Cyber-attacks could affect our business.
Cyber attacks are not limit to the damage of devices and lack of proper working of networks, but an organization or business can incur legal defense charges, legal settlements, and lost customers. An example is the theft of customer data as a result of a virus attack, which creates an access point for malicious hackers to access a network system of our organization. This can lead to customers or employees to sue the business. A case in point is the wiper malware attack that bricked thousands of Sony computers. This attack came to light when it was believed the release of a movie, “The Interview”, was to ridicule the North Korean Leader (Raymond, 2015).
In this case, Sony agreed to settle some affected employees since as custodians of employees’ information, they had the responsibility making the data available to only authorized people, as well as protecting the integrity and confidentiality of their information. That is, Confidentiality, integrity and availability of information or CIA triad.
- Disruptions in our computer systems could adversely impact our business.
In addition, a cyber attack can have a negative bearing on our business. This effect can be the termination of business continuity. Every business is about rendering services to customers or giving product to its partners/customers. Interruptions in our network systems could lead to poor communication or lack of availability of essential data on our databases, our organization will have to initiate a data recovery, or relocate to a hot site/offsite location to continue operation. These arrangements will take time for our organization to operate at an optimum level with our partners and customers, leading to a loose competition and profits throughout that interruption. An example is the malware attack that hindered MedStar Hospitals from retrieving patient’s data and, in some cases, the employees had to turn patients away (Cox, 2016).
- We could be liable if third party equipment recommended and installed by us, i.e. smart home controllers, fails to provide adequate security for our residential clients.
Customers only sought our business and services but clients did not ask for our inactions to make them susceptible/vulnerable to attacks through no action of theirs. In fact, it is against the 1974 Privacy Act if a business refuses to protected data it holds, which can result in financial loss and emotional harm among others (Sternstein, 2015). Taking a lesson from the Office of Personnel Management (OPM) huge breach of government workers, there is a current lawsuit for this data breach. This data breach can lead to a loss of good reputation or doubt on the part of OPM to protect data personnel have trusted to them (Nkashima, 2015).
Concentrating on financial loses, OPM has given insurance security coverage for many government workers who were touched via this information breach and this is an amount the OPM could have averted from their financial plan in further safeguarding their network.
Cox, J. (2016). MedStar Health turns away patients after likely ransomware cyberattack Retrieved from https://www.washingtonpost.com/local/medstar-health-turns-away-patients-one-day-after-cyberattack-on-its-computers/2016/03/29/252626ae-f5bc-11e5-a3ce-f06b5ba21f33_story.html
Raymond, N. (2015).Sony to pays up to eight million.Retrieved from ://www.reuters.com/article/us-sony-cyberattack-lawsui…
Nkashima, E. (2015). Hacks of OPM databases compromised 22.1 million people, federal authorities say Retrieved from https://www.washingtonpost.com/news/federal-eye/wp/2015/07/09/hack-of-security-clearance-system-affected-21-5-million-people-federal-authorities-say/
Cyber-attacks are on the rise throughout businesses all across this country and Red Clay Renovations is no exemption to this statement. Cyber-attacks on average cost businesses $7.7 million annually. Numbers like that can be detrimental to any corporation if not properly addressed. Cyber-attacks are a lot like shockwaves. There is a massive central impact and from there waves move along and disrupt other areas not even thought about.
A potential impact that could occur from a cyber-attack is the loss of trust from shareholders. If Red Clay Renovations cannot maintain their own infrastructure and security, how are they supposed to handle their customers? Forgo another effect after that, what kind of image does that give Red Clay Renovations?
System & Third Party
Systems that we install into home are dependable on the Red Clay Renovations infrastructure but if that infrastructure is attacked and inevitably goes down then our customer base is essentially without their service. Which leads back to reputation and trust issues amongst our shareholders and customers. This doesn’t include the lawsuits that could be infringed upon Red Clay Renovations if an attack occurs.
Some cyber-attacks can steal and even alter data. Take for instance Operation High roller in 2012. The attackers were able to change account number information and gather customer information within seconds. This was due to a number of unsecure systems, “unpatched systems are still a factor in a large number of cyber incidents”, (McCreight, T., & Leece, D. ,2016)
They then altered more information to make it look as though they didn’t steal anything. This operation combines an insider level of understanding of banking transaction systems with both custom and off the shelf malicious code and appears to be worthy of the term “organized crime”, (McAfee Labs & Guardian Analytics, 2012). Very sophisticated attacks like this could cripple an up and coming company such as Red Clay Renovations.
Overall, cybersecurity needs to be Red Clay Renovations first priority in every facet that we operate in. Red Clay Renovations needs to maintain its trust with not only its customers and its shareholders but the public and potential clients. Maintaining a strong and cyber secure image will save Red Clay Renovations millions and hopefully make them a few more in the process.
Ferdinand, J. (2015). Building organisational cyber resilience: A strategic knowledge-based view of cyber security management. Journal Of Business Continuity & Emergency Planning, 9(2), 185-195.
McCreight, T., & Leece, D. (2016). Physical security and IT convergence: Managing the cyber-related risks. Journal Of Business Continuity & Emergency Planning, 10(1), 18-30.
McAfee Labs & Guardian Analytics. (2012). Dissecting Operation High Roller [White Paper].
Retrieved March 29, 2015 from http://www.mcafee.com/uk/resources/reports/rp-oper…