The Badge Archive

Fulfills Step 4 of GSUSA Senior Cybersecurity Investigator badge requirements.

Items Needed

• VTK Crisis Communication Plan by GSUSA for each group of 3–4 scouts
• Pen or pencil for each group

Instructions

1. Introduce the Scenario: Scouts will respond to a security breach affecting JGL Closet and learn how to communicate with stakeholders. Share these key points:
   • When an organization experiences a security breach, it must identify what happened, set up measures to prevent future issues, and communicate with stakeholders.
   • Stakeholders are people who have an interest in the organization and may be affected by the breach, such as customers, employees, vendors, or shareholders.
2. Start by discussing the hacking incident at JGL Closet:
   • What kind of information might the hacker have accessed through the website?
   • Who are the stakeholders of JGL Closet (e.g., customers, employees, vendors, shareholders)?
   • What might worry these groups about the security breach? For example:
     • Customers might worry about stolen credit card information or whether it’s safe to shop again.
     • Employees might be concerned about payroll data, job security, or overall information safety.
     • Shareholders might fear stock price declines or reputation damage.
     • Vendors might worry about the security of shared information, like invoices or payments.
3. Divide scouts into small groups of 3–4. Give each group a Crisis Communication Plan handout. Groups spend 5–10 minutes crafting their plan, outlining how JGL Closet will respond to the breach and address stakeholder concerns.
4. Bring groups back together to present their plans and talking points. Encourage scouts to think about tone, clarity, and how to address specific concerns for different stakeholders.
5. Facilitate a final group discussion:
   • Has anyone experienced or heard of a company being hacked? How did the company communicate with its stakeholders?
   • What challenges did scouts face while creating their plans (e.g., deciding how to communicate, thinking from the stakeholder’s perspective)?
   • What good ideas did they hear from other groups?
   • How might clear and thoughtful communication help rebuild trust after a breach?