Expert answer:Emerging Issues Analysis and Report
Expert answer:Write a three to five page report using your research. At a minimum, your report must include the following: 1.An introduction or overview of event management systems and the potential security and privacy concerns which could arise when implementing this technology. This introduction should be suitable for an executive audience. Provide a brief explanation as to why three major operating units believe the company needs this capability. 2.An analysis section in which you address the following: A recommendations section in which you identify and discuss five or more best practices for security and privacy that should be implemented before the technology is put into use by the company. Include at least one recommendation in each of the following categories: people, processes, policies, and technologies. A closing section (summary) in which you summarize the issues related to your chosen use case and the event management platform overall. Include a summary of your recommendations to Padgett-Beale leadership.ScenarioThe Entertainment Team (ET — part of Resort Operations at Padgett-Beale, Inc.) is excited about a new event management platform and is ready to go to contract with the vendor. This platform is a cloud-based service that provides end-to-end management for events (conferences, concerts, festivals). The head of Marketing & Media (M&M) is on board and strongly supports the use of this system. M&M believes that the data collection and analysis capabilities of the system will prove extremely valuable for its efforts. Resort Operations (RO) also believes that the technology could be leveraged to provide additional capabilities for managing participation in hotel sponsored “kids programs” and related children-only events. Several other high level managers have expressed concerns however, about one of the capabilities that ET, M&M, and RO are most excited about – customizable RFID wrist bands for managing and tracking attendees.For an additional fee, the event management platform’s vendor will provide customized RFID bands to be worn by attendees. These bands have unique identifiers embedded in the band that allow tracking of attendees (admittance, where they go within the venue, what they “like,” how long they stay in a given location, etc.). The RFID bands can also be connected to an attendee’s credit card or debit card account and then used by the attendee to make purchases for food, beverages, and souvenirs. The head of Corporate IT has tentatively given approval for this outsourcing because it leverages cloud-computing capabilities. IT’s approval is very important to supporters of this the acquisition because of the company’s ban on “Shadow IT.” (Only Corporate IT is allowed to issue contracts for information technology related purchases, acquisitions, and outsourcing contracts.) Corporate IT also supports a cloud-based platform since this reduces the amount of infrastructure which IT must support and manage directly.The project has come to a screeching halt, however, due to a request by the Chief Privacy Officer for more information about the benefits of the RFID system and potential privacy issues. Once more, the management interns have been tapped to help out with a research project. The CPO expects and requires an unbiased analysis of the proposed use cases and the security and privacy issues which could be reasonably expected to arise. The defined use cases are: Children (under the age of 13) attending a hotel sponsored “kids club” program. Individuals attending a music festival or other event where IDs must be checked to establish proof of age (legal requirement for local alcoholic beverage consumption).Attendee management for trade shows
csia_300_research_report__2___emerging_issues_risk_analysis.docx
Unformatted Attachment Preview
CSIA 300: Cybersecurity for Leaders and Managers
Research Report #2: Emerging Issues Analysis and Report
Scenario
The Entertainment Team (ET — part of Resort Operations at Padgett-Beale, Inc.) is excited about a new
event management platform and is ready to go to contract with the vendor. This platform is a cloudbased service that provides end-to-end management for events (conferences, concerts, festivals). The
head of Marketing & Media (M&M) is on board and strongly supports the use of this system. M&M
believes that the data collection and analysis capabilities of the system will prove extremely valuable for
its efforts. Resort Operations (RO) also believes that the technology could be leveraged to provide
additional capabilities for managing participation in hotel sponsored “kids programs” and related
children-only events. Several other high level managers have expressed concerns however, about one of
the capabilities that ET, M&M, and RO are most excited about – customizable RFID wrist bands for
managing and tracking attendees.
For an additional fee, the event management platform’s vendor will provide customized
RFID bands to be worn by attendees. These bands have unique identifiers embedded in
the band that allow tracking of attendees (admittance, where they go within the venue,
what they “like,” how long they stay in a given location, etc.). The RFID bands can also
be connected to an attendee’s credit card or debit card account and then used by the
attendee to make purchases for food, beverages, and souvenirs.
The head of Corporate IT has tentatively given approval for this outsourcing because it leverages cloudcomputing capabilities. IT’s approval is very important to supporters of this the acquisition because of
the company’s ban on “Shadow IT.” (Only Corporate IT is allowed to issue contracts for information
technology related purchases, acquisitions, and outsourcing contracts.) Corporate IT also supports a
cloud-based platform since this reduces the amount of infrastructure which IT must support and
manage directly.
The project has come to a screeching halt, however, due to a request by the Chief Privacy Officer for
more information about the benefits of the RFID system and potential privacy issues. Once more, the
management interns have been tapped to help out with a research project. The CPO expects and
requires an unbiased analysis of the proposed use cases and the security and privacy issues which could
be reasonably expected to arise. The defined use cases are:
1. Children (under the age of 13) attending a hotel sponsored “kids club” program.
2. Individuals attending a music festival or other event where IDs must be checked to establish
proof of age (legal requirement for local alcoholic beverage consumption).
3. Attendee management for trade shows
1
Copyright ©2017 by University of Maryland University College. All Rights Reserved
CSIA 300: Cybersecurity for Leaders and Managers
Research
1. Read / Review the readings in the LEO classroom.
2. Read this introduction to RFID technologies: http://www.aimglobal.org/?page=rfid_basics
3. Next, read the following descriptions and reviews of event management platforms
a. http://rfid4u.com/wp-content/uploads/2015/12/Event-Management-Case-Study.pdf
b. http://www.capterra.com/event-management-software/
c. http://www.cvent.com/en/event-management-software/#
4. Research one or more of the Use Cases
a. Tracking Children in Entertainment Parks and Kids Club Programs
http://www.rfidjournal.com/blogs/experts/entry?11573 and
http://disneycruiselineblog.com/2013/11/all-new-youth-activities-oceaneer-bandsreplacing-mickey-bands/
b. Managing Adult Attendees at Music Festivals (includes RFID bands linked to twitter,
Facebook, and credit/debit card) http://musicfestivalsrfid.com/ and
http://www.techradar.com/news/world-of-tech/rfid-wristbands-vs-nfc-smartphoneswhat-s-winning-the-contactless-battle-1167135
c. Tracking Adults at Trade Shows http://www.universalrfid.com/product/rfid-labelsprovide-technology-at-trade-shows/ and https://blog.printsome.com/rfid-wristbandsgood-bad/
5. Choose one of the Use Cases then find and review at least one additional resource on your own
that provides information about privacy and security related laws that could limit or impose
additional responsibilities upon Padgett-Beale’s collection, storage, transmission, and use of
data about guests. (Note: laws may differ with respect to collecting data from or about
children.)
6. Using all of your readings, identify at least 5 security and privacy issues which the Chief Privacy
Officer needs to consider and address with the Padgett-Beale leadership team as it considers
the implications of your chosen use case.
7. Then, identify 5 best practices that you can recommend to Padgett-Beale’s leadership team to
reduce and/or manage risks associated with the security and privacy of data associated with the
event management platform.
Write
Write a three to five page report using your research. At a minimum, your report must include the
following:
1. An introduction or overview of event management systems and the potential security and privacy
concerns which could arise when implementing this technology. This introduction should be
suitable for an executive audience. Provide a brief explanation as to why three major operating units
believe the company needs this capability.
2
Copyright ©2017 by University of Maryland University College. All Rights Reserved
CSIA 300: Cybersecurity for Leaders and Managers
2. An analysis section in which you address the following:
a. Identify and describe your chosen Use Case
b. Identify and describe five or more types of personal / private information or data
that will be collected, stored, processed, and transmitted in conjunction with the
use case.
c. Analyze and discuss five or more privacy and security issues related to the use case.
d. Identify and discuss 3 or more relevant laws which could impact the planned
implementation of the event management system with RFID wrist bands.
3. A recommendations section in which you identify and discuss five or more best practices for security
and privacy that should be implemented before the technology is put into use by the company.
Include at least one recommendation in each of the following categories: people, processes,
policies, and technologies.
4. A closing section (summary) in which you summarize the issues related to your chosen use case and
the event management platform overall. Include a summary of your recommendations to PadgettBeale leadership.
Submit For Grading
Submit your research paper in MS Word format (.docx or .doc file) using the Research Report #1
Assignment in your assignment folder. (Attach your file to the assignment entry.)
Additional Information
1. To save you time, a set of appropriate resources / reference materials has been included as part of
this assignment. You must incorporate at least five of these resources into your final deliverable.
You must also include one resource that you found on your own.
2. Your research report should use standard terms and definitions for cybersecurity. See Course
Content > Cybersecurity Concepts for recommended resources.
3. Your research report should be professional in appearance with consistent use of fonts, font sizes,
margins, etc. You should use headings to organize your paper. The CSIA program recommends that
you follow standard APA formatting since this will give you a document that meets the “professional
appearance” requirements. APA formatting guidelines and examples are found under Course
Resources > APA Resources. An APA template file (MS Word format) has also been provided for your
use.
4. You are expected to write grammatically correct English in every assignment that you submit for
grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying
that your punctuation is correct and (d) reviewing your work for correct word usage and correctly
structured sentences and paragraphs.
3
Copyright ©2017 by University of Maryland University College. All Rights Reserved
CSIA 300: Cybersecurity for Leaders and Managers
5. You are expected to credit your sources using in-text citations and reference list entries. Both your
citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.).
Criteria
Excellent
15 points
Outstanding
Acceptable
Needs Improvement Needs Sig
13.5 points
12 points
Introduction or
Overview for the
Report
Provided an
excellent overview of
the problem (security
and privacy concerns
arising from
implementation of a
new technology).
The introduction was
clear, concise, and
accurate. Writer
appropriately used
information from 3 or
more authoritative
sources
20 points
Analysis: Use
Cases for the
Technology
Analysis: Privacy
and Security
Issues
Provided an
outstanding overview
of the problem
(security and privacy
concerns arising
from implementation
of a new technology).
The introduction was
clear and accurate.
Writer appropriately
used information
from at least 2
authoritative sources
18 points
10 points
Provided an
acceptable overview
of the problem
(implementation of a
new technology).
Mentioned the
security and privacy
concerns. Writer
appropriately used
information from
authoritative sources
6 points
Provided an overview
but the section lacked
important details
about the problem.
Information from
authoritative sources
was cited and used in
the overview.
Attempted
introductio
but this se
off topic, a
supported
from autho
16 points
Provided an
excellent overview /
introduction to the
new technology.
Fully described at
least one of the use
cases. Clearly
identified five or
more types of
personal / private
information or data
collected, stored,
processed, and
transmitted in
conjunction with the
use
case. Appropriately
used information
from 3 or more
authoritative sources.
Provided an
outstanding overview
/ introduction to the
new technology.
Partially described
one of the use cases
and identified three
or more types of
personal / private
information or data
collected, stored,
processed, and
transmitted in
conjunction with the
use
case. Appropriately
used information
from 2 or more
authoritative sources.
Provided an
acceptable overview
/ introduction to the
new technology.
Mentioned at least
one of the use cases
and identified some
types of personal /
private information or
data collected,
stored, processed,
and transmitted in
conjunction with the
use
case. Appropriately
used information
from authoritative
sources.
14 points
15 points
13.5 points
12 points
10 points
4
Copyright ©2017 by University of Maryland University College. All Rights Reserved
Provided a
discussion of a use
case for the
technology. Identified
at least one type of
personal or private
information collected
or stored. Information
from authoritative
sources was cited
and used.
7 points
Attempted
about the t
discussion
lacking in d
well suppo
drawn from
6 points
CSIA 300: Cybersecurity for Leaders and Managers
Provided an
excellent analysis of
five or more privacy
and security issues
related to the use
case. The analysis
was presented in a
clear, concise, and
accurate manner.
Identified and
discussed at least
three relevant laws
which could impact
the planned use.
Appropriately used
information from 3 or
more authoritative
sources.
15 points
Provided an
outstanding analysis
of three or more
privacy and security
issues related to the
use case. The
analysis was
presented in a clear
and accurate
manner. Identified
and discussed at
least two relevant
laws which could
impact the planned
use. Appropriately
used information
from 2 or more
authoritative sources.
13.5 points
Provided an
acceptable analysis
of two or more
privacy and security
issues related to the
use case. The
analysis was
presented in a clear,
concise, and
accurate manner.
Identified and
discussed at least
one relevant law
which could impact
the planned use.
Appropriately used
information from
authoritative sources.
Provided a
discussion of the
technology and
mentioned at least
one planned use (use
case). Information
from authoritative
sources was cited
and used.
Attempted
about the t
discussion
lacking in d
well suppo
drawn from
12 points
10 points
Provided an
excellent discussion
of at least five best
practicebased
recommendations for
ensuring that privacy
and security
concerns are
addressed before the
technology is put into
Best Practice
Recommendations: use by the company.
People, Processes, Included at least one
recommendation in
Policies and
each of the following
Technologies
categories:
•
•
•
•
People
Processes
Policies
Technologies
The discussion
appropriately used
information from
three or more
authoritative sources.
Summary of
10 points
Recommendations
Provided an
outstanding
discussion of at least
four best
practicebased
recommendations
ensuring that privacy
and security
concerns are
addressed before the
technology is put into
use by the company.
Included at least one
recommendation in
three of the following
categories:
•
•
•
•
People
Processes
Policies
Technologies
Provided an
acceptable
discussion of at least
three best
practice based
recommendations for
ensuring that privacy
and security
concerns are
addressed before the
technology is put into
use by the company.
Included at least one
recommendation in
two of the following
categories:
•
•
•
•
People
Processes
Policies
Technologies
The discussion
appropriately used
information from two
or more authoritative
sources.
The discussion
appropriately used
information from
authoritative sources.
8.5 points
7 points
5
Copyright ©2017 by University of Maryland University College. All Rights Reserved
Identified 2 or
more best
practices for
preventing /
responding to privacy
and security
concerns associated
with the planned uses
of the technology.
Included at least one
recommendation in
two or more of the
following categories:
•
•
•
•
People
Processes
Policies
Technologies
6 points
Attempted
about best
addressing
security co
discussion
supported
authoritativ
The discussion
appropriately used
information from
authoritative sources.
6 points
4 points
CSIA 300: Cybersecurity for Leaders and Managers
Professionalism:
Addressed security
issues using
standard
cybersecurity
terminology
The closing section
provided an excellent
summary of the
issues and bestpracticebased
recommendations for
ensuring that security
and privacy
requirements are
met.
The closing section
provided an
outstanding
summary of the
issues and bestpractice based
recommendations for
ensuring that security
and privacy
requirements are
met.
5 points
4 points
The closing section
provided an
acceptable summary
of the issues
and bestpractice based
recommendations for
ensuring that security
and privacy
requirements are
met.
The closing section
provided some
information
summarizing the
issues and
recommendations but
lacked detail or was
disorganized.
A closing s
but was no
well suppo
from autho
2 points
3 points
1 point
Demonstrated
excellence in the
integration of standard
cybersecurity
terminology into the
report.
Provided an
outstanding
integration of standard
cybersecurity
terminology into the
report.
Integrated standard
cybersecurity
terminology into the
into the report.
4 points
3 points
Work contains a
reference list
containing entries for
all cited resources.
Sufficient information
is provided to allow a
reader to find and
retrieve the cited
sources. One or two
inconsistencies or
errors in format for intext citations and/or
reference list entries.
Work contains a
reference list
containing entries for
all cited resources.
Sufficient information
is provided to allow a
reader to find and
retrieve the cited
sources. No more than
5 inconsistencies or
errors in format for intext citations and/or
reference list entries.
4 points
3 points
Submitted work has
minor style or
formatting flaws but
still presents a
professional
appearance. Submitted
work is well organized
Organization and/or
appearance of
submitted work could
be improved through
better use of fonts,
color, titles, headings,
etc. OR Submitted
Used standard
cybersecurity
terminology but this
usage was not well
integrated with the
discussion.
Misused sta
terminology
5 points
Work contains a
reference list
containing entries for
all cited resources.
Sufficient information
Professionalism:
is provided to allow a
Consistent Use
and Formatting for reader to find and
Citations and
retrieve the cited
Reference List
sources. Reference list
entries and in-text
citations are
consistently and
correctly formatted
using an appropriate
citation style (APA,
MLA, etc.).
5 points
Professionalism:
Organization &
Appearance
Submitted work shows
outstanding
organization and the
use of color, fonts,
titles, headings and
sub-headings, etc. is
6
Copyright ©2017 by University of Maryland University College. All Rights Reserved
2 points
Work has no more than
three paragraphs with
omissions of citations
crediting sources for
facts and information.
Work contains a
reference list
containing entries for
cited resources. Work
contains no more than
10 inconsistencies or
errors in format.
1 point
2 points
1 point
Submitted work has
multiple style or
formatting errors.
Organization and
professional
appearance need
Submitted w
requiremen
and format
disorganize
rewritten fo
professiona
Work attem
demonstrat
to understa
apply a pro
for the refe
citations.
CSIA 300: Cybersecurity for Leaders and Managers
appropriate to the
assignment type.
and appropriately uses
color, fonts, and
section headings (per
the assignment’s
directions).
work has multiple style substantial
or formatting errors.
improvement.
Professional
appearance could be
improved.
8.5 points
7 points
6 points
4 points
10 points
Professionalism:
Execution
Overall Score
No formatting,
grammar, spelling, or
punctuation errors.
Excellent
90 or more
Work contains minor
errors in formatting,
grammar, spelling or
punctuation which do
not significantly impact
professional
appearance.
Outstanding
80 or more
Errors in formatting,
spelling, grammar, or
punctuation which
detract from
professional
appearance of the
submitted work.
Acceptable
70 or more
7
Copyright ©2017 by University of Maryland University College. All Rights Reserved
Submitted work has
numerous errors in
formatting, spelling,
grammar, or
punctuation. Work is
unprofessional in
appearance.
Submitted w
understand
errors in for
grammar, p
usage.
Needs Improvement Needs Sig
56 or more
…
Purchase answer to see full
attachment
How it works
- Paste your instructions in the instructions box. You can also attach an instructions file
- Select the writer category, deadline, education level and review the instructions
- Make a payment for the order to be assignment to a writer
- Download the paper after the writer uploads it
Will the writer plagiarize my essay?
You will get a plagiarism-free paper and you can get an originality report upon request.
Is this service safe?
All the personal information is confidential and we have 100% safe payment methods. We also guarantee good grades