User Account

All Pages

Find and fix security vulnerabilities

Assignment Help Software Engineering
Reference no: EM131462647

I have to reply to this article. Nowadays almost all corporate assets are maintained on an electronic platform, which makes them open and vulnerable to cyber-attacks. If an attack succeeds and a sensitive information is exposed, the customer / the victim will seek for someone to blame. "While it is not easy to prove breach of the legal duties to protect electronically stored information, some claims are starting to succeed.

And aside from any litigation topics, even a court victory will not remedy reputation, operational or enterprise damage" (Buckley, 2014). "In the aftermath of the financial collapse of Lehman Brothers in 2008 it is no longer acceptable for senior management to deny knowledge or responsibility for corporate governance and that includes responsibility for the safety of data" (Goucher, 2016).

International Organization for Standardization (ISO), in the ISO 27001:2013 standards regarding Audit and Risk, pushes for engagement from not only IT and HR but also the middle level of management that are not much involved in the security issues.

That implies that those who worked on this standard were looking to use it as a tool for promoting a culture of security throughout organizations. Harkins (2016) stated that information security and privacy are issues of corporate social responsibility (CSR). Corporate social responsibility means that companies look beyond their profits and legal obligations to their broader role in society.

Although not many companied consider security and privacy risks to be CSR issues, the tendency may change over time, as public and corporate awareness of the risks continues to expand. For example, consumer data protection is one area of information risk that is already widely treated as a CSR issue; it is even included in the International Standards Organization corporate social responsibility standard (ISO 26000).

It seems to be a mutual understanding that a company should be responsible for data protection and take all necessary measurement to find and fix security vulnerabilities. However, security and protection of any organization are most effective when they include all aspects of company's operation, i.e. not only technical controls but also the way staff do their work.

A company must implement security practices that need to be user-friendly enough that users see the point of making the effort to use them.

References Goucher, W. (2016).

Information Security Auditor - Careers in information security. BCS Learning & Development Limited.

Print ISBN-13: 978-1-78017-216-3. Web ISBN-13: Harkins,W. M. (2016).

Managing Risk and Information Security: Protect to Enable, Second Edition. Apress.

Print ISBN-13: 978-1-4842-1456-5 Buckley, M. B. (2014).

Corporate Responsibility of Data Privacy, Protection. Properties Magazine.

Retrieved from https://www.buckleyking.com/news-details/2014-11-corporate-responsibility-data-privacy-and-protections

Verified Expert

These days cyber-attacks are common in every business irrespective of size. Companies need to increase the consciousness among the employees. Increasing awareness among the staff would prove to be the most cost-effective methods of stopping a cyber-attack.

Reference no: EM131462647

Questions Cloud

What is the difference between wholesalers and retailers : What is the difference between a department store and a discount store with regard to selling orientation and philosophy?
What is net working capital to total asset ratio at year end : What is the net working capital to total assets ratio at year-end?
Which is a chemical form of arthritis : The first is entitled The Myths and Facts About Joint Pain and the second is an article about foods that can trigger gout, which is a chemical form of arthritis
How a lack of or delayed access to health care : Explain how a lack of or delayed access to health care has an impact on an individual's health status
Find and fix security vulnerabilities : It seems to be a mutual understanding that a company should be responsible for data protection and take all necessary measurement to find and fix security vulnerabilities
Compare and contrast community and regional shopping centers : What can nonstore retailers offer their customers that in-store retailers cannot? Compare and contrast community shopping centers and regional shopping centers.
Can you make predictions on behavior : Can you make predictions on behavior? In the short-run? In the long-run? Is there a public policy available to address the issue in a positive way.
Toward principal of loan-how much will go toward interest : how much of the payment will go toward the principal of the loan and how much will go toward? interest?
Evaluate the impact of governance on implementation : Describe the change management model your chosen organization uses. Evaluate the impact of governance on implementation of strategic goals

Reviews

Write a Review

Software Engineering Questions & Answers

  Sap community network portal

Identify any manufacturing company that belongs to the list of industries on SAP community network portal; who implement SAP system and enjoying its benefits.

  1 executive summary with key findings and recommendations2

1. executive summary with key findings and recommendations2. clear and concise description of the market in which the

  Identify two significant operational deficiencies

Identify two significant operational deficiencies and two significant information system control deficiencies.- suggest a potential solution.

  You have been hired as the cio of a large multinational

you have been hired as the cio of a large multinational internet advertising company. the president of the company is

  Software project management plan

Which of the following items should not be included in the software project management plan? (a) The techniques and case tools to be used (b) Detailed schedules, budgets and resource allocations

  1 listen elasticity is important said the director of the

1. listen elasticity is important said the director of the aquarium but we borrowed 21.6 million for 20 years other

  Is there a place for ethics in iton march 15 2005 michael

is there a place for ethics in it?on march 15 2005 michael schrage published an article in cio magazine entitled ethics

  Every product or service has a buying process even digital

every product or service has a buying process even digital products and services. you will research and analyze the

  Similarities and differences between a systems flowchart

What is the difference between a context diagram, a logical DFD, and a physical DFD?- What is a systems flowchart?

  How availability of is expertise influenced decision rules

What business and IT problems can be caused by lack of common information and an enterprise IM strategy - Create an initial post in which you take a position on purchasing systems/software or building systems/software.

  Create a z schema that adequately describes the wtc system

You are to create a Z schema that adequately describes the WTC system. It should include at least one state space and the following operations.

  Writing and executing an insert statement

Make yourself a student by writing and executing an INSERT statement to insert a row into the STUDENT table with information about you.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd