SlideShare a Scribd company logo

APA Writing Sample Extortion on the JobValorie J. King, PhDApril .docx

Download as DOCX, PDF
J
justine1simpson78276

APA Writing Sample: Extortion on the JobValorie J. King, PhDApril 2, 2014 Running Head: APA WRITING SAMPLE 1 Running Head: APA WRITING SAMPLE 5 Introduction Writing as Anonymous (2003), the Chief Information Security Officer (CISO) of a major United States (US) corporation told a chilling tale of email based extortion attempts against employees who had received extortion threats via email sent to their corporate email addresses. The corporation, its managers, and the individual employees who were targeted faced a number of issues and dilemmas as they responded to security incident caused by the extortion attempts. In the following analysis, one issue–the enforcement of acceptable use policies–is discussed and critiqued.Analysis The Attack Drive by download attacks occur when a legitimate Web server has been infected with malware or malicious scripts which deliver malware, pornography, or other objectionable material along with the Web page content that the visitor was expecting to see (Microsoft, 2014; Niki, 2009). These types of attacks are difficult to detect and often result in the infection of large numbers of visitors before the infection is detected and removed from the Web site. In this attack, computers used by the affected employees (victims) were compromised by a drive by download attack (Microsoft, 2014) which resulted in the download of pornographic materials while they were browsing websites which, in turn, had been compromised (Anonymous, 2003). The attackers also obtained each visitor’s email address from the Web browser. Extortion emails were sent to victims demanding credit card payment of hush fees. The extortionists told the victims exactly where the contraband files were located on the computer hard drive and assured the victims that it was impossible to remove those files. Why the Problem Went Unreported Anonymous (2003) discovered that he was dealing with “paranoid users who don't trust security people” (p. 1). There are many possible reasons why employees turn into paranoid users who are unwilling to self-report for security incidents, even those which are accidental. Two such reasons are enforcement of zero tolerance for violations and perceptions of unfairness or a lack of justice. Zero tolerance. The previous CISO implemented a zero tolerance policy with respect to acceptable use policy (AUP) violations (Anonymous, 2003). Under this zero-tolerance policy, a number of employees were terminated (fired), without due process or hearings to establish guilt or innocence. When employees began receiving extortion emails and threats, they believed that their jobs could be placed at risk, regardless of their innocence or guilt with respect to downloading of pornography to company computers, if they reported the presence of pornographic files (pushed to the computer by the extortionists). Perceptions of fairness and justice. When employees feel that IT policy enforcement is unfair, the situation is usually accompanied.

Education
1 of 6
APA Writing Sample: Extortion on the JobValorie J. King, PhDApril 2, 2014 Running Head: APA WRITING SAMPLE 1 Running Head: APA WRITING SAMPLE 5 Introduction Writing as Anonymous (2003), the Chief Information Security Officer (CISO) of a major United States (US) corporation told a chilling tale of email based extortion attempts against employees who had received extortion threats via email sent to their corporate email addresses. The corporation, its managers, and the individual employees who were targeted faced a number of issues and dilemmas as they responded to security incident caused by the extortion attempts. In the following analysis, one issue–the enforcement of acceptable use policies–is discussed and critiqued.Analysis The Attack Drive by download attacks occur when a legitimate Web server has been infected with malware or malicious scripts which deliver malware, pornography, or other objectionable material along with the Web page content that the visitor was expecting to see (Microsoft, 2014; Niki, 2009). These types of attacks are difficult to detect and often result in the infection of large numbers of visitors before the infection is detected and removed from the Web site. In this attack, computers used by the affected employees (victims) were compromised by a drive by download attack (Microsoft, 2014) which resulted in the download of pornographic materials while they were browsing websites which, in turn, had been compromised (Anonymous, 2003). The attackers also obtained each visitor’s email address from the
Web browser. Extortion emails were sent to victims demanding credit card payment of hush fees. The extortionists told the victims exactly where the contraband files were located on the computer hard drive and assured the victims that it was impossible to remove those files. Why the Problem Went Unreported Anonymous (2003) discovered that he was dealing with “paranoid users who don't trust security people” (p. 1). There are many possible reasons why employees turn into paranoid users who are unwilling to self-report for security incidents, even those which are accidental. Two such reasons are enforcement of zero tolerance for violations and perceptions of unfairness or a lack of justice. Zero tolerance. The previous CISO implemented a zero tolerance policy with respect to acceptable use policy (AUP) violations (Anonymous, 2003). Under this zero-tolerance policy, a number of employees were terminated (fired), without due process or hearings to establish guilt or innocence. When employees began receiving extortion emails and threats, they believed that their jobs could be placed at risk, regardless of their innocence or guilt with respect to downloading of pornography to company computers, if they reported the presence of pornographic files (pushed to the computer by the extortionists). Perceptions of fairness and justice. When employees feel that IT policy enforcement is unfair, the situation is usually accompanied by extreme and long-lasting negative feelings or emotions (Flint et al., 2005). The overall result (consequences) in this instance was an increase in unethical behavior as victims attempted to hide or cover-up the extortion attempts (lying) rather than asking their employer for assistance and protection from harm (Moor, 1999). This undesirable result is, in part, due to the employer’s failure to consider the consequences of the application of the zero tolerance policy.
Incident Response The new CISO treated the extortion situation as a security incident rather than as an employee disciplinary problem (Anonymous, 2003). He and his IT Security Staff investigated the situation and learned that (a) the company’s employees regularly received such threats and (b) some of them had paid the extortionists rather than risk losing their jobs. The CISO directed the IT Security Staff to reconfigure firewalls and other network security appliances to block all further emails containing extortion keywords or from the known IP addresses for the extortionists. The CISO also met with IT staff members to determine what additional protective actions could be taken. Finally, the new CISO met with the IT staff and other selected employees to determine what actions needed to be taken to encourage employees to come forward (self-report) in the future and decrease the atmosphere of fear and distrust that he had inherited.Summary and Conclusions In this article, the author highlighted some of the problems that can arise when employers emphasize adherence to rules rather than seeking a balance between rules and outcomes (Anonymous, 2003). The company’s zero-tolerance enforcement of its acceptable use policy resulted in undesirable outcomes, particularly the creation of an atmosphere of fear and secretive behavior. This, in turn, resulted in employees being unwilling to report security incidents. To avoid this problem in the future, corporate management should review the potential negative consequences or outcomes of policy enforcement and address specific circumstances with compassion rather than hardline enforcement (Reynolds, 2007). References Anonymous. (2003, February 3). A sordid tale. Chief Security Officer. CSO Online. Retrieved from https://web.archive.org/ web/20031119054351/http://www.csoonline.com/read/020103/ undercover.html Flint, D., Hernandez-Marrero, P., & Wielemaker, M. (2005).
The role of affect and cognition in the perception of outcome acceptability under different justice conditions. The Journal of American Academy of Business, 7(1), 269-277. Microsoft. (2014). Microsoft security intelligence report. Retrieved from http://www.microsoft.com/security/sir/glossary/drive-by- download-sites.aspx Moor, J. H. (1999). Just consequentialism and computing. Ethics and Information Technology, 1(1), 61-69. Niki, A. (2009, December). Drive-by download attacks: Effects and detection methods. Paper presented at the 3rd IT Student Conference for the Next Generation. Retrieved from http://www.kaspersky.com/fr/images/drive- by_download_attacks_effects_and_detection_methods.pdf Reynolds, G. W. (2007). Ethics in information technology (2nd ed.). Boston, MA: Thompson Course Technology. Case Study #1: Why should businesses invest in cybersecurity? Case Scenario: A client company has asked your cybersecurity consulting firm to provide it with a 2 to 3 page white paper which discusses the business need for investments in cybersecurity. The purpose of this white paper is to “fill in the gaps” in a business case that was already prepared by the company’s Chief Information Officer. The target audience for your paper is the company’s C- suite executives. These executives will be meeting later this month to discuss budget requests from department heads. The company has requested that your white paper use the same investment categories as are already in use for the CIO’s business case: people, processes, and technologies. Research: 1. Read / Review the Week 1 readings. 2. Find three or more additional sources which provide information about best practice recommendations for
cybersecurity and other reasons why businesses should invest in people, processes, and technologies related to cybersecurity. These additional sources can include analyst reports (e.g. Gartner, Forrester, Price-Waterhouse, Booz-Allen) and/or news stories about recent attacks / threats, data breaches, cybercrime, cyber terrorism, etc. Write: Write a two to three-page summary of your research. At a minimum, your summary must include the following: 1. An introduction or overview of cybersecurity which provides definitions and addresses the business need for cybersecurity. This introduction should be suitable for an executive audience. 2. A separate section which addresses ethical considerations which drive the business need for investments in cybersecurity. 3. A review of best practices and recommendations which can be added to the existing business case to provide justification for cybersecurity-focused investments in the three investment categories identified by the company: people, processes, and technologies. Your white paper should use standard terms and definitions for cybersecurity. See Course Content > Cybersecurity Concepts Review for recommended resources. Submit For Grading & Discussion 1. Submit your case study in MS Word format (.docx or .doc file) using the Case Study #1 Assignment in your assignment folder. (Attach the file.) Formatting Instructions 1. Use standard APA formatting for the MS Word document that you submit to your assignment folder. Formatting requirements and examples are found under Course Resources > APA Resources. 2. More than 3 sources must be used
Additional Information 1. You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs. These items are graded under Professionalism and constitute 20% of the assignment grade. 2. You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must comply with APA 6th edition Style requirements. Failure to credit your sources will result in penalties as provided for under the university’s Academic Integrity policy.

Recommended

Business Strategy and Policy (MHRM 612-1)1. An organization’s .docx
Business Strategy and Policy (MHRM 612-1)1. An organization’s .docxBusiness Strategy and Policy (MHRM 612-1)1. An organization’s .docx
Business Strategy and Policy (MHRM 612-1)1. An organization’s .docxRAHUL126667
 
Title of PaperYour NameMonth Day, YearRunning head BASIC PA.docx
Title of PaperYour NameMonth Day, YearRunning head BASIC PA.docxTitle of PaperYour NameMonth Day, YearRunning head BASIC PA.docx
Title of PaperYour NameMonth Day, YearRunning head BASIC PA.docxherthalearmont
 
Strategic HRM Plan Grading GuideHRM498 Version 42.docx
Strategic HRM Plan Grading GuideHRM498 Version 42.docxStrategic HRM Plan Grading GuideHRM498 Version 42.docx
Strategic HRM Plan Grading GuideHRM498 Version 42.docxflorriezhamphrey3065
 
Database Security Analysis
Database Security AnalysisDatabase Security Analysis
Database Security AnalysisBrendan Mc Sweeney
 
Rapport X force 2014
Rapport X force 2014Rapport X force 2014
Rapport X force 2014Patrick Bouillaud
 
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxchristiandean12115
 
Safeguardsintheworkplace
SafeguardsintheworkplaceSafeguardsintheworkplace
SafeguardsintheworkplaceAdam Richards
 
Dealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyDealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyCSCJournals
 

Recommended

Business Strategy and Policy (MHRM 612-1)1. An organization’s .docx
Business Strategy and Policy (MHRM 612-1)1. An organization’s .docxBusiness Strategy and Policy (MHRM 612-1)1. An organization’s .docx
Business Strategy and Policy (MHRM 612-1)1. An organization’s .docxRAHUL126667
 
Title of PaperYour NameMonth Day, YearRunning head BASIC PA.docx
Title of PaperYour NameMonth Day, YearRunning head BASIC PA.docxTitle of PaperYour NameMonth Day, YearRunning head BASIC PA.docx
Title of PaperYour NameMonth Day, YearRunning head BASIC PA.docxherthalearmont
 
Strategic HRM Plan Grading GuideHRM498 Version 42.docx
Strategic HRM Plan Grading GuideHRM498 Version 42.docxStrategic HRM Plan Grading GuideHRM498 Version 42.docx
Strategic HRM Plan Grading GuideHRM498 Version 42.docxflorriezhamphrey3065
 
Database Security Analysis
Database Security AnalysisDatabase Security Analysis
Database Security AnalysisBrendan Mc Sweeney
 
Rapport X force 2014
Rapport X force 2014Rapport X force 2014
Rapport X force 2014Patrick Bouillaud
 
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxchristiandean12115
 
Safeguardsintheworkplace
SafeguardsintheworkplaceSafeguardsintheworkplace
SafeguardsintheworkplaceAdam Richards
 
Dealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyDealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyCSCJournals
 
CISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxCISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxmccormicknadine86
 
CISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxCISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxsleeperharwell
 
1.Security Overview And Patching
1.Security Overview And Patching1.Security Overview And Patching
1.Security Overview And Patchingphanleson
 
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docx
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docxRunning Head STATEMENT OF WORKSTATEMENT OF WORK .docx
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docxtoltonkendal
 
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESE-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESIJNSA Journal
 
Running Head SECURITY AWARENESSSecurity Awareness .docx
Running Head SECURITY AWARENESSSecurity Awareness .docxRunning Head SECURITY AWARENESSSecurity Awareness .docx
Running Head SECURITY AWARENESSSecurity Awareness .docxtoltonkendal
 
Grading Guide Lifespan Development and Personality PaperPSY1.docx
Grading Guide Lifespan Development and Personality PaperPSY1.docxGrading Guide Lifespan Development and Personality PaperPSY1.docx
Grading Guide Lifespan Development and Personality PaperPSY1.docxwhittemorelucilla
 
Replies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxReplies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxsodhi3
 
Running head CHALLENGES OF CYBER SECURITY9.docx
Running head CHALLENGES OF CYBER SECURITY9.docxRunning head CHALLENGES OF CYBER SECURITY9.docx
Running head CHALLENGES OF CYBER SECURITY9.docxsusanschei
 
Gs Ch1
Gs Ch1Gs Ch1
Gs Ch1phanleson
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docxsaivarun91
 
Strengthening the Weakest Link - Reducing Risks from Social Engineering Attacks
Strengthening the Weakest Link - Reducing Risks from Social Engineering AttacksStrengthening the Weakest Link - Reducing Risks from Social Engineering Attacks
Strengthening the Weakest Link - Reducing Risks from Social Engineering AttacksFitCEO, Inc. (FCI)
 
OverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateOverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateKashif Ali
 
Presentación AMIB Los Cabos
Presentación AMIB Los CabosPresentación AMIB Los Cabos
Presentación AMIB Los CabosJuan Carlos Carrillo
 
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxResearch Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxaudeleypearl
 
Running Head 2Week #8 MidTerm Assignment .docx
Running Head 2Week #8 MidTerm Assignment .docxRunning Head 2Week #8 MidTerm Assignment .docx
Running Head 2Week #8 MidTerm Assignment .docxhealdkathaleen
 
Forensics
ForensicsForensics
ForensicsLaura Aviles
 
Computer ForensicsDiscussion 1Forensics Certifications Ple.docx
Computer ForensicsDiscussion 1Forensics Certifications Ple.docxComputer ForensicsDiscussion 1Forensics Certifications Ple.docx
Computer ForensicsDiscussion 1Forensics Certifications Ple.docxdonnajames55
 
Ijnsa050215
Ijnsa050215Ijnsa050215
Ijnsa050215IJNSA Journal
 
System Dynamics Based Insider Threats Modeling
System Dynamics Based Insider Threats ModelingSystem Dynamics Based Insider Threats Modeling
System Dynamics Based Insider Threats ModelingIJNSA Journal
 
You will submit a 1-2 page double spaced paper, plus references, des.docx
You will submit a 1-2 page double spaced paper, plus references, des.docxYou will submit a 1-2 page double spaced paper, plus references, des.docx
You will submit a 1-2 page double spaced paper, plus references, des.docxjustine1simpson78276
 
you will submit a 150-200 word reading summary -Reasons for the .docx
you will submit a 150-200 word reading summary -Reasons for the .docxyou will submit a 150-200 word reading summary -Reasons for the .docx
you will submit a 150-200 word reading summary -Reasons for the .docxjustine1simpson78276
 

More Related Content

Similar to APA Writing Sample Extortion on the JobValorie J. King, PhDApril .docx

CISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxCISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxmccormicknadine86
 
CISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxCISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxsleeperharwell
 
1.Security Overview And Patching
1.Security Overview And Patching1.Security Overview And Patching
1.Security Overview And Patchingphanleson
 
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docx
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docxRunning Head STATEMENT OF WORKSTATEMENT OF WORK .docx
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docxtoltonkendal
 
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESE-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESIJNSA Journal
 
Running Head SECURITY AWARENESSSecurity Awareness .docx
Running Head SECURITY AWARENESSSecurity Awareness .docxRunning Head SECURITY AWARENESSSecurity Awareness .docx
Running Head SECURITY AWARENESSSecurity Awareness .docxtoltonkendal
 
Grading Guide Lifespan Development and Personality PaperPSY1.docx
Grading Guide Lifespan Development and Personality PaperPSY1.docxGrading Guide Lifespan Development and Personality PaperPSY1.docx
Grading Guide Lifespan Development and Personality PaperPSY1.docxwhittemorelucilla
 
Replies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxReplies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxsodhi3
 
Running head CHALLENGES OF CYBER SECURITY9.docx
Running head CHALLENGES OF CYBER SECURITY9.docxRunning head CHALLENGES OF CYBER SECURITY9.docx
Running head CHALLENGES OF CYBER SECURITY9.docxsusanschei
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docxsaivarun91
 
Strengthening the Weakest Link - Reducing Risks from Social Engineering Attacks
Strengthening the Weakest Link - Reducing Risks from Social Engineering AttacksStrengthening the Weakest Link - Reducing Risks from Social Engineering Attacks
Strengthening the Weakest Link - Reducing Risks from Social Engineering AttacksFitCEO, Inc. (FCI)
 
OverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateOverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateKashif Ali
 
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxResearch Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxaudeleypearl
 
Running Head 2Week #8 MidTerm Assignment .docx
Running Head 2Week #8 MidTerm Assignment .docxRunning Head 2Week #8 MidTerm Assignment .docx
Running Head 2Week #8 MidTerm Assignment .docxhealdkathaleen
 
Computer ForensicsDiscussion 1Forensics Certifications Ple.docx
Computer ForensicsDiscussion 1Forensics Certifications Ple.docxComputer ForensicsDiscussion 1Forensics Certifications Ple.docx
Computer ForensicsDiscussion 1Forensics Certifications Ple.docxdonnajames55
 
System Dynamics Based Insider Threats Modeling
System Dynamics Based Insider Threats ModelingSystem Dynamics Based Insider Threats Modeling
System Dynamics Based Insider Threats ModelingIJNSA Journal
 

Similar to APA Writing Sample Extortion on the JobValorie J. King, PhDApril .docx (20)

CISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxCISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docx
 
CISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxCISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docx
 
1.Security Overview And Patching
1.Security Overview And Patching1.Security Overview And Patching
1.Security Overview And Patching
 
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docx
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docxRunning Head STATEMENT OF WORKSTATEMENT OF WORK .docx
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docx
 
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESE-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
 
Running Head SECURITY AWARENESSSecurity Awareness .docx
Running Head SECURITY AWARENESSSecurity Awareness .docxRunning Head SECURITY AWARENESSSecurity Awareness .docx
Running Head SECURITY AWARENESSSecurity Awareness .docx
 
Grading Guide Lifespan Development and Personality PaperPSY1.docx
Grading Guide Lifespan Development and Personality PaperPSY1.docxGrading Guide Lifespan Development and Personality PaperPSY1.docx
Grading Guide Lifespan Development and Personality PaperPSY1.docx
 
Replies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxReplies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docx
 
Running head CHALLENGES OF CYBER SECURITY9.docx
Running head CHALLENGES OF CYBER SECURITY9.docxRunning head CHALLENGES OF CYBER SECURITY9.docx
Running head CHALLENGES OF CYBER SECURITY9.docx
 
Gs Ch1
Gs Ch1Gs Ch1
Gs Ch1
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docx
 
Strengthening the Weakest Link - Reducing Risks from Social Engineering Attacks
Strengthening the Weakest Link - Reducing Risks from Social Engineering AttacksStrengthening the Weakest Link - Reducing Risks from Social Engineering Attacks
Strengthening the Weakest Link - Reducing Risks from Social Engineering Attacks
 
OverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateOverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrate
 
Presentación AMIB Los Cabos
Presentación AMIB Los CabosPresentación AMIB Los Cabos
Presentación AMIB Los Cabos
 
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxResearch Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
 
Running Head 2Week #8 MidTerm Assignment .docx
Running Head 2Week #8 MidTerm Assignment .docxRunning Head 2Week #8 MidTerm Assignment .docx
Running Head 2Week #8 MidTerm Assignment .docx
 
Forensics
ForensicsForensics
Forensics
 
Computer ForensicsDiscussion 1Forensics Certifications Ple.docx
Computer ForensicsDiscussion 1Forensics Certifications Ple.docxComputer ForensicsDiscussion 1Forensics Certifications Ple.docx
Computer ForensicsDiscussion 1Forensics Certifications Ple.docx
 
Ijnsa050215
Ijnsa050215Ijnsa050215
Ijnsa050215
 
System Dynamics Based Insider Threats Modeling
System Dynamics Based Insider Threats ModelingSystem Dynamics Based Insider Threats Modeling
System Dynamics Based Insider Threats Modeling
 

More from justine1simpson78276

You will submit a 1-2 page double spaced paper, plus references, des.docx
You will submit a 1-2 page double spaced paper, plus references, des.docxYou will submit a 1-2 page double spaced paper, plus references, des.docx
You will submit a 1-2 page double spaced paper, plus references, des.docxjustine1simpson78276
 
you will submit a 150-200 word reading summary -Reasons for the .docx
you will submit a 150-200 word reading summary -Reasons for the .docxyou will submit a 150-200 word reading summary -Reasons for the .docx
you will submit a 150-200 word reading summary -Reasons for the .docxjustine1simpson78276
 
You will submit a 1500 word fully-referenced critical essay .docx
You will submit a 1500 word fully-referenced critical essay .docxYou will submit a 1500 word fully-referenced critical essay .docx
You will submit a 1500 word fully-referenced critical essay .docxjustine1simpson78276
 
you will submit a 150-200 word reading summary The story of real.docx
you will submit a 150-200 word reading summary The story of real.docxyou will submit a 150-200 word reading summary The story of real.docx
you will submit a 150-200 word reading summary The story of real.docxjustine1simpson78276
 
You will select an enterprise-level risks that impact an organizatio.docx
You will select an enterprise-level risks that impact an organizatio.docxYou will select an enterprise-level risks that impact an organizatio.docx
You will select an enterprise-level risks that impact an organizatio.docxjustine1simpson78276
 
You will select a psychologist (Skinner or Freud ) and conduct a bri.docx
You will select a psychologist (Skinner or Freud ) and conduct a bri.docxYou will select a psychologist (Skinner or Freud ) and conduct a bri.docx
You will select a psychologist (Skinner or Freud ) and conduct a bri.docxjustine1simpson78276
 
You will select a hot button issue from current or relatively re.docx
You will select a hot button issue from current or relatively re.docxYou will select a hot button issue from current or relatively re.docx
You will select a hot button issue from current or relatively re.docxjustine1simpson78276
 
you will research resources available on the Internet for monitoring.docx
you will research resources available on the Internet for monitoring.docxyou will research resources available on the Internet for monitoring.docx
you will research resources available on the Internet for monitoring.docxjustine1simpson78276
 
You will review qualitative research.  The topic is up to you as lon.docx
You will review qualitative research.  The topic is up to you as lon.docxYou will review qualitative research.  The topic is up to you as lon.docx
You will review qualitative research.  The topic is up to you as lon.docxjustine1simpson78276
 
You will review quantitative research.  The topic is up to you as lo.docx
You will review quantitative research.  The topic is up to you as lo.docxYou will review quantitative research.  The topic is up to you as lo.docx
You will review quantitative research.  The topic is up to you as lo.docxjustine1simpson78276
 
You will research one womens movement that we have not discussed in.docx
You will research one womens movement that we have not discussed in.docxYou will research one womens movement that we have not discussed in.docx
You will research one womens movement that we have not discussed in.docxjustine1simpson78276
 
You will research a Native American or African communitys culture, .docx
You will research a Native American or African communitys culture, .docxYou will research a Native American or African communitys culture, .docx
You will research a Native American or African communitys culture, .docxjustine1simpson78276
 
You will receive 15 points extra credit (added to the homework p.docx
You will receive 15 points extra credit (added to the homework p.docxYou will receive 15 points extra credit (added to the homework p.docx
You will receive 15 points extra credit (added to the homework p.docxjustine1simpson78276
 
You will provide a short analysis of the interaction of group member.docx
You will provide a short analysis of the interaction of group member.docxYou will provide a short analysis of the interaction of group member.docx
You will provide a short analysis of the interaction of group member.docxjustine1simpson78276
 
You will produce and submit a Powerpoint  of screenshots related to .docx
You will produce and submit a Powerpoint  of screenshots related to .docxYou will produce and submit a Powerpoint  of screenshots related to .docx
You will produce and submit a Powerpoint  of screenshots related to .docxjustine1simpson78276
 
You will produce a clear and coherent writing that is well organized.docx
You will produce a clear and coherent writing that is well organized.docxYou will produce a clear and coherent writing that is well organized.docx
You will produce a clear and coherent writing that is well organized.docxjustine1simpson78276
 
You will present ADP and Paychex as the recommendations to the VP .docx
You will present ADP and Paychex as the recommendations to the VP .docxYou will present ADP and Paychex as the recommendations to the VP .docx
You will present ADP and Paychex as the recommendations to the VP .docxjustine1simpson78276
 
You will prepare and present a personality analysis of your choo.docx
You will prepare and present a personality analysis of your choo.docxYou will prepare and present a personality analysis of your choo.docx
You will prepare and present a personality analysis of your choo.docxjustine1simpson78276
 
you will prepare a PowerPoint presentation on the consumer infor.docx
you will prepare a PowerPoint presentation on the consumer infor.docxyou will prepare a PowerPoint presentation on the consumer infor.docx
you will prepare a PowerPoint presentation on the consumer infor.docxjustine1simpson78276
 
You will post a 250-word reply to 2 classmate’s threads. The reply r.docx
You will post a 250-word reply to 2 classmate’s threads. The reply r.docxYou will post a 250-word reply to 2 classmate’s threads. The reply r.docx
You will post a 250-word reply to 2 classmate’s threads. The reply r.docxjustine1simpson78276
 

More from justine1simpson78276 (20)

You will submit a 1-2 page double spaced paper, plus references, des.docx
You will submit a 1-2 page double spaced paper, plus references, des.docxYou will submit a 1-2 page double spaced paper, plus references, des.docx
You will submit a 1-2 page double spaced paper, plus references, des.docx
 
you will submit a 150-200 word reading summary -Reasons for the .docx
you will submit a 150-200 word reading summary -Reasons for the .docxyou will submit a 150-200 word reading summary -Reasons for the .docx
you will submit a 150-200 word reading summary -Reasons for the .docx
 
You will submit a 1500 word fully-referenced critical essay .docx
You will submit a 1500 word fully-referenced critical essay .docxYou will submit a 1500 word fully-referenced critical essay .docx
You will submit a 1500 word fully-referenced critical essay .docx
 
you will submit a 150-200 word reading summary The story of real.docx
you will submit a 150-200 word reading summary The story of real.docxyou will submit a 150-200 word reading summary The story of real.docx
you will submit a 150-200 word reading summary The story of real.docx
 
You will select an enterprise-level risks that impact an organizatio.docx
You will select an enterprise-level risks that impact an organizatio.docxYou will select an enterprise-level risks that impact an organizatio.docx
You will select an enterprise-level risks that impact an organizatio.docx
 
You will select a psychologist (Skinner or Freud ) and conduct a bri.docx
You will select a psychologist (Skinner or Freud ) and conduct a bri.docxYou will select a psychologist (Skinner or Freud ) and conduct a bri.docx
You will select a psychologist (Skinner or Freud ) and conduct a bri.docx
 
You will select a hot button issue from current or relatively re.docx
You will select a hot button issue from current or relatively re.docxYou will select a hot button issue from current or relatively re.docx
You will select a hot button issue from current or relatively re.docx
 
you will research resources available on the Internet for monitoring.docx
you will research resources available on the Internet for monitoring.docxyou will research resources available on the Internet for monitoring.docx
you will research resources available on the Internet for monitoring.docx
 
You will review qualitative research.  The topic is up to you as lon.docx
You will review qualitative research.  The topic is up to you as lon.docxYou will review qualitative research.  The topic is up to you as lon.docx
You will review qualitative research.  The topic is up to you as lon.docx
 
You will review quantitative research.  The topic is up to you as lo.docx
You will review quantitative research.  The topic is up to you as lo.docxYou will review quantitative research.  The topic is up to you as lo.docx
You will review quantitative research.  The topic is up to you as lo.docx
 
You will research one womens movement that we have not discussed in.docx
You will research one womens movement that we have not discussed in.docxYou will research one womens movement that we have not discussed in.docx
You will research one womens movement that we have not discussed in.docx
 
You will research a Native American or African communitys culture, .docx
You will research a Native American or African communitys culture, .docxYou will research a Native American or African communitys culture, .docx
You will research a Native American or African communitys culture, .docx
 
You will receive 15 points extra credit (added to the homework p.docx
You will receive 15 points extra credit (added to the homework p.docxYou will receive 15 points extra credit (added to the homework p.docx
You will receive 15 points extra credit (added to the homework p.docx
 
You will provide a short analysis of the interaction of group member.docx
You will provide a short analysis of the interaction of group member.docxYou will provide a short analysis of the interaction of group member.docx
You will provide a short analysis of the interaction of group member.docx
 
You will produce and submit a Powerpoint  of screenshots related to .docx
You will produce and submit a Powerpoint  of screenshots related to .docxYou will produce and submit a Powerpoint  of screenshots related to .docx
You will produce and submit a Powerpoint  of screenshots related to .docx
 
You will produce a clear and coherent writing that is well organized.docx
You will produce a clear and coherent writing that is well organized.docxYou will produce a clear and coherent writing that is well organized.docx
You will produce a clear and coherent writing that is well organized.docx
 
You will present ADP and Paychex as the recommendations to the VP .docx
You will present ADP and Paychex as the recommendations to the VP .docxYou will present ADP and Paychex as the recommendations to the VP .docx
You will present ADP and Paychex as the recommendations to the VP .docx
 
You will prepare and present a personality analysis of your choo.docx
You will prepare and present a personality analysis of your choo.docxYou will prepare and present a personality analysis of your choo.docx
You will prepare and present a personality analysis of your choo.docx
 
you will prepare a PowerPoint presentation on the consumer infor.docx
you will prepare a PowerPoint presentation on the consumer infor.docxyou will prepare a PowerPoint presentation on the consumer infor.docx
you will prepare a PowerPoint presentation on the consumer infor.docx
 
You will post a 250-word reply to 2 classmate’s threads. The reply r.docx
You will post a 250-word reply to 2 classmate’s threads. The reply r.docxYou will post a 250-word reply to 2 classmate’s threads. The reply r.docx
You will post a 250-word reply to 2 classmate’s threads. The reply r.docx
 

Recently uploaded

ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701bronxfugly43
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibitjbellavia9
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxPoojaSen20
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesCeline George
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxheathfieldcps1
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Association for Project Management
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxnegromaestrong
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and ModificationsMJDuyan
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptxMaritesTamaniVerdade
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...ZurliaSoop
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 

Recently uploaded (20)

ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 

APA Writing Sample Extortion on the JobValorie J. King, PhDApril .docx

  • 1. APA Writing Sample: Extortion on the JobValorie J. King, PhDApril 2, 2014 Running Head: APA WRITING SAMPLE 1 Running Head: APA WRITING SAMPLE 5 Introduction Writing as Anonymous (2003), the Chief Information Security Officer (CISO) of a major United States (US) corporation told a chilling tale of email based extortion attempts against employees who had received extortion threats via email sent to their corporate email addresses. The corporation, its managers, and the individual employees who were targeted faced a number of issues and dilemmas as they responded to security incident caused by the extortion attempts. In the following analysis, one issue–the enforcement of acceptable use policies–is discussed and critiqued.Analysis The Attack Drive by download attacks occur when a legitimate Web server has been infected with malware or malicious scripts which deliver malware, pornography, or other objectionable material along with the Web page content that the visitor was expecting to see (Microsoft, 2014; Niki, 2009). These types of attacks are difficult to detect and often result in the infection of large numbers of visitors before the infection is detected and removed from the Web site. In this attack, computers used by the affected employees (victims) were compromised by a drive by download attack (Microsoft, 2014) which resulted in the download of pornographic materials while they were browsing websites which, in turn, had been compromised (Anonymous, 2003). The attackers also obtained each visitor’s email address from the
  • 2. Web browser. Extortion emails were sent to victims demanding credit card payment of hush fees. The extortionists told the victims exactly where the contraband files were located on the computer hard drive and assured the victims that it was impossible to remove those files. Why the Problem Went Unreported Anonymous (2003) discovered that he was dealing with “paranoid users who don't trust security people” (p. 1). There are many possible reasons why employees turn into paranoid users who are unwilling to self-report for security incidents, even those which are accidental. Two such reasons are enforcement of zero tolerance for violations and perceptions of unfairness or a lack of justice. Zero tolerance. The previous CISO implemented a zero tolerance policy with respect to acceptable use policy (AUP) violations (Anonymous, 2003). Under this zero-tolerance policy, a number of employees were terminated (fired), without due process or hearings to establish guilt or innocence. When employees began receiving extortion emails and threats, they believed that their jobs could be placed at risk, regardless of their innocence or guilt with respect to downloading of pornography to company computers, if they reported the presence of pornographic files (pushed to the computer by the extortionists). Perceptions of fairness and justice. When employees feel that IT policy enforcement is unfair, the situation is usually accompanied by extreme and long-lasting negative feelings or emotions (Flint et al., 2005). The overall result (consequences) in this instance was an increase in unethical behavior as victims attempted to hide or cover-up the extortion attempts (lying) rather than asking their employer for assistance and protection from harm (Moor, 1999). This undesirable result is, in part, due to the employer’s failure to consider the consequences of the application of the zero tolerance policy.
  • 3. Incident Response The new CISO treated the extortion situation as a security incident rather than as an employee disciplinary problem (Anonymous, 2003). He and his IT Security Staff investigated the situation and learned that (a) the company’s employees regularly received such threats and (b) some of them had paid the extortionists rather than risk losing their jobs. The CISO directed the IT Security Staff to reconfigure firewalls and other network security appliances to block all further emails containing extortion keywords or from the known IP addresses for the extortionists. The CISO also met with IT staff members to determine what additional protective actions could be taken. Finally, the new CISO met with the IT staff and other selected employees to determine what actions needed to be taken to encourage employees to come forward (self-report) in the future and decrease the atmosphere of fear and distrust that he had inherited.Summary and Conclusions In this article, the author highlighted some of the problems that can arise when employers emphasize adherence to rules rather than seeking a balance between rules and outcomes (Anonymous, 2003). The company’s zero-tolerance enforcement of its acceptable use policy resulted in undesirable outcomes, particularly the creation of an atmosphere of fear and secretive behavior. This, in turn, resulted in employees being unwilling to report security incidents. To avoid this problem in the future, corporate management should review the potential negative consequences or outcomes of policy enforcement and address specific circumstances with compassion rather than hardline enforcement (Reynolds, 2007). References Anonymous. (2003, February 3). A sordid tale. Chief Security Officer. CSO Online. Retrieved from https://web.archive.org/ web/20031119054351/http://www.csoonline.com/read/020103/ undercover.html Flint, D., Hernandez-Marrero, P., & Wielemaker, M. (2005).
  • 4. The role of affect and cognition in the perception of outcome acceptability under different justice conditions. The Journal of American Academy of Business, 7(1), 269-277. Microsoft. (2014). Microsoft security intelligence report. Retrieved from http://www.microsoft.com/security/sir/glossary/drive-by- download-sites.aspx Moor, J. H. (1999). Just consequentialism and computing. Ethics and Information Technology, 1(1), 61-69. Niki, A. (2009, December). Drive-by download attacks: Effects and detection methods. Paper presented at the 3rd IT Student Conference for the Next Generation. Retrieved from http://www.kaspersky.com/fr/images/drive- by_download_attacks_effects_and_detection_methods.pdf Reynolds, G. W. (2007). Ethics in information technology (2nd ed.). Boston, MA: Thompson Course Technology. Case Study #1: Why should businesses invest in cybersecurity? Case Scenario: A client company has asked your cybersecurity consulting firm to provide it with a 2 to 3 page white paper which discusses the business need for investments in cybersecurity. The purpose of this white paper is to “fill in the gaps” in a business case that was already prepared by the company’s Chief Information Officer. The target audience for your paper is the company’s C- suite executives. These executives will be meeting later this month to discuss budget requests from department heads. The company has requested that your white paper use the same investment categories as are already in use for the CIO’s business case: people, processes, and technologies. Research: 1. Read / Review the Week 1 readings. 2. Find three or more additional sources which provide information about best practice recommendations for
  • 5. cybersecurity and other reasons why businesses should invest in people, processes, and technologies related to cybersecurity. These additional sources can include analyst reports (e.g. Gartner, Forrester, Price-Waterhouse, Booz-Allen) and/or news stories about recent attacks / threats, data breaches, cybercrime, cyber terrorism, etc. Write: Write a two to three-page summary of your research. At a minimum, your summary must include the following: 1. An introduction or overview of cybersecurity which provides definitions and addresses the business need for cybersecurity. This introduction should be suitable for an executive audience. 2. A separate section which addresses ethical considerations which drive the business need for investments in cybersecurity. 3. A review of best practices and recommendations which can be added to the existing business case to provide justification for cybersecurity-focused investments in the three investment categories identified by the company: people, processes, and technologies. Your white paper should use standard terms and definitions for cybersecurity. See Course Content > Cybersecurity Concepts Review for recommended resources. Submit For Grading & Discussion 1. Submit your case study in MS Word format (.docx or .doc file) using the Case Study #1 Assignment in your assignment folder. (Attach the file.) Formatting Instructions 1. Use standard APA formatting for the MS Word document that you submit to your assignment folder. Formatting requirements and examples are found under Course Resources > APA Resources. 2. More than 3 sources must be used
  • 6. Additional Information 1. You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs. These items are graded under Professionalism and constitute 20% of the assignment grade. 2. You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must comply with APA 6th edition Style requirements. Failure to credit your sources will result in penalties as provided for under the university’s Academic Integrity policy.