NEED A PERFECT PAPER? PLACE YOUR FIRST ORDER AND SAVE 15% USING COUPON:

4.8/5

TechFite Case Study C841 Cybersecurity

TechFite Case Study C841 Shawn’s Answer

TechFite Case Study C841: Review on Evidence

TechFite is a tech consultancy company whose client’s product information ended up in the hands of the company’s competitor. An investigation was launched to find out how this took place. It is suspected that TechFite facilitated the data breach. It was found that there were no specific details on the auditing of the user accounts. This is one of the vulnerabilities that would have facilitated the leaking of privileged information. This is evidence of the violation of the non-disclosure agreements (NDAs). Although the company employees may not have actively leaked the information, their negligence facilitated the loss.


Additionally, it was found that TechFite was receiving money by using off-the-books payment methods. It is also evident that two email accounts created with the request of Carl Jasper were used for intelligence gathering activities. This could be how the products’ information leaked to the competitors (Cristea, 2020).

It was also found that the TechFite computers were used to penetrate the computer systems of other internet companies. This may indicate the deliberate attempt to gather privileged information on the technology developed by various companies. Additionally, they engaged in intelligence gathering activities such as mining the digital trash from other companies in the pursuit of intelligence. This may indicate that Carl Jasper may not be acting alone.

Strategic and Competitive Intelligence Professionals (SCIP)

This may also violate the Strategic and Competitive Intelligence Professionals (SCIP) ethics that prohibit the use of illegal and covert business intelligence activities. It is also evident that the business intelligence unit may have created dummy accounts without proper authorization. This account has access to critical information such as legal, finance, and human resource. This is a possible vulnerability used in the leaking of the data. However, it is not evidence of the exact means used to extract privileged information (Connor & Doan, 2021).

Read Also: Topshop Marketing Strategic Planning Essay

TechFite Ethics and Cybersecurity Powerpoint

Techfite Ethics and Cybersecurity Case Study

The first selected organisation is Women in cybersecurity, a non-profit organisation dedicated to recruiting, retaining, and advancing women working in the Cybersecurity field. This has been attained through the creation of a robust cybersecurity workforce. According to the organisation’s privacy policy, they use only four aspects of personal information, namely email address, telephone number, mailing address, and name.

It is noted that the organisation does not collect any other detail about the clients and visitors to their website. In addition to this, personal information is not disclosed to the third party, the sponsors. The client’s personal information can be shared with the vendors in cases where the product or service is concerned (Gregory, 2007). They may also leverage personal information while responding to the client’s inquiries.

Women in Cybersecurity

However, it is noted that Women in cybersecurity do not take responsibility for third-party organisations’ practices, information, and privacy. This is with the realisation that third parties would utilise cookies to leverage the customer’s personal information for advertisement purposes. Therefore, the organisation urges the visitors not to send sensitive information such as credit card numbers, driver’s licenses, and social security numbers.

TechFite ought to adopt such measures to facilitate the enhancement of privacy (Gregory, 2007). However, because the company deals with sensitive information in its core business, it ought to have better data security methods. Such methods include the escalation of privilege among the workers according to the security required in providing services.

SVCSI – Silicon Valley Cybersecurity Institute

The second company is SVCSI – Silicon Valley Cybersecurity Institute, a not-for-profit organisation that seeks to promote, investigate, and develop the best practices. The company’s cybersecurity section defines terms that include account, business, company, consumer, cookies, country, data controller, and personal data, do not track, usage data, and website. The personal information details include usage data, address, phone number, name, and email address.

The organisation informs the clients of the instances that would lead to the disclosure of personal data to third parties; they include business transactions such as a merger, law enforcement, and other legal requirements such as the lack of compliance to legal obligations (Gregory, 2007). TechFite failed to disclose the guidelines on dealing with the client’s data. There ought to have been a protocol for the management of data for the benefit of the clients.

Non-Disclosure Agreements

In general, there was bleach in the company’s non-disclosure agreements after their product found its way to the competitors. TechFite had guaranteed they would not breach confidentiality, but their infrastructure does not allow them to commit. This happened to two of the company’s clients, with TechFite being the common denominator. The actor, in this case, is the company’s management in ensuring the protection of clients.

TechFite Ethics and Cybersecurity Case Study

The clients also ought to have clarified whether the infrastructure in TechFite would facilitate the It was found that there was a lack of escalation on privilege, surveilling internal network activity and traffic, and enforcing data loss prevention (Gregory, 2007). Therefore the protocol in TechFite does not allow data protection. Even though there were overt acts of bleaching the non-disclosure agreements, there was negligence, thus leading to illegality due to omission.

The fact that the infrastructure in TechFite did not facilitate the protection of customers’ information from third parties. The fact that there were non-disclosure agreements means that TechFite should ensure that they adhere to the non-disclosure agreements. Therefore the negligence in the company leads to the leaking of information on the client’s product getting to the hands of the competitors. This affected the future profitability of the client’s research process (Gregory, 2007). Therefore, TechFite was in direct contradiction with its responsibility as a consultant with sensitive information belonging to the clients.

Business Intelligence Unit

The Business Intelligence unit proved that there was negligence on the side of TechFite. The protocol used to ensure cybersecurity in TechFite contains a basic procedure that does not match the sensitivity of the client’s information (Gregory, 2007). This indicates gross negligence for a tech consultancy company. Additionally, a piece of misleading information on the company’s website indicated that they could provide information protection according to the non-disclosure agreements.

To prevent such a breach of privilege, but ended up auditing the company employees’ user accounts to ensure that there is cybersecurity for the client’s privilege. There also ought to be data loss prevention for sensitive documents. Additionally, there is a need to escalate privilege for the client’s sensitive documents (Caspian IT Group Code of Ethics., n.d.). There is also a need to prevent surveillance in the company’s network. The negligence would be ensured to ensure success with the project. Therefore the client’s intellectual property rights would be protected from competitors.

One of the deliberate measures that would be implemented in this pursuit includes incorporating security awareness training and education program. The TechFite worker ought to understand fraud prevention, whaling, phishing, malware, and spam (Caspian IT Group Code of Ethics., n.d.). Additionally, the tech support team should audit all the worker’s user accounts to prevent privileged information from finding its way to the client’s competitors.

Conclusion

In conclusion, there is negligence in TechFite while dealing with the client’s privileged information. It would be ethical for the company’s management to ensure that they must fulfil their promise to clients when they sign non-disclosure agreements. Therefore the infrastructure ought to work in the best interest of the client’s. Security awareness is very critical for the client, management workers at TechFite. They ought to have a department specialising in cybersecurity.

Case Study Decomposition Help TechFite

Citation and Reference Example 1-No Specific Writing style

 Citation and Reference Example 1-No Specific Writing style
In-textAn ethical guideline used by the Information Systems Security Association (ISSA) states that members will “Perform all professional activities and duties in accordance with all applicable laws and the highest ethical principles” (ISSA Code of Ethics, n.d.).
Reference Page entryInformation Systems Security Association (ISSA) Code of Ethics. n.d. Retrieved from
https://www.issa.org/issa-code-of-ethics/

Citation and Reference Example 2-No Specific Writing style

 Citation and Reference Example 2
No Specific Writing style
In-textAccording to Grama (2015), “the Internet is a protected computer because the Internet facilitates commerce between different states”.
Reference Page EntryGrama, J. L. (2015) Legal Issues in Information Security

References

Calculate Price


Price (USD)
$

Calculate Price


Price (USD)
$