Protecting Availability

The first protection I would implement is some data redundancy, such as RAID. I would make two copies of data, especially those critical for business operations, and store them in a secure location, on/off-site. These copies would be periodically updated to ensure the availability of even the most recent data. This could be beneficial in many scenarios, such as if data becomes corrupt or a natural disaster destroys the original copy. I would ensure that our company has a business continuity, disaster recovery plan, etc, to minimize downtime in all scenarios that can be accounted for. I would schedule all software and hardware updates to ensure timely patch management to reduce vulnerabilities. Vulnerabilities increase the likelihood of an attack, which can expose critical systems and bring business operations to a halt. I would implement and configure a security information and event management system to monitor and respond to common threats. It is not worth manually looking through the vast number of logs when systems can be configured specifically for your company to pick out suspicious ones. I would maximize network segmentation by department, or even further, to support data confidentiality and to make it harder for attackers to navigate the network. Also, I would implement frequent information security seminars for all employees since they are the weakest link to information security. 

Ethical Considerations of CRISPR Gene Editing

I believe that malicious code written into DNA will not pose a greater threat without further scientific advancements. Organick stated that there are many technical challenges still in the way, stopping injected malicious DNA from being sequenced and not being usable past that point (Coldewey, 2017). However, if solutions to these technical challenges arise, it would expand the field of bioterrorism, and our lack of understanding could lead to unprecedented consequences. Some possible consequences include new pathogens, susceptibility to new pathogens, mutations, questions of morality, and unforeseen impact on future generations. However, I consider the digitization of DNA by private companies a greater concern today. Having any form of personally identifiable information leaked is far less invasive than DNA, as most can be changed. Some ethical considerations regarding digitized DNA include genetic discrimination, its value to hackers, and countless possibilities for misuse. I do not think that companies should be allowed to store customer DNA even if it improves the accuracy of their testing. I would rather believe I am one percent less European than know that my digitized DNA is “securely” stored by a company. However, I believe that we should continue studying the alteration of DNA as it could potentially lead to medical breakthroughs on a scale never seen before.

Coldewey, D. (2024, May 4). Malicious code written into DNA infects the computer that reads it. TechCrunch. https://techcrunch.com/2017/08/09/malicious-code-written-into-dna-infects-the-computer-that-reads-it/Links to an external site.

Opportunities for Workplace Deviance

Firstly, it creates an opportunity for workplace deviance by giving easy access to sensitive information. Companies that use technology, especially computers, often entrust important data to employees for their work. Employees can breach this trust by stealing and selling data to competitors or cyber criminals. Computers also give them access to social media and countless other distractions from their work. This is harder to catch when employees work from home, on a personal network, and makes managers question the work ethic of their employees when identified. It is sometimes difficult to differentiate between when a worker is accessing media on a break or simply avoiding their work. Network administrators have many tasks, and monitoring employee traffic is a low priority. Typically, employees only access popular, trusted websites, which have little impact on network security if properly used. Cyber technology allows for remote jobs, which individuals can use to work multiple jobs simultaneously or neglect work because of minimal monitoring. Employers have no way to tell if someone is hired by others, which some remote workers abuse to earn multiple salaries. If the loss of productivity is apparent, it can damage a company’s reputation or security, depending on what they are accessing.