Case Study #3: Intellectual Property Theft AnalysisScenario
For your next rotational assignment, you will be working in the Corporate Security Services Office. Your specific assignment will be as a member of the team trying to assess the potential impact of an intellectual property theft by an insider working in the Property Holdings & Development (PHD) office. The head of PHD became suspicious after a key member of the Future Plans team resigned and joined a competitor in the RV Parks and Resorts business area. Log files on the employee’s corporate laptop showed that a large number of files were downloaded from the company’s file servers and were then uploaded to the individual’s personal cloud storage account.
Since this is a training opportunity for you, your team leader has asked that you first review some resources about insider threats and intellectual property thefts. After you’ve done that, you should review the Padgett-Beale corporate history and the industry overview provided to you when you first started here as a management intern (see CSIA 300 Padgett-Beale Corporate Profile v1.pdf). As you review this information, you should pay close attention to information about the company’s holdings, operations, and future plans for its Recreational Vehicle Parks business area.
Your deliverable for this assignment will be a briefing paper that identifies and discusses five or more security and privacy issues that could impact the company’s ability to benefit from its intellectual property (especially its future plans and strategies). Since we already know that this was an insider theft issue, you should focus on that as well. After you identify and describe each security or privacy issue, include two to three additional points that managers should know about insider thefts of corporate intellectual property. Try to keep a neutral tone, that is, you should focus on issues and solutions not blame. You should also address the importance of protecting intellectual property. After you address the issues, identify and discuss at least 5 recommended solutions to the problem of intellectual property theft (include at least one technology solution and one policy solution). See the instructions below for additional information about length, formatting, and citing of sources.
1. Review the Weekly readings to date. You should also review the readings/resources for data security and data loss prevention from Case Study #2.
2. Review this article about the impacts and costs of intellectual property thefts: https://dupress.deloitte.com/dup-us-en/deloitte-review/issue-19/loss-of-intellectual-property-ip-breach.html?id=us:2el:3dc:dup3303:awa:dup:dr19:cyberrisk:dcpromo
3. Next, review this technical report about insider theft of intellectual property and best practices for mitigating associated risks: https://resources.sei.cmu.edu/asset_files/TechnicalNote/2013_004_001_48680.pdf
4. Then, review this Insider Threat brochure from the Federal Bureau of Investigation https://www.fbi.gov/file-repository/insider_threat_brochure.pdf
5. Find at least one additional relevant resource on your own.
provide briefing paper in which you present a summary of the issues (including a description of the types of intellectual property which may have been stolen). You should then summarize your research into insider theft of intellectual property and your recommendations as to how the company should respond to the incident (including response to the current incident and detection and prevention strategies for the future). Be choosy about what you include – a busy executive or manager does not want to read lengthy, rambling reports. Don’t be too choosy however. Your recommended content should be comprehensive and fully address the security and privacy issues related to theft of intellectual property by insiders.
At a minimum, your briefing paper for this case study must include the following:
1. An introduction to the case scenario and the topic (use the information above and from the corporate history / industry overview).
2. An analysis of the security and privacy issues that includes five or more key points about the topic (“intellectual property theft by insiders”).
3. Recommendations for 5 or more best practice based actions that managers and employees should take to address the identified security and privacy issues. Include at least one recommendation for a technology based solution. Include at least one recommendation for a policy based solution as well. Solutions that you suggested for Case Study #2 may work here as well but, you should include at least two new solutions that are unique to intellectual property and/or insider threats.
4. A closing section in which you restate the key issues and your recommendations.
As you provide briefing paper, make sure that you address security issues using standard terms and definitions. See the resources listed under Week 1 and under Course Resources > Cybersecurity Concepts for definitions and terminology.
Submit For Grading
Submit your research paper in MS Word format (.docx or .doc file) using the Case Study #1 Assignment in your assignment folder. (Attach your file to the assignment entry.)
1. To save you time, a set of appropriate resources / reference materials has been included as part of this assignment. You must incorporate at least three of these resources into your final deliverable. You must also include one resource that you found on your own.
2. Your briefing paper should use standard terms and definitions for cybersecurity. See Course Content > Cybersecurity Concepts for recommended resources.
3. You must include a first gage with the assignment title, your name, and the due date. Your reference list must be on a separate page at the end of your file. These pages do not count towards the assignment’s minimum page count. (An example and template file are available in the LEO classroom. See CSIA_Basic_Paper_Template(APA_6ed,Nov2014).docx file under Content > Course Resources.)
4. Your briefing paper should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings to organize your paper. The CSIA program recommends that you follow standard APA since this will give you a document that meets the “professional appearance” requirements. guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use CSIA_Basic_Paper_Template(APA_6ed,Nov2014).docx.
5. You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
6. You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.).