Question Description

Corporate Risk Profile Part 1: Buyer Profile

For this paper, you will research and construct a corporate risk profile for a publicly-traded company which operates in cyberspace and therefore has a need for cybersecurity products and services. A list of approved companies appears at the end of this file (see Table 1). If you wish to use a company not on the approved list you must first obtain the approval of your instructor.

Research Your Chosen Company

• Review the company’s website to learn about the products and services which it sells.
• Retrieve and review the Hoovers profile for the company. These profiles are written by professional analysts; pay close attention to the types of questions the analysts ask and answer in the company profile. Use this URL to access the database http://ezproxy.umuc.edu/login?url=http://www.mergentonline.com/Hoovers
• The company profile web pages in the Hoovers database are interactive and have expanding menus / options (see figure below). You may find it helpful to use the “Print Quick Report” menu item under My Tools (in the Hoovers report pages).
• Identify 3 or more additional sources of information about the company and how it operates in cyberspace. These can be news articles, data breach reports, etc.
• Using the information obtained from your sources, identify the types of information and business operations which drive this company’s need for cybersecurity products and services. (What needs to be protected?)
• Using the course readings and other materials, develop a “Buying Forecast” for likely purchases by this company for cybersecurity related products and services.

Analyze the Company’s Risk Statements

• Using the links from Table 1 (at the end of this file), download a copy of your selected company’s most recent Annual Report to Investors from its Form 10-K filing with the United States Securities and Exchange Commission. (Note: the company is the author of its Form 10-K. Do not list the SEC as the author.)
• Read and analyze the Risk Factors section in the company’s report to investors (Item 1.A). This section is a professionally written risk analysis that has been written for a specific audience. Pay close attention to what the company includes as risk factors and how the writers chose to present this information.
• Next, using what you learned in CSIA 310 and other courses, identify cybersecurity related products and services which the company could use or deploy as countermeasures or safeguards to protect its information, information systems, and information infrastructures. Make sure that you address each item listed in your analysis for item #2. This information will become part of your “Buying Forecast” (see the “Write” section below).

• Analyze the risk factors to determine which ones are related to Internet operations or are otherwise affected by the use of information in digital form and Information Technology systems and infrastructures. Make a list for yourself that shows what information and/or business operations need to be protected from cyberattacks and/or cybercrime (including insiders and external threats).

Write

• An introduction section which identifies the company being discussed and provides a brief introduction to the company including when it was founded and significant events in its history.
• An overview of the company’s operations which summarizes information obtained from its annual report, the Hoovers profile for the company, and other sources which you found in your research. This information should include: headquarters location, key personnel, primary types of business activities and locations, major products or services sold by the company, major competitors, stock information (including ticker symbol or NASDAQ code), recent financial performance, and additional relevant information from the business profiles.
• A separate section in which you describe this company’s needs or requirements for cybersecurity. What information and/or business operations need to be protected? What are the likely sources of threats or attacks for each type of information or business operation? (e.g. Protect customer information from disclosure or theft during online purchase transactions.)
• A separate “Buying Forecast” section in which you discuss the company’s likely future purchases for cybersecurity products and services. In this section, you should identify and discuss three or more categories of cybersecurity products or services which this company is likely to purchase.
• Your paper should use standard terms and definitions for cybersecurity. See Course Content > Cybersecurity Concepts for recommended resources.
• You must include a cover page with the assignment title, your name, and the due date. Your reference list must be on a separate page at the end of your file. These pages do not count towards the assignment’s minimum page count. (An example and template file are available in the LEO classroom. See CSIA_Basic_Paper_Template(APA_6ed,Nov2014).docx file under Content > Course Resources.)
• You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
• You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.).
• Consult the grading rubric for specific content and formatting requirements for this assignment.

Additional Information

• Your three to five page Corporate Risk Profile Part 1: Buyer Profile should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings to organize your paper. The CSIA program recommends that you follow standard APA formatting since this will give you a document that meets the “professional appearance” requirements. APA formatting guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use CSIA_Basic_Paper_Template(APA_6ed,Nov2014).docx. 3.

See Table 1 on the next page for the list of companies.

Table 1. List of Approved Companies for Corporate Profile Project