There are four essay questions based on the following hypothetical. Each response is worth 25 points.
You are the CISO at SodaCo, an American multinational food and beverage company headquartered in Maryland.
SodaCo’s most famous product is BrewDew®, the seventh largest carbonated beverage in North America with revenues of over $200,000,000 per year. BrewDew was originally created and developed by Tom Dew in 1899 and called “Tom’s Dew.” In 1930, “Tom’s Dew” was purchased by SodaCo and rebranded “BrewDew,” and has been known as BrewDew ever since. BrewDew® is a registered trademark belonging to SodaCo, and Forbes recently named BrewDew the third most recognizable trademark in North America. BrewDew also includes a symbol on all of its products, which is a picture of mountains with the slogan “Take the Dew!” Both the symbol and slogan are also registered trademarks of SodaCo.
Take the Dew!
SodaCo has used this symbol and slogan since 1990 and has been criticized by foodies as a “boring” company.
While BrewDew® has been the flagship product for SodaCo for almost 90 years, the beverage industry is cutthroat and SodaCo is constantly looking for the next big thing. SodaCo has been secretly working on two projects that it believes is key to long-term growth—the development of a new, cutting edge slogan and a new carbonated beverage. Recently, a well-known food blogger posted that a hacking group known as FoodForLife had hacked into SodaCo’s computer systems. FoodForLife revealed that SodaCo is going to launch a new slogan “Just Do it to Dew it!” in June 2017, and a new beverage “Mountain High” in 2018. SodaCo has been using personal information from customers as part of its development of both the new slogan and new beverage. For example, through online surveys of customers with online accounts at SodaCo.com, SodaCo has found that 78 percent of BrewDew drinkers love motivational slogans, which was the impetus for “Just Do it or Dew it!”
FoodForLife also ridiculed SodaCo’s security, stating that it was easy to find out this information because updates about both projects were available to every employee in the organization.
- The CEO is very concerned about privacy and cybersecurity at SodaCo. SodaCo has an extensive cybersecurity team, but does not have a written information security policy. The CEO has sent you an e-mail asking for you to explain (i) the role of the CISO within the company; and (ii) your recommendations regarding adopting or using a cybersecurity framework to better align and coordinate SodaCo’s security functions. The CEO is also very busy and you know that she doesn’t like e-mails longer than 300 words, so keep your response 300 words or less.
- After reading “IP law for dummies,” the CEO has sent you a separate e-mail asking whether the new slogan and new beverage could be protected as trade secrets. Advise the CEO of your thoughts including any steps that could be taken to strength the argument that the information is kept secret. As above, the CEO is also very busy and you know that she doesn’t like e-mails longer than 300 words, so keep your response 300 words or less.
- Assume that my question is taken directly from a recent novel by a well-known author and is thus copyrighted. Please analyze whether my use would qualify as “fair use” of copyrighted material. Limit your response to 300 words.
Your responses will be evaluated using the following grading rubri