SCENARIO BASED AROUND THE DISCRIMINATING SUB-TOPIC: There has been a privacy breach at your organisation resulting in client details, including personal and financial details becoming freely available on the web for a period of 2 weeks. This has resulted in some clients’ bank accounts being hacked and others being embarrassed by the leaking of personal health information, and other personal information including but not limited to relationship status and history, debts, and credit card transactions. There has been an internal investigation following the breach. The results of that investigation suggest that the organisation’s cyber-security system was out of date and inadequate. This was despite the fact that that head of cyber-security had advised the board that a more up-to-date and secure system was needed some time ago. The organisation is receiving phone calls, letters and emails from clients threatening legal action. Pretend you are the CEO of the organisation at which the privacy breech occurred. DRAFT an organisational apology setting out the reasons why the apology is necessary, the elements of your apology, and any barriers you may face in giving the apology. Write 500 words.
Apology letter
Dear clients,
We as an organisation is sorry for the loss caused to our clients over the past two weeks due to privacy breach at our organisation, resulting in the leak of personal data and other personal information including bank account details of our clients.We will definitely compensate for the losses caused due to our clients due to bank account breach,credit card debit card transactions etc.We had appointed a team to investigate into this issue and there report suggests that more technology is needed to be implemented to stop this kind of breach and following their recommendations we are insisting latest technology and systems which will create complete security for our clients immediately.We assure all that this kind of breach will not happen again at all in our organisation.Kindly corporate with us while we implement the same.
Yours faithfully
CEO XXX
SCENARIO BASED AROUND THE DISCRIMINATING SUB-TOPIC: There has been a privacy breach at your organisation resulting...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...