Login Signup
Verified Document

TechFite Case Study Technology Case Study

Related Topics:
Unethical Behavior Training Program Data Security Information Security
Open Document Cite Document

TechFite Case Study

Section A: Ethical Issues for Cybersecurity

The field of cybersecurity faces some fundamental ethical issues that require the attention of policymakers. A primary cybersecurity ethical issue that emerges from the case is privacy violation (Solove & Schwartz, 2023). Cyber breaches pose a serious threat to data privacy, particularly with the huge quantities of personal data that organizations store electronically. Breaches into personal data by unauthorized users not only compromises confidentiality, but also exposes the affected clients to identity theft and fraud when cybercriminals use their personal data to commit fraudulent activities (Solove & Schwartz, 2023). In the case of companies, access to proprietary data by unauthorized users has the potential to cause serious financial harm, such as when such information leaks into the hands of competitors. Therefore, companies have a responsibility to undertake measures to safeguard personal client information through security audits, access controls, and encryptions, among other strategies (Solove & Schwartz, 2023). Privacy violation is relevant to the case study as there is evidence of employees gaining unauthorized access into clients IP addresses, thus obtaining proprietary business information that leaked to competitors. This points to fundamental weaknesses in the systems required to safeguard personal client data.

A second ethical issue is surveillance and monitoring. Cybersecurity professionals face a growing challenge with the emergence of surveillance technologies, including internet monitoring tools, facial recognition, and CCTV cameras, among other technologies (Solove & Schwartz, 2023). Such technologies allow users to gather huge quantities of personal data, raising ethical concerns about whether use of such surveillance technologies is ethically justified, whether client consent is needed, and the potential of abuse and misuse of clients personal data (Kritikos, 2023). Based on this, cybersecurity professionals have an ethical duty to establish systems of proper oversight around data sharing and retention to minimize the risk of misuse and unauthorized access (Kritikos, 2023). This ethical issue is relevant to the case study since the company has a release policy permitting surveillance of all electronic communication made using the companys equipment. It would be prudent to assess the oversight mechanisms that are in place to ensure that users do not exceed the extent of their authorized access through such surveillance.

The third ethical concern relevant to the case study is transparency and disclosure. Cybersecurity professionals have a responsibility to maintain transparency and accurately disclose security vulnerabilities as a means to help decision-makers take corrective...

Failure to disclose vulnerabilities or delayed disclosures exposes organizations to increased risk and derails potential efforts of addressing the same (Solove & Schwartz, 2023). This concern is relevant to the case study as available evidence shows that reports presented to management did not fully disclose the gaps in internal processes.

At this point, it would be prudent to identify the specific unethical behaviors perpetrated by the companys employees. The divisions head, Carl Jaspers acted unethically by operating ex-employees user accounts and using the accounts for intelligence-gathering against other companies. This way, Mr. Jaspers was able to access proprietary business information about certain companies via email. Mr. Jaspers further acted unethically by using his position in the division, and his capacity to dictate account privileges, to escalate privileges on these dummy accounts. In so doing, he was able to gain illegal access into other divisions, including finance, human resources, and the legal division.

The senior analyst, Sarah Miller, and junior analysts Jack Hudson and Megan Rogers, acted unethically by using the metasploit tool to scan into and illegally penetrate the IP addresses of multiple companies. Through third parties, Hudson used surveillance tools to illegally mine other companies trash with an aim to gather...

…monitoring, and issues of transparency and disclosure. Privacy violation occurs when individuals gain unauthorized access into personal data, causing losses. Companies have a responsibility to establish measures for safeguarding personal client information in their care. Cybersecurity professionals have an ethical duty to maintain oversight over the type of data collected, how it is stored, and how it is safeguarded from the risk of misuse. On transparency and disclosure, failure to disclose vulnerabilities or delayed disclosures exposes organizations to increased risk and derails potential efforts of addressing the same.

The just-concluded investigation reveals several instances of unethical behavior perpetrated by employees. These include employees operating ex-employees user accounts and using the same for intelligence-gathering against other companies, escalation of account privileges to gain access into the databases of other divisions within the company, use of surveillance tools to illegally mine other companies trash with an aim to gather business intelligence, and failure to disclose irregularities in internal operations, thus aiding illegal activities.

In this regard, it is prudent that the companys senior management takes steps to mitigate such behaviorin future. This report recommends adopting strong user access controls and a data classification system that would allow segregation of data by client and confidentiality level. At the same time, the company could invest in a Security Awareness Training and Education (SATE) program as a means to increase employees skill and knowledge on information security. The training program should cover the legal regulations/standards/laws that govern data security and legal ramifications of non-compliance, employees role in data security, types of cyber threats, and vulnerability testing procedures, among other areas. The program could be communicated through a combination of techniques, including interactive workshops, simulation exercises, online modules, and gaming techniques such as use of leaderboards. By sensitizing employees on the laws and regulations governing data security, the…

Continue Reading...
Sources used in this document:

References

Abrahams, T. O., Farayola, O., Kaggwa, S., & Uwaoma, P. (2024). Cybersecurity awareness and education programs: A review of employee engagement and accountability. Computer Science & IT Research Journal, 5(1), 100-119. DOI:10.51594/csitrj.v5i1.708Cybellium Ltd. (2023). Mastering data security and governance. Cybellium Ltd.

Kritikos, M. (2023). Ethical AI surveillance in the workplace. Emerald Group Publishing.

Solove, D. J., & Schwartz, P. M. (2023). Consumer privacy and data collection. Aspen Publishing.

Cite this Document:
Copy Bibliography Citation

Related Documents

Essay
Case Study 8-Year-Old With Dyslexia
Words: 3291 Length: 7 Document Type: Case Study

For this reason, it is critical to ascertain the causes of word reading difficulties in order to identify these problems and provide appropriate instruction as early as possible. (Allor, 2002, p. 47) Spear-Swerling & Sternberg note that the fundamental reason that children need to be screened for difficulties in pre-reading skills is that once the child is supposed to, by grade level be able to perform certain tasks it may

Read More
Essay
Case Study From Harvard Business
Words: 902 Length: 3 Document Type: Case Study

Opportunities . Indian elevator market growth is very promising in the 1995 timeframe, which is when this case study takes place. The low-end of the Indian elevator market is experiencing 27% increases in unit shipments, and 17% unit increases overall. . The market itself is highly fragmented for elevators in India. 70% of the demand for elevators is at the low-end of the market; 20% at the middle-end, and 10% at the top-end. . High levels of recurring

Read More
Essay
Case Study: Risk Assessment for
Words: 1660 Length: 5 Document Type: Research Proposal

Treatment Plan: The treatment plan should include medication for high blood pressure and diabetes. Indeed, according to some evidence, the long term usage of diuretic antihypertensives to reduce the presence of excess salts in the body can help to lower blood pressure. (Klatt, 1) Given that the subject of this discussion also suffers from an elevated risk of myocardial infarction, the danger of cardiac arrest or general heart failure is of greater concern than the presence of

Read More
Essay
Case Study Josie
Words: 1207 Length: 3 Document Type: Case Study

Josie Case Study The author of this report is asked to look at a case study relating to a young girl named Josie. The author is asked to answer to four particular high level questions and provide clear and concrete advice and solution to each of the four. Those four questions, in order, asked for risk factors, what should be done, what roadblocks will occur and the key legal/ethical considerations that

Read More
Essay
Case Study: Philmore College
Words: 1342 Length: 5 Document Type: Case Study

curriculum committee proceed with the work yet to be done? The curriculum committee should solicit information from all stakeholders, including part-time faculty, current students, and also the five acute care hospitals which are a part of the university network. It should create a map for future curriculum development, complete with specific deadlines for a timeline of activities. Unless goals are specifically set with a deadline-driven focus, it is far too

Read More
Essay
Case Study of Facebook
Words: 1672 Length: 6 Document Type: Case Study

Innovation and Creativity: Case Study of Facebook "FACEMASH TO FACEBOOK: AN INNOVATIVE JOURNEY FROM UNIVERSITY SOCIAL NETWORKING WEBSITE TO BILLION DOLLAR Business" On 28th October, 2003, Mark Zukerberg wrote Facemash in order to create a social networking website for the students of Harvard. At that time he was not aware that he was starting a whole new era of social networking innovation and creativity. What was started as a tool of social

Read More

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now