Which of the threats discussed in this chapter should receive Charlie's attention early in his planning process? Ethical Decision MakingInstead of Charlie being named CISO, suppose instead that Fred hired his son-in-law, an unemployed accountant, to fill the role. Assuming the person had no prior experience or preparation for a job in information security, did Fred make an ethical choice? Explain your answer. Suppose that SLS has implemented the policy prohibiting use of personal USB drives at work. Also, suppose that Davey Martinez brought in the USB drive he had used to store last month's accounting worksheet. When he plugged in the drive, the worm outbreak started again and infected two servers. It's obvious that Davey violated policy, but did he commit ethical violations as well?

Question

Computers & Technology

Isla Price

16 March, 13:36

Which of the threats discussed in this chapter should receive Charlie's attention early in his planning process? Ethical Decision MakingInstead of Charlie being named CISO, suppose instead that Fred hired his son-in-law, an unemployed accountant, to fill the role. Assuming the person had no prior experience or preparation for a job in information security, did Fred make an ethical choice? Explain your answer. Suppose that SLS has implemented the policy prohibiting use of personal USB drives at work. Also, suppose that Davey Martinez brought in the USB drive he had used to store last month's accounting worksheet. When he plugged in the drive, the worm outbreak started again and infected two servers. It's obvious that Davey violated policy, but did he commit ethical violations as well?

+3

Answers (1)

Know the Answer?

Lady · Answer 1

1. Before the discussion at the start of this chapter, how do Fred, Gladys, and Charlie each perceive the scope and scale of the new information security effort? Did Fred's perception change after that?

Answer:

Before the discussion, Fred, Gladys, and Charlie focused on other ends in regards to information security. Fred was more concerned with adding additional software to fix the malware issues when clearly there were easier steps that need to be taken

2. How should Fred measure success when he evaluates Gladys' performance for this project? How should he evaluate Charlie's performance?

Answer:

Gladys's performance should be based on the new security measures and protocol that she has in place for the organization. This of course, is putting a lot of trust into Charlie's performance as she was the one to introduce Charlie with his new plan on the organization's new security. She practically had him nominated for CIO.

3. Which of the threats discussed in this chapter should receive Charlie's attention early in his planning process?

Answer:

Before considering outside threats, internal threats should be looked into early in the planning process. Internal threats does not necessarily mean that the employees have malicious intent, but the case of human error and failure can also be a negative contribution to cyber security. Creating a security program and education end users by creating a security policy guidance is one of the the best ways to prevent simple cyber security issues from starting

Instead of Charlie being named CISO, suppose instead that Fred hired his son-in-law, an unemployed accountant, to fill the role. Assuming the person had no prior experience or preparation for a job in information security, did Fred make an ethical choice? Explain your answer.

Answer:

Absolutely not! By hiring an unexperienced family member over a trained professional, Fred is letting his emotions get the better of him. Fred should consult with Gladys on whether his son-in-law is good candidate for the position or not. Rather than sacrifice company security, Fred could possibly find his son-in-law a position in the companies' financial or human resources departments.