This Week’s Discussion:

1. Describe four ethical issues that arise when storing electronic information about individuals.

2. Compare cybersecurity risks in the U.S. and another country.

When having a career in the cybersecurity field it is extremely important to be aware of ethical issues and how to avoid causing them when dealing with the privacy of businesses, the government, or people generally. Since many internet users will majorly need their data and personal information stored, it is vital for the cyber specialist to ensure it is being done properly and securely. With the information I learned this week, I was able to understand a few problems that could occur within the ethics aspect of storing someone’s personal data. One problem that could arise would be the security implemented when storing the data. A company must insure they have measures in place when assessing the risk that comes with the level of importance of their customer or users’ data, in the event where an attack or hack did happen on their device or company servers/networks. A layered security plan for the information could later save the company money and time when trying to get the valuable information back as well as avoid legal fees. Another problem that could occur is that sometimes too much security could be a factor of an ethical issue. In the event of unintentionally, or intentionally using the private information in a way that it was not intended to be used, shared, or stored with. For example, too much activity monitoring, could potentially lead to thoughts of how much information viewed is actually used for cybersecurity purposes. Thirdly, presenting outdated information is another issue that could arise when storing electronic private data. If a user asks for something regarding the data, the wrong information could be given out and create more problems, if the systems aren’t regularly updated and maintained. Finally, the most common ethical issue that occurs is security breaches. The security breaches normally occur when the user’s preferred company/device that stored their information don’t have the proper privacy protocols or measures in place to defend against hacker’s and malicious attacks. The company should have their employees undergo trainings to help detect malicious attempts of hacking, like phishing emails, as well as software installed like firewalls, multi-user authentication, and keeping detailed records of the systems used and data on each system while being regulated and updated. Some cybersecurity risks in the US is the evolvement of hackers, which means that the attacks damages costs more, the hackers are becoming more skilled, and the rate of completed attacks and hacks is gradually increasing. Exploitation is also a common risk that’s occurring in the US. Lastly, many of the growing AI systems and spyware creations, have recently been having a number of vulnerabilities arising. When compared to the US, Portugal has a few of the same risks as the US but their leading issue is mostly social engineering attacks. Like the US, ransomware attacks and phishing play an important role in the evolution of the hackers creating increased risk. However, in Portugal the attacks mostly affect banking, education, technology and health. Portugal is also having a hard time with training and educating people to take the proper measures when the attacks are becoming more complex and impactful. Their government itself will have to maintain constant training and monitoring of their systems for vulnerabilities, and possible attempts from hackers.