Information security

 You will be the acting CIO and will specifically work on the strategy and the budget of the game Ancient Age, the sequel to Vampire Legends. 

Memo to CEO 

Write a 3- to 4-page memo to the Chief Executive Officer (CEO) of the Vampire Legends organization that includes the following two parts: 

Part 1: Analysis of Components of Information Security that does the following: 

  • Categorizes the components of      information security 
  • Analyzes the components of      information security as it applies to the scenario presented in Vampire      Legends  
  • Contains a breakdown of the      budget report 
  • Discusses your allocation      strategy based on the risks and expenses involved 
  • Describes your choice for the      best advertising campaign
  • Outlines the course of action      in handling information security threats in the future 

Part 2: Role of Ethics that does the following: 

  • Illustrate the role of ethics      as presented in the Vampire Legends simulation conflict to reflect the      relationship between ethics and the success of the Vampire Legends      organization  
  • Describes the consequences of the      conflict 
  • Discusses the solution to the      conflict 
  • Discusses the impact of ethics      on revenue

(
Feedback

on

Your

Choices

in

Vampire

Legends:

A

Role-Playing

Simulation

on

Ethics,

Privacy,

and

Security
in the Multiplayer Online Game Business
)

Name:

1. Budget Allocation Poll

Points: 5 out of 5

Select the allocation strategy you prefer and click submit.

Allocations, in millions

Expense Category

Strategy A

Strategy B

Strategy C

1. Marketing Campaign, Ancient Age of Vampires

$6

$3

$4

2. IT Expenses

$1

$3

$2

3. Digital Rights Management (DRM)

$2

$2

$2

4. Salary Increases

$1

$2

$2

Total

$10

$10

$10

A B C



Choose an allocation strategy:

You chose Strategy B.

Strategy A maximizes funds spent on marketing at the expense of IT and salaries. Strategy B maximizes funds spent or IT and salaries, making it possible to implement improved security measures, and also raise salaries to reduce turnover. Strategy C is a compromise between those two approaches. Strategy B is the best choice from the standpoint of security and ethics, and earns the highest number of points for this simulation. Companies have a responsibility to protect their customer’s data. Strategy A ignores the problems, and earns 0 points. Strategy C earns partial credit.

2. Advertising Allocation Poll

Points: 5 out of 5

Select the advertising campaign approach you think is best:

1. Testimonial from Robert Pattinson (vampire from The Twilight Saga)

2. Leaking information to bloggers about which celebrities are playing

3. 30 day free trial

You chose 3, which is an excellent choice. It was also a good decision on your part to NOT choose #2, which would violate your customers’ privacy.

3. Phishing Scam

Points: 0 out of 5

The email that appeared to come from D&L Bank was a simulated phishing scam. The link provided in such emails often takes the victim to a fraudulent website that appears legitimate, so that the criminals can obtain the victim’s login credentials or other personal information.

You entered the login information that Jama provided, thereby giving away your account information to the criminals.

4. Break-In Issues

Points: 20 out of 20

Your point totals are shown below. Organizations must respond quickly to a large data breach like this one, informing all the affected people, the company’s stakeholders, and the police. Because information like this goes viral on social media, it is not feasible to try to contain it. Instead, company executives should take full responsibility for the breach, assure customers that they have taken measures to protect the data going forward, and that they will do what is needed to make amends.

Your Choice

Correct Choice

Points Earned

1. Inform customers that their data has been breached.

Agree

Agree

2

2. Inform the Board of Directors about the break-in.

Agree

Agree

2

3. Delay letting customers know until we know who hacked in.

Disagree

Disagree

2

4. Prompt customers to change their passwords.

Agree

Agree

2

5. Do not alert the police because it may be an inside job.

Disagree

Disagree

2

6. Issue a press release about the break in now.

Agree

Agree

2

7. Report break in to the police immediately.

Agree

Agree

2

8. Take the games down until the encryption project is done.

Agree

Agree

2

9. Offer affected customers 1 year free identity protection.

Agree

Agree

2

10. Don’t do anything until we know who DragonFly is.

Disagree

Disagree

2

Total Points for Scored Choices

You received 30 out of 35 points, or 86%.

Discussion Questions

1. Describe the main ethical and security issues that the Digital Artists executive team confronted.

(
Responsible decision-making, accountability
)

2. During the budget discussion, what arguments would you have used to persuade the team that more funding is needed for information security?

(
Responsible

decision-making:

Executive

team

agreed

to

come

clean

with

the

customers

and

the

board

members by

revealing

about

the

truth.

Accountability:

Executive

team

decided

to

take

the

games

down

until

the

encryption project is completed. Though it effect the incoming

revenue.
)

3. Why is it important for a company to inform their customers when a data breach such as this occurs? What risks does the company assume if the leadership decides not to disclose the information?

(
Privacy

and

confidentiality

of

customer

data

are

very

important

for

any

organization.

In

my

opinion

the

board

took all

the

decisions

that

balances

the

natural

laws

and

rights

as

well

as

utilitarian

ethics.
)

4. If you were constructing a risk matrix for yourself as a student, which would be your top three vulnerabilities and why?

(
It is important to inform the customers whenever the data breach happens. When the Sony PS data breach happened

in

the

year

2011,

the

company

delayed

one

week

to

inform

everyone

about

the

breach

and

it

turned

out as a costly mistake for Sony. If the leadership decides not to disclose the information, it is not the right move as per

many

laws.

More

than

the

law,

the

organization

will

lose

the

credibility

among

customers

and

it

will

give

more time to the intruder
s to misuse the information they have

stolen.
)

Transcript: Vampire Legends – A Role-Playing Simulation on Ethics, Privacy, and Security in the Multiplayer Online Game Business by Patricia Wallace

In this role-playing simulation you will be working on certain aspects of the sequel to the game Vampire Legends which is Ancient Age. You will be the acting CIO and will specifically work on the strategy and the budget.

The simulation will require you to give a breakdown of the budget report, choose an allocation strategy based on the risks and expenses involved, choose the best advertising campaign, analyze threats related to information security, and decide the course of action in handling threats to information security.

Interaction 1

On logging into the application, the following tools are displayed on a laptop screen: E-Mail, Voicemail, Documents, Web Meeting, and Video Phone.

The icons of E-Mail, Voicemail, and Documents are highlighted, indicating there are new mails, messages, and documents.

Email:

Once the learner clicks on the email icon a screen containing the following information appears: From, Subject, Received. To the left, is the Mail Folders which has Inbox, Draft, Sent, and Trash listed one below the other. The inbox option is highlighted.

There are three new mails.

The first mail is from Shelby, CEO Digital Artists, with the subject ‘Strategy Session’. The mail is addressed to Dale, Jama and the Learner. He updates on the replacement of the learner instead of Jama whose down with flu. He instructs the members to take the poll which, can be found in the Docs folder to see which kind of campaign they will prefer. Information on the budget and the success of their previous game is also given.

He mentions that the team will be invited to the web meeting through IM once the poll is completed.

The second mail is from Stella, VP Finance, with the subject ‘Cost Estimates’, addressing the Learner and Jama. She briefs on the budget and the expense estimates.

The third mail is from Dale, VP Marketing, with the subject ‘Marketing’ briefing on the budget for the marketing campaign and emphasizing the importance of the campaign.

When clicked on the close button the learner is taken to the Home screen.

Voicemail:

The voice mail is from Jama, plays when clicked on the play button. A picture of Jama is at the left corner of the screen. He advises the learner about the implementation of information security- the need of a better firewall. Also, information on login credentials for the D&L bank which can be found in the Documents folder, is given.

Documents:

There are four new documents in the Documents folder.

The first document titled ‘Digital Artists Organizational Chart’ contains a chart with the hierarchy of the members in the organization.

The second document titled ‘Risk Matrix (from Jama)’ contains a table showing a draft of the various risks and their impact.

The third document titled ‘Budget and Advertising Campaign Poll’ contains two polls, one for identifying the best allocation strategy and the other to identify the best campaign approach. There are three options in each of the question. Only when, both the options are chosen, the submit button appears. When the learner clicks on the submit button it goes back to the documents folder.

The fourth document titled ‘Confidential Login Information (from Jama) contains the login ID: and password for the user.

There is a print button and close button when the document is open, in all the documents.

Instant Message:

Shelby invites the team members to the meeting as most of them are not in agreement with options in the poll.

Web Meeting:

The web meeting window shows the video of Shelby, participating in the meeting to the left of the screen. The names of the members present in the meeting is listed below the video.

The main screen shows the result of the poll for the questions. The team discuss based on the results, to come to a conclusion. A celebrity testimonial is chosen for the marketing campaign.

2 months later:

The following words appear on screen ‘2 Months Later’ in big block letters.

Interaction 2

Email:

There are four new mails.

The first mail is from Shelby, with the subject ‘Congratulations!’ he congratulates the team on the high-demand of the new game Ancient ages and how the IT has handled the traffic wonderfully. He commends Dale’s efforts in the marketing campaign. He further congratulates the learner on being promoted as the CIO. He also brings into notice Jama’s concerns on Information privacy which will be investigated in a few months’ time.

The second mail is from the D&L bank with the subject ‘Your D&L Bank Account’. The mail is to confirm the identity of the user and remove their account limitation. It contains a link that reads ‘Click Here’, when clicked on goes to the login page of D&L Bank. There are two text boxes: one for the login and the other for the password.

The learner has to go back to the documents folder, to get the login credentials that Jama had sent earlier. When the login credentials are typed in, the submit button appears. On clicking the submit button, the message ‘Thank you for confirming your login information. We appreciate your business.’ appears at the bottom of the screen. The learner closes the screen by clicking on the close button at the top right corner of the screen which goes back to the mail.

The third mail is from Stella with the subject ‘Message from Customer’. It contains a mail from Devon Turnbull, governor’s son that has a snippet of what was posted on Gamer’s blog about him. Mr. Devon sounds enraged by how his information is leaked on the internet. He questions the ethics of the company. He also mentions that he’ll be contacting his attorneys.

The fourth mail is a reply from Shelby to Stella’s mail questioning, how the security breach happened.

Voicemail:

There is one new voice message from Lonnie demanding the learner to come to the meeting, because of the serious mail from Stella.

Instant message:

Shelby questions the learner and Lonnie asking what’s happening. Lonnie responds saying, someone has broken into the system to steal the information of about a million of the customers. He also mentions that the details will be put up in the documents folder. The team discuss further, to discover that the details of the customers haven’t been encrypted. Stella volunteers to layout the issues in the Docs folder. Shelby suggests everyone to review the issues and then meet.

Documents:

There are two new documents added to the documents folder.

One titled ‘Summary of the attack (from the learner and Lonnie), contains the details of the security attack and the effort in finding the offender. As of now, the person with the twitter handle ’DragonFly’ is presumed to be the main suspect.

The other document titled ‘To Crisis Management Team: Break-In Issues (from Stella)’ contains ten statements with ‘Agree’ and ‘Disagree’ option to each of the statement. The learner has to choose either if he/she agrees or disagrees to the given ten statements. Once the options for all the ten statements are chosen, a ‘Submit’ button appears. Clicking on it takes the learner back to the documents folder.

There is a print button and close button when the document is open, in both documents.

Interaction 3:

Instant Message:

Once the poll in the documents folder is completed, Shelby invites everyone for a web meeting through Instant message.

Web Meeting:

The results of the poll is displayed in the middle of the screen. While the video of Shelby speaking appears on the left and the names of the members participating in the web meeting is listed below.

During the meeting, going-forward the action that has to be taken, and its consequences is discussed.

Shelby decides to come clean with the customers and the board members, by revealing what has happened to their personal information, although Dale and Vontae think otherwise. Shelby decides to take the games down until the encryption project is completed. They also decide to have a press release on what has happened to inform the public. Thus, the meeting comes to an end.

1 months later:

The following words appear on screen ‘1 Month Later’ in big block letters.

Interaction 4:

The following tools are displayed on a laptop screen: E-mail, Voicemail, Documents, Web Meeting, and Video Phone.

The E-mail icon is highlighted indicating, there are new mails.

There are two new mails. One from Shelby with the subject ‘Good News’ and the other from Stella-her reply to Shelby’s mail.

In Shelby’s mail, he breaks the news about the person who’s behind the security breach. Turns out that Dale is the one who broke in and downloaded the records. He is also the one who made the post on the Governor’s son on the Gamer’s blog. Currently he’s been put on administrative leave, until the whole situation is sorted out and Vontae has taken over as the Acting VP.

The mail from Shelby has more good news. She informs the team that since the games were back up with better security within a week, not many customers have been lost. The strategy to take full responsibility of the situation and make amends to the players has earned a lot of praise. The customers are pouring in, this in turn has increased the revenue.

When clicked on the close button the learner is taken to the Home Screen.

End of simulation exercise

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now