Security Recovery Plan Policy
Write a paper focused on the ethical implications of the cybersecurity policy. What are the ethical implications that arise from the cybersecurity policy/strategy you have selected? This should be a two-page paper describing the ethical issues that arise when considering the cybersecurity policy/strategy you have selected. Attention should be given to the costs and benefits of the policy/strategy, the types of rights that are protected and potentially limited with the policy/strategy, and whether the policy/strategy appropriately addresses individuals’ rights. The paper must include at least three scholarly journal articles that support the discussion. PLEASE HAVE 3 SCHOLARLY JOURNAL ARTICLES. I have also attached the paper writer 148234 has done on security recovery plan..
Security Recovery Plan Policy
Security recovery policy plan is designed to limit disruption of the information technology and maintenance of information technology operations (Christen, Gordijn, and Loi, 2020). The security recovery police plan is generally designed to stop, learn, and assist security, management deal with an incident. Security recovery plan policy is an essential policy, especially in “protecting forward”, which prevents future losses. Mostly a security recovery policy plan is developed and implemented together with a disaster recovery plan (Gourisetti, et, al.,2020). The paper is a discussion of the security recovery policy plan and its ethical implications.
The security recovery policy plan faces several ethical implications for stance those concerning transparency and resource disclosure. Other issues include the harm of privacy, such as identity threat, corporate misconduct, and espionage. Cybersecurity resource allocation is a widespread ethical implication in security recovery policy, especially concerning the policy’s cost and benefits. Resources in security recovery policy include money, time, and security expertise (Christen, Gordijn, and Loi, 2020). Most of the time, planning a security recovery is expensive compared to the benefits because the organization is not yet aware of future security threats and their impacts. However, the organization should estimate and measure the total cost of ownership relative to the cost of a security disaster. Also, having inadequate resources for security recovery is an unethical implication for a security recovery policy plan (Gourisetti, et, al.,2020). For instance, the lack of a security incident plan for every threat or anticipated incident or worst-case incidental.
On the other hand, payment of a ransom to attackers to limit and recover lost data is another ethical implication that is considered unethical. Payment of ransom ethical issue may put the organization into ransomware vulnerability. The government and politicians play an important role when it comes to insufficient and lack of resources, through lack of a strong resource foundation, corruption, and poor governance Payment of ransom may affect the reputation and network users in the organizations (Christen, Gordijn, and Loi, 2020). The security team should follow and adhere to the ethics codes and standards of behaviours according to data processing, management association, the association for computing machinery, and the institute for computer professionals’ certificates. During the forward approach, the system may go through a structural, catastrophic and logical failure. For example, during the recovery process, the system may fail to restore data (Gourisetti, et, al.,2020).
The security recovery plan policy faces several ethical implications based on employees’ rights, for example, the right to privacy and confidentiality (Christen, Gordijn, and Loi, 2020). The security recovery policy should minimize any possibility of privacy invasion, especially when using the staff’s employees’ information. The security recovery plan policy must add various controls, such as physical safety controls, password, monitoring controls, database integrity and data validation techniques (Timmers, 2019). The security recovery plan maintains the individual’s rights through the use of monitoring skills that limit the intrusion of the user’s privacy. The security policy limits any unjustifiable unethical intrusion, such as reading users emails, tracking user’s website visits, and physical location.
On the other hand, users are aware of the ongoing security monitoring activities, such as monitoring users network activities, to discuss and adhere to the user’s privacy rights and requirements (Christen, Gordijn, and Loi, 2020). The security recover policy balances security and other values, such as commitments, transparency, and sincerity. Also, the security recovery policy should justify resource allocation and be able to fulfil security promises to its stakeholders, users, and employees.
Christen, M., Gordijn, B., & Loi, M. (2020). The Ethics of Cybersecurity (p. 384). Springer Nature.
Gourisetti, S. N. G., Reeve, H., Rotondo, J. A., & Richards, G. T. (2020). Facility Cybersecurity Framework Best Practices (No. PNNL-30291). Pacific Northwest National Lab. (PNNL), Richland, WA (United States).
Timmers, P. (2019). Ethics of AI and cybersecurity when sovereignty is at stake. Minds and Machines, 29(4), 635-645.