Student Solution

-->

"Education is the most powerful weapon which you can use to change the world”
– Nelson Mandela

1 University

1 Course

1 Subject

Chapter 1 Case Study

Chapter 1 Case

Q Please create your own thread to contribute. Discuss the following Case Study from Chapter 1: The Tale of Two Credit Unions Best Credit Union members really love doing business with the credit union. The staff is friendly, the service is top-notch, and the entire team is always pitching in to help the community. The credit union’s commitment to honoring the public trust is evident in its dedication to security best practices. New employees are introduced to the cybersecurity policy during orientation. Everyone participates in annual information security training. The credit union across town, OK Credit Union, doesn’t have the same reputation. When you walk in the branch, it is sometimes hard to get a teller’s attention. Calling is not much better, because you may find yourself on hold for a long time. Even worse, it is not unusual to overhear an OK Credit Union employee talking about a member in public. OK Credit Union does not have a cybersecurity policy. It has never conducted any information security or privacy training. Best Credit Union wants to expand its presence in the community, so it acquires OK Credit Union. Each institution will operate under its own name. The management team at Best Credit Union will manage both institutions. You are the Information Security Officer at Best Credit Union. You are responsible for managing the process of developing, publishing, and adopting a cybersecurity policy specifically for OK Credit Union. The CEO has asked you to write up an action plan and present it at the upcoming management meeting. Your action plan should include the following: 1. What you see as the biggest obstacle or challenge to accomplishing this task. 2. Which other personnel at Best Credit Union should be involved in this project and why. 3. Who at OK Credit Union should be invited to participate in the process and why. 4. How you are going to build support for the process and ultimately for the policy. 5. What happens if OK Credit Union employees start grumbling about “change.” 6. What happens if OK Credit Union employees do not or will not comply with the new information security policy. Please post your action plan, and comment/contribute to what your fellow students post.

View Related Questions

Solution Preview

The biggest challenge/obstacle to accomplishing the task would be to ensure that all the organizational members of OK Credit Union would work together to follow all the principles/steps of the new cybersecurity policy. This is because there had not been any practice of following a cybersecurity policy by any of the members of OK Credit Union before the acquisition of the organization. The members of the top-level management of at Best Credit Union and the organization’s HR manager/managers must be involved in initiating the project of framing and imposing the new policy.