Cybersecurity: Unauthorized Access Or Changes To A Business

789 Words4 Pages

Introduction Cybersecurity is the process of preventing unauthorized access or changes to a company’s network, to include all hardware, software, and data on that network. There are many reasons why a business needs to invest in cybersecurity, however the main reason for this company to invest is to prevent sensitive information from being released to unauthorized parties, this unauthorized access is defined as a data breach. Additionally, not investing in cybersecurity can lead to massive data breaches such as the one that the Office of Personal Management (OPM) just experienced.
Ethical considerations
When discussing the need to invest in cybersecurity, ethics must be part of the decision making process. The most common ethical considerations …show more content…

When considering investing in cybersecurity, companies have a duty to ensure they have reasonable safeguards are in place to protect the information their systems house. If this company does not protect its information and its infrastructure from cyberattacks, it is likely that the company will experience a data breach.
Social contract. A social contract, as it applies to this business, is an agreement between the company and its customers. In this agreement the company agrees to prevent, to the best of their ability, customer’s information from being misused or released. If customers cannot trust that their information is being protected, then they will avoid using the company’s services.
Utilitarianism. This belief states that decisions made by a person/company are only ethical when they benefit the majority of people affected. While this belief may not apply to all decisions a business makes, it does apply to some areas. Customer service is one example of an area that this applies. While quality customer service is costly for the business, it is beneficial for all their customers. This methodology translates into higher customer happiness and free advertising, thus increasing the size of the customer base.
Review of best …show more content…

This investment category is critical to having a having a well-rounded cybersecurity team. There is a strong business need to have employees that are not only experienced, but also have the required training on the systems/tools used by the company. For example, this company currently uses a program called Acunetix to scan for web vulnerabilities. If the company does not invest in people by sending them to the training courses, they may not be able to take full advantage of the software. This could lead to many wasted man-hours trying to figure out the program on their own or missing vulnerabilities due to not having in depth knowledge of the system. Just as employees need training on specific programs it is recommended that IT staff obtain and maintain certifications in their respective areas, such as the Certified Information Systems Security Professional (CISSP) certification for security personal (ISC,