You have been assigned to support the Padgett-Beale Merger & Acquisition (M&A) team working under the direct supervision of Padgett-Beale’s Chief Information Security Officer (CISO). The M&A team is in the planning stages for how it will integrate a new acquisition, Island Banking Services, into the company as its financial services arm (PBI-FS). Initially, PBI-FS will function as a wholly owned subsidiary which means that it must have its own separate cybersecurity program.
Your first major task (Project #1) will be to help develop a Cybersecurity Strategy & Plan of Action for PBI-FS. Island Banking Services never had a formal cybersecurity program so you’re starting from scratch. You will need to research best practices as well as relying heavily upon what you learned in your undergraduate studies in Cybersecurity Management and Policy. The CISO has provided detailed instructions for this task. (These appear after the Background section below.)
After five years of operation, Island Banking Services — a non-U.S. firm — was forced into bankruptcy after criminal money laundering charges were filed against the company and its officers. Padgett-Beale, Inc. purchased the digital assets and records of this financial services firm from the bankruptcy courts. The purchased assets include licenses for office productivity software, financial transactions processing software, database software, and operating systems for workstations and servers. Additional assets included in the sale include the hardware, software, and licensing required to operate the company’s internal computer networks.
Figure 1. Island Banking Services IT Infrastructure Purchased by Padgett-Beale, Inc.
Padgett-Beale’s legal counsel successfully negotiated with the bankruptcy court and the criminal courts for the return of copies of the company’s records so that it could restart Island Banking Service’s operations. The courts agreed to do so after Padgett-Beale committed in writing to reopening the customer service call center (but not the branch offices) on the island. Reopening the call center will provide continued employment for 10 island residents including 2 call center supervisors. Padgett-Beale intends to relocate the call center to a company owned property approximately 10 miles away from the current location and adjacent to a newly opened Padgett-Beale resort.
Padgett-Beale’s Risk Manager has recommended that the Merger & Acquisition plan be amended such that Island Banking Services would be operated as a wholly owned subsidiary for a period of 5 years rather than being immediately and fully integrated as an operating element of Padgett-Beale. The company’s attorneys agreed that this would be the best approach given the potential for additional legal troubles related to the actions of the previous owners and employees. The Board of Directors has signed off on this amendment to the M&A plan and stipulated that the new subsidiary will be named PBI Financial Services (PBI-FS). The company officers and senior managers for PBI-FS will be named at a later date. For now, the leader of the M&A Team will serve as the Chief Operating Officer. Padgett-Beale’s Chief Information Security Officer will be loaned to PBI-FS while a search is conducted for a dedicated CISO for the subsidiary.
CISO’s Detailed Instructions to You
The CISO has given you and your team mates a set of instructions (below) which you should follow as you complete this task.
Task #1: Read and Analyze the Background Materials
If you have not already done so, read the Background information in this file. Next, review the Padgett-Beale M&A Profile 2020 which was posted to the LEO classroom. You should also review all materials from the classroom for Weeks 1 – 4 as these provide needed information about the Financial Services industry and the legal and regulatory requirements which apply to this industry.
Task #2: Perform a Gap Analysis & Construct a Risk Register
Using the information available to you, determine the most likely information technology/security gaps which existed at Island Banking Services prior to its being acquired by PBI. Next, determine which of these, if not addressed, will likely exist in the newly formed subsidiary PBI-FS. Document your analysis and evaluation in a Gap Analysis.
Your Gap Analysis should address operating issues relating to confidentiality, integrity, and availability (CIA) of information, information systems, and information infrastructures owned or used by PBI-FS. Your analysis should also consider and use the People, Process, and Technology framework.
Intro/Overview: Provide an excellent overview of the security strategy. Introduction must be clear, concise, and accurate. Writer appropriately used information from 3 or more authoritative source
Step 1: Identify 10 or more significant cybersecurity issues/challenges/risks which the background information and M&A profile indicate currently exist at PBI-FS / Island Banking Services. You are allowed to “read between the lines” but must be able to map your analysis and findings to specific statements from these documents. These items will become your “Gaps” for the Gap Analysis. Use one or more cybersecurity frameworks or standards (e.g. NIST CSF; People, Processes, and Technologies; Confidentiality, integrity, availability) to organize your analysis.
Compelling correspondence is essential to the achievement all things considered but since of the changing idea of the present working environments, successful correspondence turns out to be more troublesome, and because of the numerous impediments that will permit beneficiaries to acknowledge the plan of the sender It is restricted. Misguided judgments.In spite of the fact that correspondence inside the association is rarely completely open, numerous straightforward arrangements can be executed to advance the effect of these hindrances.
Concerning specific contextual analysis, two significant correspondence standards, correspondence channel determination and commotion are self-evident. This course presents the standards of correspondence, the act of general correspondence, and different speculations to all the more likely comprehend the correspondence exchanges experienced in regular daily existence. The standards and practices that you learn in this course give the premise to additionally learning and correspondence.
This course starts with an outline of the correspondence cycle, the method of reasoning and hypothesis. In resulting modules of the course, we will look at explicit use of relational connections in close to home and expert life. These incorporate relational correspondence, bunch correspondence and dynamic, authoritative correspondence in the work environment or relational correspondence. Rule of Business Communication In request to make correspondence viable, it is important to follow a few rules and standards. Seven of them are fundamental and applicable, and these are clear, finished, brief, obliging, right, thought to be, concrete. These standards are frequently called 7C for business correspondence. The subtleties of these correspondence standards are examined underneath: Politeness Principle: When conveying, we should build up a cordial relationship with every individual who sends data to us.
To be inviting and polite is indistinguishable, and politeness requires an insightful and amicable activity against others. Axioms are notable that gracious “pay of graciousness is the main thing to win everything”. Correspondence staff ought to consistently remember this. The accompanying standards may assist with improving courtesy:Preliminary considering correspondence with family All glad families have the mystery of progress. This achievement originates from a strong establishment of closeness and closeness. Indeed, through private correspondence these cozy family connections become all the more intently. Correspondence is the foundation of different affiliations, building solid partners of obedient devotion, improving family way of life, and assisting with accomplishing satisfaction (Gosche, p. 1). In any case, so as to keep up an amicable relationship, a few families experienced tumultuous encounters. Correspondence in the family is an intricate and alluring marvel. Correspondence between families isn’t restricted to single messages between families or verbal correspondence.
It is a unique cycle that oversees force, closeness and limits, cohesiveness and flexibility of route frameworks, and makes pictures, topics, stories, ceremonies, rules, jobs, making implications, making a feeling of family life An intelligent cycle that makes a model. This model has passed ages. Notwithstanding the view as a family and family automatic framework, one of the greatest exploration establishments in between family correspondence centers around a family correspondence model. Family correspondence model (FCP) hypothesis clarifies why families impart in their own specific manner dependent on one another ‘s psychological direction. Early FCP research established in media research is keen on how families handle broad communications data. Family correspondence was perceived as an exceptional scholastic exploration field by the National Communications Association in 1989. Family correspondence researchers were at first impacted by family research, social brain science, and relational hypothesis, before long built up the hypothesis and began research in a family framework zeroed in on a significant job. Until 2001, the primary issue of the Family Communication Research Journal, Family Communication Magazine, was given. Family correspondence is more than the field of correspondence analysts in the family. Examination on family correspondence is normally done by individuals in brain science, humanism, and family research, to give some examples models. However, as the popular family correspondence researcher Leslie Baxter stated, it is the focal point of this intelligent semantic creation measure making the grant of family correspondence special. In the field of in-home correspondence, correspondence is normally not founded on autonomous messages from one sender to one beneficiary, yet dependent on the dynamic interdependency of data shared among families It is conceptualized. The focal point of this methodology is on the shared trait of semantic development inside family frameworks. As such, producing doesn’t happen in vacuum, however it happens in a wide scope of ages and social exchange.
Standards are rules end up being followed when performing work to agree to a given objective. Hierarchical achievement relies significantly upon compelling correspondence. So as to successfully impart, it is important to follow a few standards and rules. Coming up next are rules to guarantee powerful correspondence: clearness: lucidity of data is a significant guideline of correspondence. For beneficiaries to know the message plainly, the messages ought to be sorted out in a basic language. To guarantee that beneficiaries can without much of a stretch comprehend the importance of the message, the sender needs to impart unmistakably and unhesitatingly so the beneficiary can plainly and unquestionably comprehend the data.>