Final Project: CCS International – CSO Brief
and on (Brown, C., 2015).
According to the Identity Theft Resource Center, in 2014 there have been 342 breaches
losing over 9 million records (ITRC, 2014).
Business entities tool the lion’s share of incidents,
while the rest were more evenly distributed among education, government, healthcare, and
These breaches directly affect the confidentiality and integrity of a customer’s
data, while at the same time being far too available.
As a result, in 2008, 46 states had statutes
requiring for businesses that fail to encrypt data of their residents to notify those residents if the
data is disclosed to the wrong people (Gainer, 2008).
What this means is that each business must
take into account not only constitutional or federal laws, but also state laws which differ from
state to state.
Policy must be mentioned one last time.
Various court rulings have actually led to an
expectation of the courts for companies to have electronic employee data, thus putting it in the
best interest of the company to monitor their employees.
With the proliferation of malicious
software, the increase in corporate espionage, and the proven loss of productivity, it is obvious
that there is a case for the monitoring of employee communications.
What is legal, though?
With a well worded policy, almost everything is legal (Kidwell, R., & Sprague, R. 2009).
appeals court even allowed an employer to search an employee’s home computer for
pornography to prove the work use was not accidental (Yerby, J., 2013).
What we need from the CSO to best protect our organization
Our policies must be completed and reviewed.
CCS International must thoroughly
review its own network and systems.