Obligations of Managers and Executives in I.T - Essay Example

Obligations of Managers and Executives in I.T Obligations of Managers and Executives in I.T Question one As the menace of cybercrime grows, companies must defend their corporations. Most importantly, all stakeholders must remain involved in reformed discussions regarding cyber security (Hayes & Bodhani, 2013). In this regard, all business managers and executives have a duty to offer protection to their information. These executives and managers must satisfy their obligations toward the protection of corporate information in the contemporary environment where failure might establish derogatory legal risks and public relation challenges.

The executives and managers have the mandate to provide security to their businesses and corporate information (Putte & Verhelst, 2013). It is the fundamental duty of directors and executive officers in the organization to protect the safety of their corporate organizations besides their computer systems. The officials must remain charged in ascertaining compliance with policies and standards set to guide the IT sector. Evidentially, managers and the top executives must provide security to the corporate information.

As the acts of cybercrime grow, persons having the obligation of protecting corporate information must be vigilant to succeed (Archibald, 2009). It is domineering to outline failure of compliance by the executives to constitute criminal offenses since they have the responsibility to protect their companies. If the charges are not tightly set, then they may not realize gravity of the mandate bestowed upon them. Considerably, cyber security has been an issue concerning the IT department. However, there has been a considerable growth of the information security to constitute a legal obligation and responsibility for the management.

In this regard, all the shareholders need inclusion to address the matters of cyber security. For instance, according to the Gramm-Leach-Bliley security regulations, the Board of Directors has the mandate to ensure safety of finances regarding their corporations. In addition, the evolving case laws suggest that corporate directors have a duty of care for the company’s information systems (Smedinghoff, 2005). They add that the obligation extends to safeguarding the integrity of the stored data from a mere responsibility of guarding corporate financials.

Further, the Business Roundtable notes that the board of directors should consider information security as an element of corporate governance. Question two Data confidentiality, integrity, and storage In this context, it is eminent for the organizations to observe the procedure incorporated to protect their company information from access by unauthorized persons. The information should be free from disclosure, alteration, destruction, or transmission. The data must be stored in forms that are not easy to interpret when opened as flat plain text files, accessed in inaccessible locations, and or protected by the firewall (Smedinghoff, 2005).

Use of technical access controls in protecting the corporate information In this context, policies and procedures should remain implemented to ensure appropriate access of information by authorized persons (Kshetri, 2010). The process may involve those that determine authorized access, those that grant and control access, and individuals that verify access besides those that terminate the unauthorized access to information (Smedinghoff, 2005). Implementing the incident response plan strategies In this case, the company employs tactics that sense unauthorized access and reports it to the security management personnel.

The systems detect the security breaches by the users and reports them to the security staff. The situation ensures that the relevant personnel receives the information regarding the security breach, and prompt actions must be in place to address any detection of unauthorized entry(Smedinghoff, 2005). References Archibald, G. J. (2009). “Protecting your Nonprofit Organization from Cyber Crime.” Business Journal (Central New York), 23(45), 9. Hayes, J., & Bodhani, A. (2013). “Cyber Security: Small Firms Under Fire.

” Engineering & Technology (17509637), 8(6), 80-83. Kshetri, N. (2010). “Diffusion and Effects of Cyber-Crime in Developing Economies.” Third World Quarterly, 31(7), 1057-1079. doi:10.1080/01436597.2010.518752 Putte, D. V., &Verhelst, M. (2013). “Cyber crime: Can a standard risk analysis help in the challenges facing business continuity managers?” Journal of Business Continuity & Emergency Planning, 7(2), 126-137. Smedinghoff, T. J. (2005). “The New Law of Information Security: What Companies Need to Do Now?

” Computer & Internet Lawyer, 22(11), 9-25.