Free-write #1:
There are multiple elements needed to start a business. When combined, you can accomplish goals for the organization and stay consistent with human resources and finance or accounting, marketing, and sales. Customer service is also important, as is information technology. All of these elements play a certain role and contribute to the overall success and stability of the organization. The lead element in the blueprint of a business is management, and it’s in charge of making decisions, strategizing, and directing resources. Human resources is in charge of hiring, employee training and relations, and guaranteeing compliance with labor laws. Accounting and finance is in charge of financial strategizing, payroll, overseeing budgeting, and keeping an eye on the company’s profit.
Marketing and sales are in charge of advertising and selling products. They’ll do anything to reel in customers and produce revenue. Operations is in charge of managing the production of goods or services and ensuring effectiveness and quality. Customer service is responsible for answering customers’ questions, which can create positive relationships that benefit the brand. IT fits in an organization as a maintenance and calculation department that powers nearly every other element to operate properly. The roles and responsibilities within IT are network administration, system administration, technical support staff, database administration, and software developers. Their responsibilities are overseeing the maintenance of the network infrastructure, managing servers and operating systems, overseeing the data of the organization, and lastly creating and maintaining business applications. IT itself should be carried out in a sophisticated manner that upholds the needs of the business. Some common structures within an IT organization are infrastructure, cybersecurity, development, and support teams.
Free-write #2:
The CIA Triad is an institutional model for information security that’s composed of 3 key concepts. Those concepts are confidentiality, integrity, and availability. Confidentiality is a group of rules that puts restrictions on information, integrity is all about consistency and making sure that the information is reliable and precise, and availability is about ensuring that information will always be ready to be accessed by those with authorization. This model is used by organizations to guide them in protecting their data and systems. The differences between authentication and authorization are that authentication “gives a user the ability to enter a system” (emccu007), and it comes in several forms. Authorization “is the process of giving a user permission to access a physical location or information-based resource (Authentication vs Authorization: Key Differences | Fortinet).” It’ll guarantee that only users with permission will have access to the assets they’d like to see, to the extent granted by the system. An example would be someone entering their username and password to check their bank account, and the system verifies their qualifications before granting authorization. Another would be an employee of an organization being able to view your data after you’ve logged in, but not being allowed to erase anything. This status deliberates authorization protocols applied after authentication. In conclusion, the CIA triad is very important because the 3 principles within it help dictate the development of security protocols for companies.
“Authentication vs Authorization: Key Differences | Fortinet.” Fortinet, 2025, www.fortinet.com/resources/cyberglossary/authentication-vs-authorization? Accessed 22 Feb. 2026.
emccu007. “CIA Triad – What Is Authentication vs. Authorization? | Elysium McCullough.” Odu.edu, 4 Feb. 2024, sites.wp.odu.edu/elysium-mccullough/2024/02/04/cia-triad-what-is-authentication-vs-authorization/.
Free-write #3:
The advantages of DNA digitization exist. Upgrades in personalized medicine, early disease discovery, and even unraveling cold cases can notably improve lives. However, I don’t think those advantages fully overshadow the prolonged security threats, especially when it comes to direct-to-consumer DNA testing. Unlike a password or a credit card, DNA can’t be reset. If compromised, it not only leaks identity but also important health predispositions and familial connections. That makes the danger uniquely endless and far-reaching, especially if organizations fail to preserve strong security protocols.
The worry about corporate and employment use is even more unsettling. If employers were able to gain authorization to genetic data, it could easily lead to genetic discrimination. This would cause employers to focus mainly on candidates with attractive traits and ignore those with possible health risks. Even if laws tried to avoid this, unauthorized access or abuse of DNA databases could still happen. This produces a slippery slope where privacy is destroyed, and individuals are judged on factors they couldn’t possibly control. It shifts hiring from skills and qualifications to biological profiling, which is highly unethical and could become a major problem in the long run.
The thought of “hacking humans” becomes more severe when biological data is involved. Customarily, human error, such as phishing or weak passwords, tends to be the weakest link. However, with DNA, the “human factor” becomes permanently exploitable. If someone’s genetic data is stolen, it could be utilized for identity fraud, blackmail, or even potential bio-targeted attacks in the future. This means that security protocols must go beyond protecting systems to protecting people at the biological level, focusing on harsher regulation, encryption, and limitations on how DNA data is collected, stored, and shared.
Discussion board post #1: Cybersecurity and privacy best practices are not just technical issues, because all organizations have unique requirements. “It really comes down to a business decision, more than a technical decision. ” Everyone has protocols or methods that work best for them because they are properly fitted for their unique needs. The size of the organization also plays a big factor in this; resource constraints are different amongst other organizations, so that’s also another reason why privacy frameworks end up being different than others. A real-world scenario where people or processes played a role in improving or weakening security would be companies like Apple or Google making their employees use security keys, which eviscerated successful phishing attacks.
Discussion board post #2:
This week’s Perusall reading says that it’s important to understand AI tools for jobs in the future because AI is shifting from a limited technology feature into a globalized tool for a workplace. John McCarthy introduced the early version, and it symbolized building machines that are able to carry out sophisticated tasks, data analysis, and decision-making. The reading emphasized that professionals that are able to successfully use AI tools will be better off in this highly competitive job market.
Data management responsibilities include security, data governance, and privacy protection. These AI systems require large amounts of data, and it’s up to these companies to make sure that the data is precise. If the data isn’t precise, then it can lead to bias or even transition to legal infractions. The compliance requisites are starting to become more and more harsh because these laws are built to look out for consumer data and guarantee transparency in instant decision-making. As companies merge AI into operations, data management professionals play an important role in sustaining trust and guaranteeing managerial adherence and upgrading the trustworthiness of AI-driven insights.
In my opinion, the integration of AI changes where AI “fits” within the broader structure of a modern organization. IT isn’t just a support system liable for sustaining infrastructure. Instead, IT transitions into a well-calculated ally that propels innovation, upholds business decision-making, and works with other people across sections. AI boosts the influence IT has, because AI systems depend on technical proficiency and cybersecurity supervision in order for IT to achieve success for a company.
Discussion board post #3: If I were the CISO for a publicly traded company, the protections I’d implement to ensure the availability of my systems would be a heavily enforced security operation and have it running 24/7, along with a disaster recovery operation station. I chose those two out of all of the types of protection for publicly traded companies because having 24/7 security operations would help pinpoint small issues early and prevent them from becoming worse/leading to an outage. A disaster recovery operation station would enforce backup sites and frequent disaster recovery experiments. This would guarantee quick repair of performance after ransomware attacks or natural disasters.