2.1 Other things to think about
If balancing the CIA triad wasn’t difficult enough, when sharing information, an organisation needs to be aware of the various laws, regulatory frameworks and codes of practice under which they operate. In the worst case, failure to comply with these can lead to disciplinary and/or legal action against board members. In such situations, directors and managers are duty bound to be cautious and vigilant.
But then again, the rewards of the e-business age can be immense and the creation of value is a big driver: as we have seen, information has become a powerful source of shareholder value, and may contribute massively to its ability to meet its mission. As organisations become more and more dependent on their information systems, pressure is increasing to get it right.
Activity 5: What can happen when it goes wrong?
Read the web page ‘The 15 worst data security breaches of the 21st Century [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)] ’ (Armerding, 2012) and estimate the number of people affected by these data security breaches.
If the world population is approximately eight billion people, what is the likelihood of an individual being affected by one of the top 15 information security breaches?
Ignoring those who were affected twice or more, we calculated that almost 453 million people were affected by the top 15 breaches. Adding together the figures in the article, we calculated that almost half a billion people were affected by the top 15 breaches. Given that there are 8 billion people, that’s 1 in 16. You might like to check whether your details have been released by visiting have i been pwned? (Hunt, 2016).