Cyber Crime and Cyber Security: A White Paper for Franchisors, Licensors, and Others
Source: Wolters Kluwer
There has been an ominous increase in cyber crime in tandem with web accessibility. The need for a security system to guard against the cyber criminals and the resultant harm caused to the company is the need of the hour. To begin with, regular and thorough penetration testing must be done to maintain its value. This paper uses a 'Chan Scale of Cyber In-Security' based on the potential harm for major liability that may be incurred from, inter alia, individual litigation, regulatory investigation, and fraud. It is therefore advisable to have policies in place with respect to data protection, data retention, data destruction, privacy, and disclaimers to customers. IT systems are also vulnerable to a variety of disruptions from natural disasters, human error. Consequences such as regulatory agency investigations and class-action litigation may be expensive. Effective crisis planning and crisis management processes must be developed to enable businesses to continue operating. Security Information Management Systems (SIM), if configured properly, can be useful in collecting and correlating security data (system logs, firewall logs, anti-virus logs, user profiles, physical access logs) to help identify internal threats and external threats. Automated controls can be put in place for cyber access to ensure that user privileges are appropriate to their particular job function or process role. Communicating the importance of information security and promoting safe computing are key in securing a company against cyber crime.