HOLMES INSTITUTE FACULTY OF HIGHER EDUCATION HI5019 Strategic Information Systems for Business...

Question

HOLMES INSTITUTE

FACULTY OF
HIGHER EDUCATION

HI5019 Strategic Information Systems for Business and Enterprise Group Assignment
Assessment Details and Submission Guidelines

Trimester T1 2020
Unit Code HI5019
Unit Title Strategic Information Systems for Business and Enterprise
Assessment Type Group assignment
Assessment Title Cyber Security Case Studies
Purpose of the
assessment (with ULO
Mapping)
Students are required to:
 Evaluate systems development methodologies and the role of accountants in
system development projects (ULO 3)
 Appraise the risks inherent in computer-based systems/ERP, including the role
of ethics and the various internal control processes that need to be in place
(ULO 4)
 Critically evaluate the range of cultural, security, privacy and ethical issues
facing individuals and organisations as a result of information systems (ULO 5)
Weight 30% of the total assessments
Total Marks 30
Word limit Not more than 3,500 words
Due Date XXXXXXXXXXWeek 11, Friday 5:00 pm (AEST)
Submission
Guidelines
 This assignment is to be completed by a group of 2 - 4 students.
 Students must report the names and student IDs for all group members to the
lecturer of their class by e-mail before the end of week 8.
 All work must be submitted on Blackboard by the due date along with a completed
Assignment Cover Page.
 The assignment must be in MS Word format, no spacing, 12-pt Arial font and 2 cm
margins on all four sides of your page with appropriate section headings and page
numbers.
 Reference sources must be cited in the text of the report, and listed appropriately
at the end in a reference list using Harvard referencing style.

Page 2 of 6
HI5019 Strategic Information Systems for Business and Enterprise Group Assignment

Assignment Specifications
Purpose
This assignment aims at developing your group’s understanding of latest cyber security issues and
their impacts on business operations. Your group is required to critically evaluate three recent cyber
security case studies and their lessons to business organisations.

Required
Your group is required to conduct a literature search and select three (3) cyber security case studies
that are published between 2014 – 2019. Based on the selected case studies, your group is required
to prepare a written report to cover the following points:
 Description of case company in each case
o General information of the company
o Key business processes of the company
 Cyber security issues covered in each case
o Key cyber security issues identified in each case
o Risks associated with the issues
o Impacts of the issues on case company
 Lessons learnt from each case
o Actions reported in each case to address the identified issues
o Outcomes of the reported actions
o Proposed actions other than the reported ones that could be taken to address the
issues
o Suggestions for preventing the issues in future

Assignment Structure
The report should include the following components:
 Assignment cover page clearly stating your name and student number
 A table of contents
 A
ief introduction or overview of what the report is about.
 Body of the report with sections to answer the above issues and with appropriate section
headings
 Conclusion
 List of references

The report should be grounded on relevant literature and all references must be properly cited and included
in the reference list.
Page 3 of 6
HI5019 Strategic Information Systems for Business and Enterprise Group Assignment
Group contribution
To ensure that all students participate equitably in the group assignment and that students are
esponsible for the academic integrity of all components of the assignment. Your group needs to
complete the in a table similar to the following one which identifies which student/students are
esponsible for the various sections of the assignment.

Assignment Section Student/Students

The table needs to be completed and submitted with the assignment as it is a compulsory component
equired before any grading is undertaken.

Marks may be deducted if a student does not make sufficient contribution to the assignment.

It is students' responsibility to provide evidence for their contributions to the assignment in the event
of dispute.

Marking criteria
Marking criteria Weighting
General information of case companies 2%
Key business processes of case companies 2%
Key cyber security issues identified in each case 4%
Risks associated with the identified cyber security issues 3%
Impacts of the identified cyber security issues 3%
Actions reported to address the identified issues 4%
Outcomes of the reported actions 4%
Proposed actions other than the reported ones for addressing the issues 2%
Suggestions for preventing the issues in future 2%
Presentation 2%
Research quality 2%
TOTAL Weight 30%
Page 4 of 6
HI5019 Strategic Information Systems for Business and Enterprise Group Assignment
Marking Ru
ic
Excellent Very Good Good Satisfactory Unsatisfactory
General
Information of
case companies

/2
Provide clear,
concise and
accurate
information of
case companies.
Provide
complete and
accurate
information of
case companies.
Provide accurate
information of
case companies.
Provide
information of
case companies
that is mostly
accurate.
Fail to provide
accurate
information of
case companies.
Key business
processes of
case companies

/2
Identify all key
usiness
processes of
case companies.
Identify most key
usiness process
of case
companies.
Identify most key
usiness
processes of
case companies
with minor
e
ors.
Identify some
usiness
processes of
case companies
with e
ors
and/or
omissions.
Fail to identify
any key business
process of case
companies.
Key cyber
security issues
identified in each
case

/4
Identify all key
cyber security
issues identified
in the cases.
Identify most key
cyber security
issues identified
in the cases.
Identify most key
cyber security
issues identified
in the cases with
minor e
ors.
Identify some
key cyber
security issues
identified in the
cases with e
ors
and/or
omissions.
Fail to identify
any key cyber
security issue
identified in the
cases.
Risks associated
with the
identified cyber
security issues

/3
Present an
excellent
discussion on
isks associated
with the
identified cyber
security issues.
Present a very
good discussion
on risks
associated with
the identified
cyber security
issues.
Present a good
discussion on
isks associated
with the
identified cyber
security issues
with minor
e
ors and/or
omissions.
Present a
easonable
discussion on
isks associated
with the
identified cyber
security issues
with e
ors
and/or
omissions.
Fail to present a
proper
discussion on
isks associated
with the
identified cyber
security issues.
Impacts of the
identified cyber
security issues

/3
Present an
excellent
discussion on
impacts of the
identified cyber
security issues.
Present a very
good discussion
on impacts of
the identified
cyber security
issues.
Present a good
discussion on
impacts of the
identified cyber
security issues
minor e
ors
and/or
omissions.
Present a
easonable
discussion on
impacts of the
identified cyber
security issues
with e
ors
and/or
omissions.
Fail to present a
proper
discussion on
impacts of the
identified cyber
security issues.
Actions reported
to address the
identified issues

/4
Identify all
eported actions
for addressing
the identified
issues.
Identify most
eported actions
for addressing
the identified
issues.
Identify most
eported actions
for addressing
the identified
issues with
minor e
ors.
Identify some
eported actions
for addressing
the identified
issues with
e
ors and/or
omissions.
Fail to identify
any reported
action for
addressing the
identified issues.
Page 5 of 6
HI5019 Strategic Information Systems for Business and Enterprise Group Assignment
Outcomes of the
eported actions

/4
Present an
excellent
discussion on
outcomes of the
eported actions.
Present a very
good discussion
on outcomes of
the reported
actions.
Present a good
discussion on
outcomes of the
eported actions
with minor
e
ors and/or
omissions.
Present a
easonable
discussion on
outcomes of the
eported actions
with e
ors
and/or
omissions.
Fail to present a
proper
discussion on
outcomes of the
eported actions.
Proposed actions
other than the
eported ones
for addressing
the issues

/2
Propose
practical and
effective actions
ased on strong
arguments.
Propose
practical and
effective actions
ased on good
arguments.
Propose sound
actions based on
easonably good
arguments.
Proposed sound
actions with
e
ors and
omissions based
on valid
arguments.
Fail to propose
proper actions
or back the
proposed
actions with
valid argument..
Suggestions for
preventing the
issues in future

/2
Present an
excellent
discussion on
suggestions for
preventing the
issues in future.
Present a very
good discussion
on suggestions
for preventing
the issues in
future.
Present a good
discussion on
suggestions for
preventing the
issues in future
with minor
e
ors and/or
omissions.
Present a
easonable
discussion on
suggestions for
preventing the
issues in future
with e
ors

hi5019-group-assignment-t1-strategic-jrscpfzy-ssa0ywn2.pdf

Harshit · Accepted Answer

CYBERSECURITY CASE STUDIES
	Serial Number
	Contents
	Page Number
	1.
	Introduction
	1
	2.
	Case Study 1
	2-4
	3.
	Case Study 2
	5-7
	4.
	Case Study 3
	8-10
	5.
	Conclusion
	11
	6.
	References
	12
INTRODUCTION
In today's world, the internet has become the basis of every business from running the business to maintaining compliance and data security. Digitalization has reduced the burden on paper and immensely made the work easier. Computers has become a means to everything as it reduces the effort and therefore people can focus more on the business than to other secondary works. The Information Technology services have become pervasive over the years. The internet has an impact on the business environment along with a huge social impact as well. Modern human life has now been surrounded by the Internet of Things which includes education, business, and health care. These business houses work on their computer systems or under IT devices. Therefore they need to store sensitive data and information in these devices which becomes vulnerable because of such vast connection of devices. The information is at risk as this information if leaked may cause huge losses. Therefore the need for cybersecurity has increased. There has been an immense rise in the number of cybersecurity threats and the data is exposed to various forms of theft or destruction (Buczak, A.L. and Guven, E., 2015). As the number of these attackers is increasing the methods used by them are also becoming sophisticated and efficient. 
CASE STUDY 1
DoorDash
GENERAL INFORMATION
DoorDash Inc is an American company that is involved in the food delivery service which was established in the year 2013 by some students from Stanford University. It uses technology to deliver food from restaurants to customers on demand. DoorDash is used in more than 4000 cities serving over 340000 stores across the United States of America and Canada. It ranks 3rd in the industry of third party delivery service in the United States of America. The company is valued at more than US $ 13 billion employing more than 7500 employees. 
KEY BUSINESS PROCESS
DoorDash connects the people in several cities and empowers the local businesses including the small restaurants. It has generated huge employment opportunities in the countries and generated a new medium to earn and live. It is a mobile application based company that connects the customers who order food from a particular restaurant. It also started delivering essential food and household items to the doorstep of the customers. The customers used their personal information to get registered on the application and thereby creating their account to be able to use the application. 
KEY CYBERSECURITY ISSUES 
As the customers used their personal information to create an account in the application, DoorDash used to save the data of the customer in the server. The main issue of cybersecurity was the theft or leakage of the data of the people registered on the application which eventually may lead to a huge chain of consumer fraud including identity theft and other frauds. The leakage of a person's information may be used to rob him of money, scam the user getting access to his email, even the payment method used for making payment in the application can also be leaked. Following are some of the cybersecurity issues in the following case:
· The personal information of the customers was leaked to an unknown source which may be harmful in many ways to the customers.
· Social engineering wherein the important information can be accessed by some third party who does not right to that information willing by the person of whom the information is related.
· Most of the data, in this case, is stored in the cloud database which can be hacked into easily making such data vulnerable.
RISKS ASSOCIATED AND IMPACTS WITH SUCH CYBERSECURITY ISSUES
In the case of DoorDash, the information of more than 4.9 million people was leaked and the company claimed that the people who were registered on or after the 5th of April 2018 were not affected by the same. The biggest risk involved was the accessibility of the personal information to the third party and due to the security breach, information of more than 4.9 million people including the merchants and the delivery drivers were leaked. The company suffered a security breach into its database due to which the data related to both the consumers and the merchants as well as the delivery drivers were leaked. Following data were accessed by the security breach:
· Name of the people
· Email addresses
· Address where the food was being delivered
· Order histories
· Contact number along with passwords
· In some cases, the last four digits of the payment cards were also leaked along with the date of expiry and the CVV numbers.
· The number of driver's licenses was also accessed by the delivery drivers.
ACTIONS REPORTED TO ADDRESS 
The company primarily suggested the users to change the password to their account in DoorDash as some of the customers complained that their accounts were being hacked. Although the company believed that the passwords were not compromised but still they recommended the same to the people. The company also improved its level of security by adding more layers of firewall between the third party and the servers where the data were stored. In some cases, the data that was leaked was used to make payments and caused a serious threat to the identities of the people. 
OUTCOMES OF SUCH ACTIONS
The data that was leaked led to a huge hue-cry amongst the users of other applications as well as the consumers and the merchant considered that if this can happen in the case of a renowned company like DorrDash the same can happen to the other applications as well. The company installed new servers and added several layers of new security firewall to protect the data in case of any further breaches. 
PROPOSED ACTIONS
The company also improved the security protocols to get the access to the systems and the servers. The company also appointed third party outside security experts who investigated the parties who were involved in the breach of data. It also cannot be completed calculated the total impact and how the information could be used by the people stealing the data.

HOLMES INSTITUTE FACULTY OF HIGHER EDUCATION HI5019 Strategic Information Systems for Business and Enterprise Group Assignment Assessment Details and Submission Guidelines Trimester T1 2020 Unit Code...

Solution

Answer To This Question Is Available To Download

Related Questions & Answers

Submit New Assignment