close
This essay has been submitted by a student. This is not an example of the work written by professional essay writers.

Cyber Security Responsibility of an Organisation

downloadDownload printPrint

Remember! This is just a sample.

You can get your custom paper by one of our expert writers.

Get custom essay

121 writers online

blank-ico
Download PDF

Australia’s Cyber security strategy sets out the Australian Government’s philosophy for advancing and protecting the interests of Australian individuals, businesses, and government in an online environment. Broadly speaking, the cyber security responsibility of an organization is to assure confidentiality, integrity, and availability of digital information within the organization. Australia’s Cyber Security Strategy encourages businesses to better ‘educate and empower employees to use sound practices online.’ This is one of the key cyber-security responsibilities of an organization, which includes promoting institutional cyberculture and raising awareness of the cyber practice. Businesses also need to ensure their cyber security practices are at the very least ‘robust and up to date,’ because as people and systems become increasingly interconnected, the amount of valuable information stored online has increased. This corresponds to the increase in efforts to steal and exploit that information, which threatens the economy, individual and organizational privacy, and safety.

The lack of a global authority which has established and will oversee a set of ethical standards means that organizations have an individual responsibility to either hold their organizational members to account to a specified code of ethics or adopt an existing set of guidelines from another organization, such as the Information Systems Security Association (ISSA). This is partly due to the ‘slippery slope’ concept. This concept is important to address, particularly in the IT security department of an organization as they typically have the most jurisdiction and involvement with cyber security decisions of any non-executive employee in an organization. because although there are a lot of questions around what an appropriate ethical response should be, this is a question that each IT security professional employee must answer themselves, in the situational context. This is because most ethical issues that these professionals will confront have not yet been codified into law, and there is no existing body which has established and will oversee a detailed code of ethics. Digital technologies have enormous amounts of potential, however, their potential depends on the extent of trust an organization can have in the internet and cyberspace. Without an appropriate strategy, the organization is open to ethical and financial compromise.

The primary ethical issues within cybersecurity which organizations face and need to address include; Incident response, encryption issues, roles and responsibilities of individual employees and departments, threats to privacy and property, cyberspace resource allocation, and transparency and disclosure. In terms of incident response, organizations need to have a process which managers are required to follow as to how, when, and where they need to have conversations with employees to inform them of breaches in cyber security. They also need to address to what extent should incident investigations be carried out to, and what level of importance is placed on the employee’s privacy in comparison to the organization’s responsibility to identify and address the nature of the breach. Within the corporate sphere, many of the methods implemented will provoke ethical questions – largely again this is because of the lack of universal, mandatory governing bodies. Cyber security professionals, in whatever capacity they are employed, need to consider ethics when utilizing or implementing any security solution involving administrative access to other employees’ personal information. As addressed in Australia’s Cyber Security Strategy’s encouragement for education and empowerment of employees, this reinforces how important it is for people employed in this profession to have a comprehensive understanding of all cyber-related ethics issues. For organizations, in particular, healthcare organizations due to the sensitive health information involved, it is important to monitor that their cybersecurity professionals are consistently employing these practices as a part of their working behavior. IT cyber security professionals could also play a role in helping organizations to be ethical from the ground up, by being involved in the vetting of potential employees. This would help to reinforce an ethical culture, and ensure new employees immediately embrace ethical practices. The organization is also responsible for determining the extent to which the company holds Cyber-security professionals, the IT department, management, and executives responsible when a cyber breach occurs. The organization should comply with the principle of least privilege, which requires that each abstraction layer of the online environment must only allow each module to access only the information and resources necessary to its legitimate purpose. As the Snowden disclosures demonstrate, often the most damaging risk to the government or business online security is not ‘malware’ but ‘warmware’; the ability of a trusted insider to cause massive disruption to a network or to use legitimate access to obtain classified material and then illegally disclose it.  

Remember: This is just a sample from a fellow student.

Your time is important. Let us write you an essay from scratch

experts 450+ experts on 30 subjects ready to help you just now

delivery Starting from 3 hours delivery

Find Free Essays

We provide you with original essay samples, perfect formatting and styling

Cite this Essay

To export a reference to this article please select a referencing style below:

Cyber Security Responsibility of an Organisation. (2022, August 01). GradesFixer. Retrieved August 15, 2022, from https://gradesfixer.com/free-essay-examples/cyber-security-responsibility-of-an-organisation/
“Cyber Security Responsibility of an Organisation.” GradesFixer, 01 Aug. 2022, gradesfixer.com/free-essay-examples/cyber-security-responsibility-of-an-organisation/
Cyber Security Responsibility of an Organisation. [online]. Available at: <https://gradesfixer.com/free-essay-examples/cyber-security-responsibility-of-an-organisation/> [Accessed 15 Aug. 2022].
Cyber Security Responsibility of an Organisation [Internet]. GradesFixer. 2022 Aug 01 [cited 2022 Aug 15]. Available from: https://gradesfixer.com/free-essay-examples/cyber-security-responsibility-of-an-organisation/
copy to clipboard
close

Where do you want us to send this sample?

    By clicking “Continue”, you agree to our terms of service and privacy policy.

    close

    Be careful. This essay is not unique

    This essay was donated by a student and is likely to have been used and submitted before

    Download this Sample

    Free samples may contain mistakes and not unique parts

    close

    Sorry, we could not paraphrase this essay. Our professional writers can rewrite it and get you a unique paper.

    close

    Thanks!

    Please check your inbox.

    We can write you a custom essay that will follow your exact instructions and meet the deadlines. Let's fix your grades together!

    boy

    Hi there!

    Are you interested in getting a customized paper?

    Check it out!
    Don't use plagiarized sources. Get your custom essay. Get custom paper
    exit-popup-close

    Haven't found the right essay?

    Get an expert to write you the one you need!

    exit-popup-print

    Professional writers and researchers

    exit-popup-quotes

    Sources and citation are provided

    exit-popup-clock

    3 hour delivery

    exit-popup-persone