Critique Ethical Issues Regarding Information Technology

Week 5 Assignment
Student’s Name:
Institution Name:
Week 5 Assignment
Critique of Ethical Issues Regarding Information Technology
Information Technology (IT) acts as the backbone of the modern society. Important aspects of human and organizational existence are underpinned to the functional dynamics of IT. As such, it remains important to evaluate factors of ethical intensity that are associated with the prevalent and uncontrolled expansion of the IT sector. By narrowing down to the field of organizational management, it is evident that cyber security has become a surviving priority to most companies. Sophisticated installations of IT carry with them an equal risk of a security breach to vital company information. Including the US government’s Office of Personnel Management, the two insurance companies, Anthem and Premera, among other established organizations were principal victims of the black hat hacking community during 2015. As a means to understand better the drawbacks and relatable aspects of online security breaches, this study scrutinizes fully one of the distressed companies to determine better the downsides that are linked to the attack and the potential mechanisms to prevent future attacks.
Summary of Major Security Hacks during 2015
It is inevitable for companies to adequately prevent cyber threats with the online technology getting sophisticated by each passing day. However, this is not the main reason why the attacks occur. In an analytical study by Cerrudo (2015), some of the reasons why cyber-attacks include, but not limited to, lack of computer emergency response teams in some corporations within the public sector, inadequate security, and non-existent cyber-attack contingency plans.

While other reasons may be involved, the harsh reality is that major companies were hacked during 2015 leading to significant consequences. In a list compiled by Greene (2015), not even government agencies were spared by the immoral perpetrators of such activities. In Green’s record, the first company is Ashley Madison, an entity that deals with organizing dates for married people looking for other married people. A total of 37 million people were affected. Greene (2015) indicates that it resulted in total embarrassment for the clients leading to two possible suicides. The next company is the Office of Personnel Management where the data compromised affected approximately 22 million current and former federal employees. Anthem and Premera are the two hacking companies that discovered they were being hacked on the same day. In the case of Anthem, close to 80 million people were affected by the scam while in the situation of Premera, information pertaining 11 million clients was manipulated. Although Green’s list is long, the last entity described is the Internal Revenue Services (IRS) was breached. Greene (2015) indicates that 330 000 taxpayers’ records were used by the hacker’s to collect unauthorized refunds.
The IRS Cyber Attack
The incident chosen for further analysis is the attack on the IRS, which affected a substantial number of taxpayers. Initial reports compiled in 2015 as reviewed by Greene (2015) show that only 300 000 taxpayers’ accounts were affected during the hack. However, recent information indicates otherwise. A report compiled by McCoy (2016) from USA Today reveals that over 700 000 accounts were breached during the incident. During the attack, the information that was stolen included the social security numbers and other personal details of each taxpayer. The information was then used by the hackers to impersonate the real taxpayers, an act that saw them (hackers) collect millions of dollars in refunds. The scandal was unearthed by the Treasury Inspector General for Tax Administration after a review process that took nine months.
Reasons for Choosing IRS
IRS is a public entity with much disposal of public resources under its jurisdiction. As such, this makes it the best candidate for further analysis. Basic knowledge conceptualized by many a people revolves around the fact such government systems are heavily secured. When such incidents occur resulting in the loss of taxpayer’s money creates a negative ‘vibe.’ Of the list compiled above, the IRS incident might have the least number of victims, but the sensitivity of the department makes it a priority for most scholars. Aspects to analyze further include what the company is currently doing or has done to avert any future incidents.
Strategic Approaches Towards Effective Management of Cyber Breaches
As a way to make sure that incidences such as the IRS attack do not occur to any other national department, proper strategization is required by relevant stakeholders. The functional schematics of the information world makes it hard to prevent an attack effectively. As clearly explained by Kramer (2011), the significance of computers is to manipulate data, not to ensure its security. On the other hand, information channels are there to pass information, and not to determine its validity. As such, the only closer a company can go into beefing up its security is by having strong detection mechanisms. Cyber attackers are well financed, mainly from the money they accumulate through fraud and are getting sophisticated as technology improves. It means that with such enough time and resources in their hand, it cannot be hard to locate existing loopholes in a company’s information system.
In a brief, based on the comprehensive report compiled by EY (2014), Cyber Threat Intelligence (CTI) is the best way forward in handling the cyber security problem. According to EY (2011, p.4), “CTI is an advanced process that enables the organization to gather valuable insights based on the analysis of contextual and situational risks and can be tailored to the organization’s specific threat landscape, its industry and markets.” The advantage of this program as analyzed provides an organization with the capability to detect any breaches and initiate a faster response mechanism. Despite these strengths, EY (2014) indicates that it cannot predict future threats. CTI works through a sophisticated mechanism. The system enables proactive prevention, which points out who is likely to attack and the information they might be searching. The system allows Real-time monitoring and detection. When the two steps are combined, they can be conceptualized as security filtering. During an attack, CTI can initiate and incidence respond, which makes sure that vital information stays protected. From another perspective, Kramer (2011) advocates for the government allocating enough resources, training relevant parties and putting in place initiatives that cover against the consequences of a future attack.
IRS is a governmental agency dealing with sensitive public information. As such, much priority needs to be put into managing the aftermath of an attack and deduction of future security initiatives. After the attack happened in 2015, the best improvement made by the service department is adding enhanced system filters that can detect fraudulent accounts. While this is a temporary solution, more enhanced improvements are still on the way as indicated by the department. The newly installed system filters have been able to save IRS more than $7.2 billion that could have been lost through attacks similar in nature as the one orchestrated in 2015. Following a relatable incidence that saw a hospital in Los Angeles pay a ransom of close to $17000, the white house announced enhanced initiatives to develop cyber security. Online threats are advancing prevalently. Thus, the perfect way to ensuring security is by organizations staying informed of new developments.
The major provisions by the Whitehouse include implementing many initiatives with a budget estimate of $19 billion (JRG Advisors, 2016). The first step as outlined in the report is to form a commission enhancing national cyber security. The second factor is to update the government IT. With the constant modernization of state and federal IT systems, breaches such as the IRS incident can be minimized. Siding in what was proposed earlier by Kramer (2011), the report by JRG Advisors (2016) outlines government investment in training programs. Solving security issues in government organizations can be outsourced. However, as the largest employer, the government needs to nurture its human resource by training relevant IT personnel. The US government also intends to form a partnership with IT companies such as Google and online financial companies to monitor the movement of money. The last initiative to curb on identity theft is to reduce the overreliance on social security number as the main citizen identifier.
Best Practices for an IT supervisors
Both economically and socially, cyber-criminal activities have detrimental effects. Therefore, it is relevant for IT experts to make sure that sensitive company information is safeguarded by all means. Based on the IRS case, an IT expert needs to know the significance of staying updated. With cyber technology taking a different twist by each passing day, IT supervisors in charge of sensitive organization information need to remain modernized. Old systems stand no chance when tested by new powerful IT tools possessed cyber criminals. A strong internal policy is also required. As an IT supervisor, one should be able to make sure that the company policies are strictly adhered to. Unsuspected emails that act as most hacker’s entry portals need to be handled with extreme care. Key aspects such as passwords need to be handled by a few people. It makes it easy to investigate when an incidence happens. In addition to all these factors, an IT supervisor needs to know what to do when a situation arises. As an immediate strategy, IRS opted for system filters, which have been superb. However, filters are effective. They are equivalent to adding a big padlock to a glass door. As such, a supervisor should be able to use his or her expertise to identify the problem and solve it or outsource to the experts (Babin, Briggs & Nicholson, 2011). Despite the fact these recommendations are not all of what a supervisor needs to survive; they are the core principles to avoiding future catastrophic events.
In conclusion, cyber security is a key component of an organization’s operational initiatives in this modern era. Sophisticated technological skills in the hands of wrong people remain a nightmare to organizations. However, amidst all the threats, there lies a solution. The best way forward for organizations is to remain updated and following closely relatable principles of minimizing cyber breaches. After being a victim, IRS needs to be an eye opener to other governmental entities. Substantial resources are required into effectively combating with cyber-criminal activities.

References
Babin, R., Briggs, S., & Nicholson, B. (2011). Emerging markets corporate social responsibility and global IT outsourcing. http://proxy1.ncu.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=67134742&site=ehost-liveCerrudo, C. (2015). An emerging US (and world) threat: Cities wide open to cyber-attacks. Securing Smart Cities. http://www.ioactive.com/pdfs/IOActive_HackingCitiesPaper_CesarCerrudo.pdfEY. (2014). Cyber threat intelligence – how to get ahead of cybercrime. http://www.ey.com/Publication/vwLUAssets/EY-cyber-threat-intelligence-how-to-get-ahead-of-cybercrime/$FILE/EY-cyber-threat-intelligence-how-to-get-ahead-of-cybercrime.pdfGreene, T. (2015). Biggest data breaches of 2015. Network World. Retrieved from http://www.networkworld.com/article/3011103/security/biggest-data-breaches-of-2015.htmlJRG Advisors. (2016). White House Announces Cybersecurity National Action Plan. http://www.jrgadvisors.net/Module/Catalog/DocumentFileFile/default?id=458Kramer, F. D. (2011). Cyber Security: An Integrated Governmental Strategy for Progress. Georgetown Journal of International Affairs, 136-150.
McCoy, K. (2016). Cyber hack got access to over 700 000 IRS accounts. USA Today. Retrieved from http://www.usatoday.com/story/money/2016/02/26/cyber-hack-gained-access-more-than-700000-irs-accounts/80992822/