good learning opportunity go to waste … especially for the
    management interns. Your assignment from the CoS is to review a set of news
    articles, legal opinions, and court documents for multiple data breaches that
    affected a competitor, Marriott International (Starwood Hotels division). After
    you have done so, the CoS has asked that you write a research report that can
    be shared with middle managers and senior staff to help them understand the
    problems and issues arising from legal actions taken against Marriott
    International in response to this data breach in one of its subsidiaries
    (Starwood Hotels).
    Write
    Write a
    three to five (3-5) page report using your research. At a minimum, your report
    must include the following:
    1. An
    introduction or overview of the problem (cyber insurance company’s audit
    findings regarding the company’s lack of readiness to respond to data breaches).
    This introduction should be suitable for an executive audience and should
    explain what cyber insurance is and why the company needs it.
    2. An
    analysis section in which you discuss the following:
    a. Specific
    types of data involved in the Starwood Hotels data breaches and the harm
    b. Findings
    by government agencies / courts regarding actions Starwood Hotels / Marriott
    International should have taken
    c. Findings
    by government agencies / courts regarding liability and penalties (fines) assessed
    against Marriott International.
    3.
    A review of best practices which includes 5 or
    more specific recommendations that should be implemented as part of Padgett-Beale’s
    updated data breach response policy and plans. Your review should identify and
    discuss at least one best practice for each of the following areas: people, processes, policies and technologies.
    (This means that one of the four areas will have two recommendations for a
    total of 5.)
    4.
    A closing section (summary) in which you summarize
    the issues and your recommendations for policies, processes, and/or
    technologies that Padgett-Beale, Inc. should implement.
    Sources
    1. Research
    the types of insurance coverage that apply to data breaches. Pay attention to
    the security measures required by the insurance companies before they will
    grant coverage (“underwriting requirements”) and provisions for technical
    support from the insurer in the event of a breach. Here are three resources to
    help you get started.
    a. https://woodruffsawyer.com/wp-content/uploads/2019/06/40842_Woodruff-Sawyer-Cyber-Buying-Guide_Final.pdf
    b. https://www.travelers.com/cyber-insurance
    c. https://wsandco.com/cyber-liability/cyber-basics/
    2. Read
    / Review at least 3 of the following documents about the Marriott International
    / Starwood Hotels data breach and liability lawsuits.
    a. https://www.insurancejournal.com/news/national/2018/12/03/510811.htm
    b. https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2020/10/ico-fines-marriott-international-inc-184million-for-failing-to-keep-customers-personal-data-secure/
    c. https://www.bbc.com/news/technology-54748843
    d. http://starwoodstag.wpengine.com/wp-content/uploads/2019/05/us-en_First-Response.pdf
    e. https://www.consumer.ftc.gov/blog/2018/12/marriott-data-breach
    f. https://news.marriott.com/2019/07/marriott-international-update-on-starwood-reservation-database-security-incident/
    3. Find
    and review at least one additional resource on your own that provides information
    about data breaches and/or best practices for preventing and responding to such
    incidents.
    4. Using
    all of your readings, identify at least 5 best practices that you can recommend
    to Padgett-Beale’s leadership team as it works to improve its data breach
    response policy and plans.

    How to create Testimonial Carousel using Bootstrap5

    Clients' Reviews about Our Services