Basing on thePharmaCoPublished Case by Michael Parent, Greg Murray, Sundeep Sandhu from the Ivey Business School and Harvard Business Publishing Education. Answer the following:

Question 1:

A brief summary of the case, detailing the team's assessment of the current situation, and definition of problems, issues, and opportunities.

Question 2:

Any analysis, conclusions, and recommendations for action. This section defends your definition of the problem and sets up the case for your answers to questions and/or recommended solutions by drawing references from the case facts and data

Question 3:

i) What questions do you have for management regarding the Cyber Brief Report (see below Exhibit)?

PharmaCo: Q2 Cyber Brief 1 of 2 1. External Cyber Incidents 1. According to industry reports there has been a 50% increase in reported phishing campaigns aimed at Pharmaceutical companies. There have been 9 such campaigns reported in the last quarter. 2. Internal Cyber Incidents 1. There were 25 phishing campaigns aimed at members of the Executive Team, with no business impact. 2. There were 9 phishing campaigns aimed at IP assets, with no business impact.. 3. Narrative Industry phishing metrics have increased by 50% & internal phishing campaigns by 300%. Cyber teams are puzzled - and are investigating what is the potential root cause and why internal numbers are higher. Currently no business impact. We plan to monitor more closely and adjust Operations as necessary, reporting back as needed. Upcoming cyber exercises in Q3 and Q4: . Red /Blue Team exercise 3-party Penetration testing . Enterprise Phishing training campaign and test. PharmaCo: Q2 Cyber Security Maturity Scorecard 2 of 2 Maturity Scale Non-Existent Initial Repeatable Defined Managed Optimized Policies defined, awareness has improved. Identify Policies & procedures defined & implemented. Protect Detect Activities remain ad hoc, IT-centric approach. Respond Plans have not been updated or practiced. Tests are scheduled for Q3. Recover Activities remain ad hoc, IT-centric approach. "Note: The