Discuss the following topics:
Conduct some research and find an organization that has been recently (in the past ten years) pressured by societal or political forces to address information security in ways they may not have otherwise.
Do you agree with the societal or political forces? Why or why not? Support your assertions with credible sources.
Addressing Information Security: A Case of Citibank
Having a robust information security system often grants organizations a competitive edge when it comes to attracting more consumers or clients than their rivals. Customers or the public often lose confidence in organizations when security systems of the firms are compromised by hackers (Tariq, 2018). Citibank happens to be among the financial institutions that is on record for witnessing intense criticism from the public and political forces following the breach of their information systems.
In 2011, Citibank’s network was breached by hackers, who managed to access data of approximately 200, 000 holders of credit card in North America. This event led to the company facing a backlash from lawyers and lawmakers (Reuters, 2018). In my view, the criticism directed towards Citibank by the political forces was in order. Bansah (2018) argues that compromised information systems in financial institutions often results into a significant reduction of the client base. Moreover, successful cyber-attacks on financial organization can result into tremendous financial losses that can adversely affect economic growth, businesses, investors, and families. As such, when it comes to addressing information security, financial organizations should demonstrate their dedication towards attaining the highest security level, and always being up-to-date with the newest technology or techniques (Gonzalez et al., 2013). Security incidents and data breaches in banks call for rapid response aimed at mitigating the impact of such events on these institutions and demonstrating due care. In relation to this, Tariq (2018) and Martins et al. (2014) assert that financial institutions should strengthen their event response teams, while ensuring that appropriate encryption is employed with all data.
Organizational staff should also be frequently trained to enable them acquire and sustain their disaster response and business continuity management capabilities (Jingguo-Wang et al., 2015). Such an undertaking will ensure that employees are updated on the emerging security concerns and trends.
Bansah, E. A. (2018). The threats of using computerized accounting information systems in the banking industry. Accounting and Management Information Systems, 17(3), 440-461.
Gonzalez, R., Llopis, J., & Gasco, J. (2013). Information technology outsourcing in financial services. Service Industries Journal, 33(9–10), 909–924.
Jingguo-Wang, Gupta, M., & Rao, H. R. (2015). Insider Threats in a Financial Institution: Analysis of Attack-Proneness of Information Systems Applications. MIS Quarterly, 39(1), 91-A7.
Martins, C., Oliveira, T., & Popovič, A. (2014). Understanding the Internet banking adoption: A unified theory of acceptance and use of technology and perceived risk application. International Journal of Information Management, 34(1), 1-13.
Reuters. (2018). Regulators Pressure Banks after Citi Data Breach. Retrieved December 16, 2018 from: https://www.reuters.com/article/us-citi/regulators-pressure-banks-after-citi-data-breach-idUSTRE7580TM20110609?sp=true
Tariq, N. (2018). Impact of Cyberattacks on Financial Institutions. Journal of Internet Banking and Commerce, 23(2), 1-11.