TransManuCo has asked for your help in dealing with securing their information while they remain within set regulations.
In order to do business efficiently and effectively the company uses eSign. However, they have concerns about the security of this especially with clients overseas.
According to the new Protecting Cyber Networks Act Sec. 103 "Permits private entities to monitor or operate defensive measures to prevent or mitigate cybersecurity threats or security vulnerabilities, or to identify the source of a threat, on: (1) their own information systems; and (2) with written authorization, the information systems of other private or government entities. Authorizes entities to conduct such activities on information that is stored on, processed by, or transiting such monitored systems." Since this is a new act just passed by congress, the CEO of TransManuCo wants to be sure what the ramifications are for his company. With the increase in cyber attacks especially on companies such as his, he wants to take aggressive action to protect his information.
The HR department of TransManuCo needs assistance in dealing with issues that have surfaced surrounding social media. Since much of the work the company does is sensitive and secret, they have considered using social media background checks. However, they are unsure of the legalities.
The CEO and his immediate management team have concerns that as the company has grown rapidly, access to passwords and administrative privileges are too widespread. They would like to implement the Critical Security Control Regulations to help them get control of access to their systems and decrease vulnerabilities.
They are also concerned about wireless access from company employees traveling on business, especially overseas, whose computers become infected through remote exploitation during air travel. They believe this provides backdoor access to the network when the employees return to the main office and reconnect to the network.
Analyze the episodes in this case including:
- A brief discussion of what the issue or threat is and how it could affect the company
- What cyber security laws or compliance standards are affected
- What actions the company should take to mitigate the issue or decrease the potential threat
Recently Asked Questions
- Identify and provide summaries of five flexible work arrangements that may be implemented in order to meet an organisation's needs
- Imagine a presidential election in which no polling data has been collected. In evaluating the results of the first poll, you have a: a.)weak prior belief.
- Please refer to the attachment to answer this question. This question was created from 300581809_investment_guidelines_8408658716308456.doc.