15 Nov Follow the lecture on Week 13 to create and organize your research notes #1, #2, and #3 into an outline format. You DO NOT need to furnish the full paragraphs for the writing but if
Follow the lecture on Week 13 to create and organize your research notes #1, #2, and #3 into an outline format. You DO NOT need to furnish the full paragraphs for the writing but if you have already started working on the writing, it is OK too.
There is NO length requirement for the outline.
1. Final Draft
2. Presentation PPT
Research Workshop Unit 4 – Preparing the outline
ACCT 855
Seminar in Cybersecurity Audit and Disclosure
Dr. Tien Lee, Ph.D., PMP, CISA, CISSP [email protected] | (415)644-TIEN San Francisco State University Lam Family College of Business
Preparing for the Final Draft.
Today:
workshop on preparing outline
Individual Workshop Consultation is available.
Research Note #4 (due on the first presentation date) should include:
Cover page of your report
Outlines of your final report (main heading, sub headings)
Clean up and organize your research notes #1, #2, and #3 into the outlines.
Final Report is DUE on 12/12!
Preparing the Outline
Get started!
Preparing an outline is a crucial step in organizing your thoughts and structuring a long article.
Research and Gather Information:
Use what you have learned in class and from each research notes.
Work on the structure
Use a framework
Decide on the main sections.
Organize your thoughts into sub sections.
Common Structure
Cover page
Table of Content
if you use outline properly, such as H1, H2, H3… modern word processors can generate the table of content automatically.
Executive Summary
a ONE page summary of ALL parts.
Main Body
Sections and sub sections
Intro – analysis – benchmark – lesson learned – conclude.
Reference and bibliography
The Main Body
Introduction
contains the background information.
DO NOT spend too much time introducing the company. Focus on the breach event.
“Set the stage” and prepare to introduce “the play”
“What happened?” — You can start with headline-grabbing items from the breach to entice readers’ interest.
Once stage is set, and the basic information is known, you can move on to the analysis.
The Main Body – Introduction
Introduction
contains the background information.
DO NOT spend too much time introducing the company. Focus on the breach event.
“Set the stage” and prepare to introduce “the play”
“What happened?” — You can start with headline-grabbing items from the breach to entice readers’ interest.
Once stage is set, and the basic information is known, you can move on to the analysis.
The Main Body – Analysis
Analysis
Analysis of the facts: the anatomy of the breach.
Can be difficult if the subject matter is unfamiliar to the reader.
Adopt a framework of analysis
You may use the framework introduced in this course to provide the outline for the analysis of facts.
Threat
Threat agent
Vulnerability
The breach
Discovery
Investigation
Impact
Remediation
The Main Body – Benchmark
Benchmark – Evaluation of firm’s disclosure.
The “benchmarking” section usually follows the facts. In this section, the writer will grade, compare, or evaluate the facts.
Example:
Base on the facts analyzed and gathered structurally, how does it compare to _____?
Structures can be useful (see lecture unit 9)
Pros & Cons; good and bad?
Area that’s missing?
Evaluation (1-10? Yes or no?)
justification of the evaluation.
The Main Body – Lesson Learned
Lesson Learned
Based on the facts analyzed, and benchmarks that have performed, what have we learned?
Example:
For the firm: “What we need to do to make a better cybersecurity disclosure?”
The internal reporting mechanism
Board Responsibility (what should the board do?)
Risk Management (What is at risk? What are the potential impacts of future incidents?
Management Involvement
Reporting Structure
Cybersecurity Awareness
Incident Response Preparation
The Main Body – Conclusion
Conclude your article.
This is the part you can voice your opinion.
address your audience and consider the tone based on who the audiences are.
Highlight the “big-ticket” items
Address organizational learning
Forward looking statements
Follow-up activities
Executive Summary
Summarize your sections into 1 paragraph each. So that the busy executives do not read the whole thing.
Individual Consultation
image1.jpeg
image2.png
image3.png
,
Evaluation of MGM Cybersecurity Breach Exposures
How complete was the disclosure? What aspects of the breach were disclosed (Threat – threat agent – vulnerability – actual breach – discovery – investigation – impact – remediation)?
On October 5, 2023, MGM Resorts filed the details of the recently concluded cyberattack on MGM data collection and management systems. The company claimed that hackers had managed to access customer's personal information, including their names, contact information, gender, dates of birth, driver's license numbers, social security numbers, and passport details. However, the hackers are unlikely to have gained access to customer security passwords and payment details. MGM Resorts was unclear about the number of affected users in the recently concluded cyberattack.
How timely was the disclosure? Did it provide adequate time references for evaluation (report, discovery, investigation, and remediation lag)?
The details provided by MGM Resorts in their fillings confirmed that the company systems were breached by a cyberattack leading to stealing customer's personal information. The extent of damages in terms of stealing personal data was reported, and the likely repercussions of economic losses due to the disruption of services were estimated to be more than $100 million in the context of lost earnings.
Did management involve themselves in the disclosure? (signature of C-suite executives)
Yes, as the filings submitted by MGM Resorts on October 5, 2023, were signed by Jessica Cunningham, Vice President, Legal Counsel, and Assistant Secretary of MGM Resorts. MGM Resorts management actively dealt with the impact of cyberattacks and decisions related
to the normalization of services provided by the company. The company had reportedly spent around $10 million in one-time expenses related to the recovery activities from the cyberattack (Page & Whittaker, 2023). MGM Resort management had decided not to pay ransom to the hacker group. It deemed the company's cybersecurity insurance sufficient to meet the economic impact of the recent cyberattacks.
,
Threat
Threat refers to the risks or losses resulting from a cyberattack. In the MGM security breach, the loss of customers' personal information, including their names, contact information, gender, dates of birth, and driver's license numbers, can be considered a threat in the given context. Also, the suspension of MGM Resort services, which included disruptions to MGM Resorts and the closing down of ATM services and online booking systems, led to an estimated loss of $100 million to MGM Resorts (Page & Whittaker, 2023).
Threat Agent
A threat agent is a person, entity, or actor that carries out the cyberattack. Hackers from the ALPHV subgroup Scattered Spider claimed the September 11 large-scale cyberattack on MGM Resorts. The hackers claimed in their message, "If you have money, we want it."
Vulnerability
Vulnerability refers to the weakness hackers exploit to get into the system to employ the cyberattack. As per the claims made by hackers from the ALPHV subgroup Scattered Spider, the group found a LinkedIn profile of an MGM employee and employed social engineering techniques to compromise MGM Resorts Cybersecurity systems (Page & Whittaker, 2023). The hacker group used the details collected from employees' LinkedIn to access their accounts by calling MGM's help desk.
Discovery
The recent cyberattack was discovered after the manifestation of large-scale service disruptions experienced by customers of MGM Resorts beginning on September 11, 2023. The company officially acknowledged the occurrence of a cyberattack in its filing with the SEC on October 5, 2023.
Investigation
Internal investigations by MGM Resorts revealed that no customer passwords or payment details were likely to have been captured in the cyberattacks. The hackers were able to gain access to the personal information of customers, including their names, contact information, gender, dates of birth, and driver's license (Page & Whittaker, 2023). MGM Resort also reported that the hackers may have accessed the social security numbers and passport details. The investigations also revealed that the number of affected customers was yet to be determined.
Impact Assessment
MGM Resorts also reported that the recent cyberattack may result in losses of an estimated $100 million in terms of loss of earnings and an estimated one-time expense of $10 million in cyberattack-related activities. Customers reported service disruptions, including accessing ATM services, Casinos, and online booking systems days after the discovery of cyberattacks.
Remediation
MGM Resort management reported that the company's cybersecurity insurance policy options were sufficient for making up the losses incurred due to the recently concluded cyberattack on company systems.
,
8
Research Workshop #3
In cybersecurity governance and event reporting, the MGM Resorts 2023 security breach is a crucial example. The issue is examined from the perspective of internal audit in this research note, which highlights essential elements such as board accountability, risk management, management involvement, reporting frameworks, cybersecurity awareness, and incident response plans (Mohana Krishnan et al., 2023). Given its extensive financial impact, this breach emphasizes the need for proactive risk management approaches and the importance of strong cybersecurity governance. Furthermore, the particulars of this incident are explored, and the critical responsibilities that different stakeholders, including board members, management, and internal audit, play in preventing and addressing cybersecurity threats of this nature are examined.
Board Responsibility
Effective response systems and cybersecurity governance are major responsibilities of the board of directors. Regarding the security breach at MGM Resorts, the board needs to have adhered to the following obligations:
Set the Tone
Establishing the tone meant cultivating a cybersecurity-aware culture that emphasized how vital it is to protect consumer data and follow industry rules. This fundamental step reinforced the organization's commitment to data security and regulatory compliance by highlighting the necessity for vigilance and compliance in the face of emerging cyber threats.
Oversight of Risk Management
The board exhibited proactive supervision by assessing and approving the company's risk management plan. Given the significant estimated losses of $100 million caused by this attack, the board's ability to comprehend the possible ramifications of future cybersecurity breaches was made possible by this all-encompassing strategy, which was crucial. This inspection made sure that the organization's attempts to mitigate risk matched its larger goals for business.
Resource Allocation
Assuring that vital resources were set aside to support cybersecurity measures, the board was instrumental in determining how best to allocate resources. To strengthen the organization's cybersecurity defences, funds must be set aside for staff training and the purchase of cutting-edge security equipment. Sufficient money was essential to building an efficient defensive mechanism against cyberattacks and guaranteeing that the company had the personnel and equipment to safeguard confidential information and lessen any dangers.
Regular Reporting
The board established a system for frequent reporting, requiring management to provide regular reports on the state of the organization's cybersecurity. These reports included details on new threats, security incidents, and the general effectiveness of the cybersecurity program. This procedure guaranteed openness and informed the board, allowing prompt revisions to the organization's cybersecurity plan.
Legal and Regulatory Compliance
In cybersecurity governance, putting legal and regulatory compliance first is essential. It includes ensuring the company complies with cybersecurity standards set forth by regulatory agencies like the SEC. Significant incidents must be reported promptly in accordance with these requirements. Compliance reduces possible legal risks and financial fines by guaranteeing that the company stays within the bounds of the law. Also, it shows a dedication to openness and responsibility, both essential for preserving stakeholder confidence and limiting harm to one's reputation in the case of a cyberattack.
Risk Management
Many important assets were in danger in the context of the MGM Resorts security incident. Confidential client data such as addresses, telephone numbers, names, sex, dates of birth, driver's license numbers, social security identities, and passport information were among them. The breach also put the organization's credibility and reputation at risk. Future attacks could have a significant impact because the breach resulted in an estimated loss of over $100 million in earnings, highlighting the financial vulnerability (Childs, 2023). In order to mitigate these risks, the organization needs to create a clear incident response plan, invest in strong cybersecurity systems, and build thorough risk mitigation methods.
Potential Impact Analysis
Future cybersecurity incidents could have a wide range of possible effects and could significantly influence an organization. These effects include factors related to finances, operations, and reputation. Incidents may cause large financial losses due to direct event response and recovery expenditures, legal obligations, and regulatory fines. Downtime brought on by operational hiccups can impact customer satisfaction and service delivery. Furthermore, hacked consumer data can undermine confidence and harm the company's image. Strong risk management and incident response plans are essential since the scope and form of these effects might change based on the type and severity of the incident.
Risk Handling Strategies
Using efficient risk management techniques is essential to controlling the possible effects of cybersecurity events. These tactics could consist of the following:
Risk Mitigation:
Proactive steps are taken to lessen the possibility and effect of cybersecurity events as part of risk mitigation. To bolster an organization's defences against potential threats and vulnerabilities includes implementing stronger security controls, regular patch management, and access limits.
Risk Transfer:
Transferring part of the financial burden of cybersecurity incidents to an insurance provider is known as risk transfer (Childs, 2023). Organizations acquire cybersecurity insurance plans to protect against potential losses, such as incident response expenses, fines from regulatory bodies, and legal obligations. The financial impact of security breaches is lessened with this tactic.
Risk Acceptance:
This refers to the organization recognising that some risks are unavoidable and deciding to forgo further resources to reduce or eliminate them. It is frequently used when a risk has little probability or impact, and the expense of mitigating it could be more than the risk's possible outcomes. The risk tolerance of an organization is in line with this approach.
Incident Response Planning:
Creating an organized, well-documented strategy for handling and lessening the effects of cybersecurity incidents is known as incident response planning. It describes the actions and protocols that must be taken in the event of an incident, including incident identification, containment, eradication, recovery, and lessons gained (Childs, 2023). A well-thought-out plan is necessary for prompt and efficient incident handling.
Management Involvement
Organizational leadership must take a proactive approach to managing cybersecurity. In this context, the roles of the Chief Information Officer (CIO) and Chief Information Security Officer (CISO) are crucial. To ensure that the company's computer networks and technological infrastructure comply with cybersecurity regulations and processes, the CIO monitors them. The planning and execution of cybersecurity, comprising risk evaluations and safety measures, is the purview of the chief information security officer (CISO). They collaborate to preserve a strong cybersecurity posture. They are responsible for creating and enforcing cybersecurity policies, putting technological controls in place, performing frequent risk analyses, and ensuring the company is prepared for cyberattacks. Their close interaction and frequent board reports guarantee that the leadership is knowledgeable about cybersecurity issues, encouraging a proactive and strong approach to incident prevention.
Reporting Structure
For cybersecurity incident management to be effective, the organization must establish a clearly defined reporting system. It entails defining escalation protocols and assigning particular people or groups as points of contact for incident reporting. When an incident happens, this structure makes incident reporting easier and guarantees that the appropriate people are notified right away (Hendrix, 2023). Well-defined reporting pathways facilitate efficient detection, evaluation, and reaction. This reduces the possible consequences of cybersecurity incidents and strengthens the organization's ability to withstand changing threats.
Cybersecurity Awareness
Encouraging cybersecurity awareness among all staff members is essential to constructing a strong defence against constantly changing threats. This means putting in place extensive training and educational initiatives. Through such activities, the organization hopes to instil a sense of awareness regarding the crucial relevance of cybersecurity in protecting customer data and reputation. Workers are essential in seeing and thwarting possible attacks, especially regarding social engineering tactics like phishing. Organizations may help create a safer digital environment by empowering their teams to act as a collective shield against cybersecurity risks through workforce education and awareness-raising.
Incident Response Preparation
An essential part of cybersecurity readiness is incident response planning. It entails drafting and revising a comprehensive plan that specifies the actions to take in order to manage and lessen the effects of cybersecurity events efficiently. This plan covers threat identification, incident containment, threat eradication, affected system recovery, and post-event analysis to enhance response tactics. Regularly holding incident response drills and exercises enables staff members to become acquainted with their duties and obligations in case of a security breach. The organization's incident response capabilities must be continuously improved, which requires recording and evaluating these drills. Thanks to a well-prepared incident response strategy, the organization can react quickly and efficiently when cybersecurity events arise.
Conclusion
In conclusion, the security compromise at MGM Resorts highlights the importance of proactive cybersecurity governance and incident response plans. Organizations can strengthen their cybersecurity posture and guarantee compliance with external requirements like those imposed by the SEC by implementing various measures, including board responsibility, risk management, management involvement, reporting structure, cybersecurity awareness, and incident response planning. Organizations need internal audit assistance in these efforts because it fosters security and resilience against the ever-growing threat of cyberattacks. Businesses aiming to improve their cybersecurity procedures might benefit greatly from the lessons this hack taught us.
References
Childs, D. (2023). The Hospitality Curriculum Cybersecurity Education Shortfall: An Exploratory Study (Doctoral dissertation, Marymount University).
Hendrix, B. (2023). The effect of ISBs on publicly listed companies’ business performance.
MohanaKrishnan, M., Kumar, A. S., Talukdar, V., Saleh, O. S., Irawati, I. D., Latip, R., & Kaur, G. (2023). Artificial Intelligence in Cyber Security. In Handbook of Research on Deep Learning Techniques for Cloud-Based Industrial
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
About Wridemy
We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.
How It Works
To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Are there Discounts?
All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.