Enhancing Cybersecurity Awareness in Organizations
VerifiedAdded on 2020/05/28
|15
|4990
|144
AI Summary
In recent years, cybersecurity has become a paramount concern for organizations worldwide due to the increasing frequency of cyberattacks and data breaches. This paper explores the significance of enhancing cybersecurity awareness within companies as a fundamental step in safeguarding sensitive information. By analyzing various training methods, this study identifies best practices that effectively mitigate security risks posed by human error. The research underscores common vulnerabilities exploited by attackers, emphasizing the need for comprehensive training programs tailored to address these threats. Additionally, recommendations are provided to fortify organizational defenses through continuous employee education and engagement. Ultimately, fostering a culture of cybersecurity awareness is crucial for organizations striving to protect their data assets in an ever-evolving threat landscape.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: BUSINESS ETHICS
BUSINESS ETHICS
Name of the Student:
Name of the University
Author Note:
BUSINESS ETHICS
Name of the Student:
Name of the University
Author Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1BUSINESS ETHICS
Executive summary
The purpose of the report is to emphasis on ethical issue which took place in Deloitte, one of
the biggest accountant firm of the world. The recent media report published in The Guardian
about ethical issues in the organization has created concern in the minds of the Board of
Directors regarding the ethical issue that took place recently in the company. The company
has taken a defensive measure to keep the news buried. It concludes with recommendation
that the company needs to take initiatives to mitigate the problem.
Executive summary
The purpose of the report is to emphasis on ethical issue which took place in Deloitte, one of
the biggest accountant firm of the world. The recent media report published in The Guardian
about ethical issues in the organization has created concern in the minds of the Board of
Directors regarding the ethical issue that took place recently in the company. The company
has taken a defensive measure to keep the news buried. It concludes with recommendation
that the company needs to take initiatives to mitigate the problem.
2BUSINESS ETHICS
Table of Contents
Introduction:...............................................................................................................................1
Overview of the article:..........................................................................................................2
Theoretical concepts:.............................................................................................................4
Role of the society:.................................................................................................................5
The factors leading to poor decision making:........................................................................6
Impact on the stakeholders:....................................................................................................7
Recommendation:......................................................................................................................8
Conclusion:................................................................................................................................9
References:...............................................................................................................................10
Table of Contents
Introduction:...............................................................................................................................1
Overview of the article:..........................................................................................................2
Theoretical concepts:.............................................................................................................4
Role of the society:.................................................................................................................5
The factors leading to poor decision making:........................................................................6
Impact on the stakeholders:....................................................................................................7
Recommendation:......................................................................................................................8
Conclusion:................................................................................................................................9
References:...............................................................................................................................10
3BUSINESS ETHICS
Nick Hopkins, 2017, Deloitte hit by cyber-attack revealing clients’ secret emails, <
https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-cyber-attack-revealing-
clients-secret-emails> ( 25 September 2017).
Introduction:
The report analyses the ethical issues that often take place in the organization.
According to the recent media reports, the ethical issues in an organization can affect the
operation of the company in many ways. The company may be a small firm with little
resources and employees but in case any unethical incident occurs, that ends the way of
success. In case these immoral events happen in a large and well reputed firm, the situation
becomes more server and leads to involvement of law. Therefore, it has become necessary for
the organizational authorities to be well conversed with the daily incidents that are taking
place in the organizations including all the slightest issues regarding employee behaviour,
working condition of the organization, relationship with the suppliers or customers and
recruitment process (Theguardian.com 2018). The organizations face issues like claims of
harassment or discrimination among the employees and only the managers can groom the
blamed employees for a promotion to solve such problems. These are all examples of ethical
issues regarding employee behaviour. The report discusses the ethical breach that took place
in a renowned organization, Deloitte where a major issue of cyber theft had taken place
which affected the employees as well as all the stakeholders. The report discusses all the
relevant business ethics theories that help the authorities to make important decisions to solve
such problem as well as preventive measures for future security. The report concludes with
the recommendation on which the authority must have focused in order to solve this issue
permanently.
Overview of the article:
The article has revealed the ethical issue of cyber hacking that occurred in one of the
country’s biggest accountancy firms. The firm was the victim of a highly sophisticated cyber
security attack that compromised the security of customers worldwide. Deloitte, the
accountancy firm with its headquarters in New York, US is registered in London and has
clients all over the world. The firm provides, tax, accountancy, auditory and cyber security
related advice to its customers. However, its own security system came under attack last year.
To add to that, the attack was noticed by the company months after it took place, as per the
news report. The report also states that the hackers, who breached into Deloitte’s security,
had minimum difficulty hacking its security since the account required a single verification.
Nick Hopkins, 2017, Deloitte hit by cyber-attack revealing clients’ secret emails, <
https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-cyber-attack-revealing-
clients-secret-emails> ( 25 September 2017).
Introduction:
The report analyses the ethical issues that often take place in the organization.
According to the recent media reports, the ethical issues in an organization can affect the
operation of the company in many ways. The company may be a small firm with little
resources and employees but in case any unethical incident occurs, that ends the way of
success. In case these immoral events happen in a large and well reputed firm, the situation
becomes more server and leads to involvement of law. Therefore, it has become necessary for
the organizational authorities to be well conversed with the daily incidents that are taking
place in the organizations including all the slightest issues regarding employee behaviour,
working condition of the organization, relationship with the suppliers or customers and
recruitment process (Theguardian.com 2018). The organizations face issues like claims of
harassment or discrimination among the employees and only the managers can groom the
blamed employees for a promotion to solve such problems. These are all examples of ethical
issues regarding employee behaviour. The report discusses the ethical breach that took place
in a renowned organization, Deloitte where a major issue of cyber theft had taken place
which affected the employees as well as all the stakeholders. The report discusses all the
relevant business ethics theories that help the authorities to make important decisions to solve
such problem as well as preventive measures for future security. The report concludes with
the recommendation on which the authority must have focused in order to solve this issue
permanently.
Overview of the article:
The article has revealed the ethical issue of cyber hacking that occurred in one of the
country’s biggest accountancy firms. The firm was the victim of a highly sophisticated cyber
security attack that compromised the security of customers worldwide. Deloitte, the
accountancy firm with its headquarters in New York, US is registered in London and has
clients all over the world. The firm provides, tax, accountancy, auditory and cyber security
related advice to its customers. However, its own security system came under attack last year.
To add to that, the attack was noticed by the company months after it took place, as per the
news report. The report also states that the hackers, who breached into Deloitte’s security,
had minimum difficulty hacking its security since the account required a single verification.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4BUSINESS ETHICS
They were able to hack the company’s global email server from its administrator account that
reveals the level to which the company ignored security issues. Further, the news report also
reveals that the firm had suspected a possible cyber-attack in April of 2017 when it hired
Hogan Lovells, a law firm based in US to check on the issue. The management termed it as a
minor cyber security issue and failed to realize its severity.
The company broke many codes of ethics as evident from the news published in the
leading daily. When further asked by reporters as to what extent the secret information of
customers been breached, the company was adamant to state that the damage was negligible.
According to the sources, around five million emails that were stored on the firm’s cloud
storage had been hacked. However, the firm countered the allegations stating that only a
fraction of the emails was breached and that the majority of emails have not been accessed by
the hackers. Here, the firm staked another ethical concern when it refused to confess and
come out openly about the actual figure of emails breached. This led to further escalation of
tension in the customers who had their trust invested in the company.
Another ethical issue that was exposed from the reading of the report was the absence
of any evidence to back the company’s claims. It has been mentioned in the report that
Deloitte carried out an extensive review of the attack and that it had contacted some of its
clients and informed the regulators and government authorities. However, it refused to
mention which government authorities or regulators it informed, claimed the news report.
The report further revealed that the US-based company had other issues of security
breach in the early part of 2017 that was detected by Equifax, a credit monitoring company.
The breach at Deloitte put at stake, around, 400,000 UK citizens’ information. This was
revealed by Equifax in July last year but the stakeholders came to know about it months after
the attack. Business ethics asks firms to be honest and transparent with its stakeholders. The
company failed to adhere to its promises made to the customers and other stakeholders. This
security breach and the later negligence and denial of the company went completely against
business ethics.
Type of misconduct:
According to the researchers, the incident that took place in the company was purely
an example of criminality where the hackers had gained personal benefits by hacking the
details of the accounts. These are the black hat hackers who got access to the computers with
limited security and stole data thus damaged the reputation of the company as well as its
They were able to hack the company’s global email server from its administrator account that
reveals the level to which the company ignored security issues. Further, the news report also
reveals that the firm had suspected a possible cyber-attack in April of 2017 when it hired
Hogan Lovells, a law firm based in US to check on the issue. The management termed it as a
minor cyber security issue and failed to realize its severity.
The company broke many codes of ethics as evident from the news published in the
leading daily. When further asked by reporters as to what extent the secret information of
customers been breached, the company was adamant to state that the damage was negligible.
According to the sources, around five million emails that were stored on the firm’s cloud
storage had been hacked. However, the firm countered the allegations stating that only a
fraction of the emails was breached and that the majority of emails have not been accessed by
the hackers. Here, the firm staked another ethical concern when it refused to confess and
come out openly about the actual figure of emails breached. This led to further escalation of
tension in the customers who had their trust invested in the company.
Another ethical issue that was exposed from the reading of the report was the absence
of any evidence to back the company’s claims. It has been mentioned in the report that
Deloitte carried out an extensive review of the attack and that it had contacted some of its
clients and informed the regulators and government authorities. However, it refused to
mention which government authorities or regulators it informed, claimed the news report.
The report further revealed that the US-based company had other issues of security
breach in the early part of 2017 that was detected by Equifax, a credit monitoring company.
The breach at Deloitte put at stake, around, 400,000 UK citizens’ information. This was
revealed by Equifax in July last year but the stakeholders came to know about it months after
the attack. Business ethics asks firms to be honest and transparent with its stakeholders. The
company failed to adhere to its promises made to the customers and other stakeholders. This
security breach and the later negligence and denial of the company went completely against
business ethics.
Type of misconduct:
According to the researchers, the incident that took place in the company was purely
an example of criminality where the hackers had gained personal benefits by hacking the
details of the accounts. These are the black hat hackers who got access to the computers with
limited security and stole data thus damaged the reputation of the company as well as its
5BUSINESS ETHICS
property. The hackers basically got access through the company’s network infrastructure. It
was easy for them as most of the company’s network could be reached from any part of the
world via internet (Effelsberg, Solga & Gurt 2014, pp.90). They accessed the secured data by
Installing a network analyser on the network and captured every packet which travelled
across it. Thus, they revealed all the confidential information of the accounts clearly. Deloitte
has their own Cyber Intelligence Centre that provide their clients the services such as round-
the-clock business focusing on operational security but the hackers also hacked the operating
system by attacking the default authentication system.
The company has ranked the highest as the best cyber security consultant in the
world. The monitor as well as assess all the thefts particularly to the organization which
enables the organization to act swiftly mitigate the risks along with strengthen the cyber
resilience. The professionals of the company were able to realise the relevant threats and
determine the risks of the business and its stakeholders. The data that had been stolen include
names, email addresses, date of birth, telephone numbers and other details but the company
authority did not disclose that these include postal addresses and pass words of financial
information.
Despite all these strong and efficient management and security, the hackers were able
to steal all the personal and confidential information as well as failed to continually reviewing
for enhancing security. Moreover, the organization has completely failed to recognise the
damage and did not reveal this news to their stakeholders so that they do not face any rage as
it might reveal Deloitte’s inability to efficiently serve their clients and 500 millions of US and
international consumers (Rosati et al. 2017, p.149). The research has disclosed the fact that
more than 40 hundred thousand people in the UK had their personal information hacked and
the company was not bothered but defending their stand. Including these incidents, the
further investigation by the US credit monitoring agency, Equifax has exposed that this cyber
security breach had been taken place once again few months ago which was buried by the
authority unethically. This time also, the company announced the incident long after it took
place.
Theoretical concepts:
The business leaders make ethically substantial decisions every single day in their
respective organizations so that any improper incident do not take place. It is their
responsibility to keep a healthy workplace culture based on the gender equality, unbiased
property. The hackers basically got access through the company’s network infrastructure. It
was easy for them as most of the company’s network could be reached from any part of the
world via internet (Effelsberg, Solga & Gurt 2014, pp.90). They accessed the secured data by
Installing a network analyser on the network and captured every packet which travelled
across it. Thus, they revealed all the confidential information of the accounts clearly. Deloitte
has their own Cyber Intelligence Centre that provide their clients the services such as round-
the-clock business focusing on operational security but the hackers also hacked the operating
system by attacking the default authentication system.
The company has ranked the highest as the best cyber security consultant in the
world. The monitor as well as assess all the thefts particularly to the organization which
enables the organization to act swiftly mitigate the risks along with strengthen the cyber
resilience. The professionals of the company were able to realise the relevant threats and
determine the risks of the business and its stakeholders. The data that had been stolen include
names, email addresses, date of birth, telephone numbers and other details but the company
authority did not disclose that these include postal addresses and pass words of financial
information.
Despite all these strong and efficient management and security, the hackers were able
to steal all the personal and confidential information as well as failed to continually reviewing
for enhancing security. Moreover, the organization has completely failed to recognise the
damage and did not reveal this news to their stakeholders so that they do not face any rage as
it might reveal Deloitte’s inability to efficiently serve their clients and 500 millions of US and
international consumers (Rosati et al. 2017, p.149). The research has disclosed the fact that
more than 40 hundred thousand people in the UK had their personal information hacked and
the company was not bothered but defending their stand. Including these incidents, the
further investigation by the US credit monitoring agency, Equifax has exposed that this cyber
security breach had been taken place once again few months ago which was buried by the
authority unethically. This time also, the company announced the incident long after it took
place.
Theoretical concepts:
The business leaders make ethically substantial decisions every single day in their
respective organizations so that any improper incident do not take place. It is their
responsibility to keep a healthy workplace culture based on the gender equality, unbiased
6BUSINESS ETHICS
view and cross-cultural equilibrium among the employees so that they stay motivated and
support the growth (Broucek & Turner 2013, p. 30). The ethical theories are the guidelines in
such cases. The basic understanding of the most essential ethical theories can help the
business owners realise the ethical problems as well as make best decisions (Marshall et al.
2015, p. 247). In the case of Deloitte, the decision was purely based on defence mechanism
through which the company wants to keep its image clean and transparent.
Self-interest: the believers of laissez-faire capitalism argue that the business decisions
must be taken exclusively on the basis of the self-interest to that extent which is permissible
by the law. In most of the personal interactions, this kind of behaviour must be seen as
unscrupulous, but the supporters of open market economics claim that the self-interested
behaviour gives birth of wealth as well as creates new scopes (Wang & Park 2017). As a
leader has limited knowledge about which altruistic acts would be most beneficial for the
society as a whole, the best he may contribute to the society by doing benefits to his own
business. This particular theory on business ethics is widely used for justifying the business
decisions of the organizations. The decision that the company made to bury the cyber-attack
is example of self-interest.
Duty to Principles or People: The real markets face changes in regulations as well as
restrictions. Therefore, most of the ethics theorists assigned to the concept that the business
leaders must have some ethical obligations beyond self-interest (Kalsi et al. 2015, pp.1442).
These obligations are related to moral laws as well as need to be operated for best interest for
the welfare of the community, workplace environment, stakeholders and the employees.
Some of the leaders consider to have moral duty to uphold ethical principles to avoid
situations.
Compassion and consequences: human compassion is one of the basis of business
ethics. According to the thinkers, no company can reach height or successful financially if
they do not have any human compassion (Wells et al. 2014, pp. 76). On the other hand, this
compassion sector must not be influential in decision making. It provides another perspective
at the ethical problems and allows to analyse the problems by thinking the consequences of
the actions. For example, some business practices that create environmental problems cab ne
beneficial for the stakeholders but affect others and bring long-term serious consequences. In
this case the company did not follow any compassionate measure towards anyone but wanted
to avoid the rage of the stakeholders (Heyler et al. 2016, pp. 791).
view and cross-cultural equilibrium among the employees so that they stay motivated and
support the growth (Broucek & Turner 2013, p. 30). The ethical theories are the guidelines in
such cases. The basic understanding of the most essential ethical theories can help the
business owners realise the ethical problems as well as make best decisions (Marshall et al.
2015, p. 247). In the case of Deloitte, the decision was purely based on defence mechanism
through which the company wants to keep its image clean and transparent.
Self-interest: the believers of laissez-faire capitalism argue that the business decisions
must be taken exclusively on the basis of the self-interest to that extent which is permissible
by the law. In most of the personal interactions, this kind of behaviour must be seen as
unscrupulous, but the supporters of open market economics claim that the self-interested
behaviour gives birth of wealth as well as creates new scopes (Wang & Park 2017). As a
leader has limited knowledge about which altruistic acts would be most beneficial for the
society as a whole, the best he may contribute to the society by doing benefits to his own
business. This particular theory on business ethics is widely used for justifying the business
decisions of the organizations. The decision that the company made to bury the cyber-attack
is example of self-interest.
Duty to Principles or People: The real markets face changes in regulations as well as
restrictions. Therefore, most of the ethics theorists assigned to the concept that the business
leaders must have some ethical obligations beyond self-interest (Kalsi et al. 2015, pp.1442).
These obligations are related to moral laws as well as need to be operated for best interest for
the welfare of the community, workplace environment, stakeholders and the employees.
Some of the leaders consider to have moral duty to uphold ethical principles to avoid
situations.
Compassion and consequences: human compassion is one of the basis of business
ethics. According to the thinkers, no company can reach height or successful financially if
they do not have any human compassion (Wells et al. 2014, pp. 76). On the other hand, this
compassion sector must not be influential in decision making. It provides another perspective
at the ethical problems and allows to analyse the problems by thinking the consequences of
the actions. For example, some business practices that create environmental problems cab ne
beneficial for the stakeholders but affect others and bring long-term serious consequences. In
this case the company did not follow any compassionate measure towards anyone but wanted
to avoid the rage of the stakeholders (Heyler et al. 2016, pp. 791).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7BUSINESS ETHICS
Virtue-vice: according to the researchers, no ethical theory is sufficient to face
unethical problems occur in the organizations as each of the cases are unique. Therefore, the
organizational heads before making any decision, must ask themselves some questions about
the planned course of action. The impact of behaviours or actions on the employees and the
environment or act in the interests of the stakeholders and investors (Marcelino-Sádaba,
González-Jaen & Pérez-Ezcurdia 2015, p.14).
Role of the society:
The concept of unethical hacking has a deeper immoral value which affect the society
as well as depend on various social and economic factors. Cyber-attacks have become an
important aspect of criminology and a lot of effort has been implied for both preventing them
as well as dealing with its consequences when these happen. Pointing out the motivations
behind cyber-crimes can help the institutes understand the risks that they face in order to
tackle them. First the most likely reason is the financial gain that the hackers get from the
fraud. Most of these gangs are well organised and operate on commercial basis (Cianci et al.
2014, p.591). The attacks usually involve diversion of funds that happened with Deloitte from
legitimate destinations to the accounts of the fraudsters. However, this incident reflects that it
is the result of negligence of the company for which the hackers got opportunity to hack the
persona information of the customers and clients.
The most important fact that the organization provides services like auditing and tax
consultancy to some of the biggest banks, pharmaceutical firms, media enterprises,
multinational companies and many government agencies throughout the world. Most
importantly, high-end cybersecurity advice to their stake holders but itself has become the
victim of cyber-attack (Lehnert, Park & Singh 2015, p.201). The internal review of the
company had played unethically to their customers and buried this fact with minimum
importance. As the article states that the influence of the institution is more important
because it did not take any initiatives for punishing or preventing the breach to happen once
more thus had privileged the criminals to hack the systems once again (Hutchings, Smith &
James 2013, p.17). The hackers accessed the international email server o the company
through an administrator’s account which, in theory, allowed them access the privileged,
unrestricted access to all areas.
Virtue-vice: according to the researchers, no ethical theory is sufficient to face
unethical problems occur in the organizations as each of the cases are unique. Therefore, the
organizational heads before making any decision, must ask themselves some questions about
the planned course of action. The impact of behaviours or actions on the employees and the
environment or act in the interests of the stakeholders and investors (Marcelino-Sádaba,
González-Jaen & Pérez-Ezcurdia 2015, p.14).
Role of the society:
The concept of unethical hacking has a deeper immoral value which affect the society
as well as depend on various social and economic factors. Cyber-attacks have become an
important aspect of criminology and a lot of effort has been implied for both preventing them
as well as dealing with its consequences when these happen. Pointing out the motivations
behind cyber-crimes can help the institutes understand the risks that they face in order to
tackle them. First the most likely reason is the financial gain that the hackers get from the
fraud. Most of these gangs are well organised and operate on commercial basis (Cianci et al.
2014, p.591). The attacks usually involve diversion of funds that happened with Deloitte from
legitimate destinations to the accounts of the fraudsters. However, this incident reflects that it
is the result of negligence of the company for which the hackers got opportunity to hack the
persona information of the customers and clients.
The most important fact that the organization provides services like auditing and tax
consultancy to some of the biggest banks, pharmaceutical firms, media enterprises,
multinational companies and many government agencies throughout the world. Most
importantly, high-end cybersecurity advice to their stake holders but itself has become the
victim of cyber-attack (Lehnert, Park & Singh 2015, p.201). The internal review of the
company had played unethically to their customers and buried this fact with minimum
importance. As the article states that the influence of the institution is more important
because it did not take any initiatives for punishing or preventing the breach to happen once
more thus had privileged the criminals to hack the systems once again (Hutchings, Smith &
James 2013, p.17). The hackers accessed the international email server o the company
through an administrator’s account which, in theory, allowed them access the privileged,
unrestricted access to all areas.
8BUSINESS ETHICS
The factors leading to poor decision making:
As revealed by the reporter Nick Hopkins of The Guardian there were various reasons
why the company did not accept the theft rather defended initially was due to the fact that if
the theft is revealed it would directly hurt the company’s reputation. Deloitte operated in
more than 130 countries all over the world and has clients in various levels. The UK
governmental ministries largely depend on the advises of the company at different levels.
However, the company has made poor decisions consecutively in taking preventive measures
and increase more security. The other factors that affected the poor decision making are-
Perceived value of data: as opined by the researchers, perceived value of information
can be a factor that motivates the individuals to perform protective behaviour. The company
authority might be confident with their security measures and did not think about upgrading
them (Denning 2014, p. 110).
Prior experience: the past experiences of an individual directly affect that his decision
making on behaviours. Earlier experiences about cybercrime threats include: computer
security complications, virus his and breaches of privacy. A manager who had past
experiences with the computer crime is more likely to perceive threat seriousness and take
effective protective actions. The company had experienced these types of ethical breaches
beforehand but did not initiate more protection.
Subjective norm: this norm refers to the apparent social pressure for performing or not
performing a given behaviour. Subjective norms effect the willingness of the individuals for
behaving in accordance to the security policies. Protection behaviours of their important
people for example family, friends, colleagues or leaders have an effect on the recognition the
risks as well as severity of coercions (Dane & Sonenshein 2015, p.81). It can also increase
ability of the individuals to handle all the threats by obtaining the defensive knowledge from
other people. Social norms definitely effect the intentions to comply with the security
fortification behaviours in the workplaces. Deloitte had a hoard of stakeholders starting from
their employees, customers and different governments.
Threat appraisal: Threat appraisal points out an individual’s assessment that what
level of risk can be posed by the theft. Perceived threat relates to the motivation for
complying with the company’s security policies as well as performing its security protection
behaviours (McQueen 2015). Deloitte claims to embed the best practiced cyber behaviours to
assist their clients to minimise the impact of the theft.
The factors leading to poor decision making:
As revealed by the reporter Nick Hopkins of The Guardian there were various reasons
why the company did not accept the theft rather defended initially was due to the fact that if
the theft is revealed it would directly hurt the company’s reputation. Deloitte operated in
more than 130 countries all over the world and has clients in various levels. The UK
governmental ministries largely depend on the advises of the company at different levels.
However, the company has made poor decisions consecutively in taking preventive measures
and increase more security. The other factors that affected the poor decision making are-
Perceived value of data: as opined by the researchers, perceived value of information
can be a factor that motivates the individuals to perform protective behaviour. The company
authority might be confident with their security measures and did not think about upgrading
them (Denning 2014, p. 110).
Prior experience: the past experiences of an individual directly affect that his decision
making on behaviours. Earlier experiences about cybercrime threats include: computer
security complications, virus his and breaches of privacy. A manager who had past
experiences with the computer crime is more likely to perceive threat seriousness and take
effective protective actions. The company had experienced these types of ethical breaches
beforehand but did not initiate more protection.
Subjective norm: this norm refers to the apparent social pressure for performing or not
performing a given behaviour. Subjective norms effect the willingness of the individuals for
behaving in accordance to the security policies. Protection behaviours of their important
people for example family, friends, colleagues or leaders have an effect on the recognition the
risks as well as severity of coercions (Dane & Sonenshein 2015, p.81). It can also increase
ability of the individuals to handle all the threats by obtaining the defensive knowledge from
other people. Social norms definitely effect the intentions to comply with the security
fortification behaviours in the workplaces. Deloitte had a hoard of stakeholders starting from
their employees, customers and different governments.
Threat appraisal: Threat appraisal points out an individual’s assessment that what
level of risk can be posed by the theft. Perceived threat relates to the motivation for
complying with the company’s security policies as well as performing its security protection
behaviours (McQueen 2015). Deloitte claims to embed the best practiced cyber behaviours to
assist their clients to minimise the impact of the theft.
9BUSINESS ETHICS
Protection motivation: According to the Social Learning Theory, the behaviours of an
individual is largely influenced by its surrounding environment as well as his characteristics.
The company has a huge poise on their capabilities therefore they neglected the importance
of motivation which is good predictor of people’s actual behaviour (Blais & White 2015,
p.6).
Impact on the stakeholders:
As mentioned before, the article has disclosed the different levels to which the
company operates and is responsible to millions of stakeholders. Deloitte helps their clients
by investing higher value skills and knowledge transfer, approaching risks, governance and
exposure to the regulatory changes. These clients are in grave danger for the cyber theft
(Cameron & O'Leary 2015, p. 287).
The partners and the current, retired and prospective employees working with the
company largely depend on the company’s all ups and downs. Some of them have access to
the technology and high quality networking events for operations and communications
therefore the theft has affected them at many levels (Shafer 2015, p.55).
Deloitte has collaborations with many a government such as the UK and the USA. For
the UK government it works as global finance centre trust in business. It manages the
government’s responsible supply chain and capital market (Feltham 2017, p.152). It operates
the financial market regulators ad audit oversite bodies who have been greatly affected by
this unethical breach. The analysts and professional associations are also directly dependent
on the company’s operations because they maintain the ethics, integrity and adhere
performance standards (Valli, Martinus & Johnstone 2014, p.19).
The company’s stakeholders include their suppliers and numerous non-profit
organizations who work for the company maintain a close relationship for a long time
(Hutchings, Smith & James 2013, p.11). Due to this theft the reputation of the company has
been affected that also distressed the operations of the stakeholders. Beside these the
company has patch up with mainly multi-stakeholder companies who have been effected by
this unethical incident.
Protection motivation: According to the Social Learning Theory, the behaviours of an
individual is largely influenced by its surrounding environment as well as his characteristics.
The company has a huge poise on their capabilities therefore they neglected the importance
of motivation which is good predictor of people’s actual behaviour (Blais & White 2015,
p.6).
Impact on the stakeholders:
As mentioned before, the article has disclosed the different levels to which the
company operates and is responsible to millions of stakeholders. Deloitte helps their clients
by investing higher value skills and knowledge transfer, approaching risks, governance and
exposure to the regulatory changes. These clients are in grave danger for the cyber theft
(Cameron & O'Leary 2015, p. 287).
The partners and the current, retired and prospective employees working with the
company largely depend on the company’s all ups and downs. Some of them have access to
the technology and high quality networking events for operations and communications
therefore the theft has affected them at many levels (Shafer 2015, p.55).
Deloitte has collaborations with many a government such as the UK and the USA. For
the UK government it works as global finance centre trust in business. It manages the
government’s responsible supply chain and capital market (Feltham 2017, p.152). It operates
the financial market regulators ad audit oversite bodies who have been greatly affected by
this unethical breach. The analysts and professional associations are also directly dependent
on the company’s operations because they maintain the ethics, integrity and adhere
performance standards (Valli, Martinus & Johnstone 2014, p.19).
The company’s stakeholders include their suppliers and numerous non-profit
organizations who work for the company maintain a close relationship for a long time
(Hutchings, Smith & James 2013, p.11). Due to this theft the reputation of the company has
been affected that also distressed the operations of the stakeholders. Beside these the
company has patch up with mainly multi-stakeholder companies who have been effected by
this unethical incident.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10BUSINESS ETHICS
Recommendation:
Deloitte must rectify their actions regarding this cyber theft incident and put the
personal of their depended at stake. For this they must take very important initiatives so that
such unethical incidents do not take place further in future.
The companies have the chief investment decisions taken in their boardrooms
therefore, the threat of cyber-attacks need to be attended more carefully and need to be in
chief agenda. The organization had push the issues out to their information security offices to
deal with whereas the security must be the agenda of the chief executive. The company must
be accepting the need of more investment in the security so that such unethical incidents do
not take place (Norris et al. 2017, p.114). The chief executives need to make decisions on
when to invest in the cybersecurity and it is his responsibility to make the roundtable heard.
Even the recent high-profile cyber thefts, such as the one against Sony and another
against Ashley Madison took pace for failure for focussed minds.
The company heads need to also create awareness among the employees about the
cyber-attacks because they are the most vulnerable to be disbelieved. According to the
researchers, the employees have access to the networks and all the computers of the
organization. They may be cause to the greatest cybersecurity risks mostly by accidents. They
often open malwares unknowingly from the mails or intentionally by using weak passwords
to steal data. Therefore, the company needs to guide them providing moral and ethical
direction.
Security knowledge of security has influence on the decision making procedure that
leads to the protection motivation. Organizations typically design various training
programmes for the cyber security purposes. Providing the security knowledge training
includes the security events which usually occur in the companies, risks confronted, basic
knowledge of the IS security, how to establish good security habits, and recommended
supports available when facing security problems (Harrington 2014, p.12). This helps
computer users understand the current protections served - by technical control, formal
control, law enforcement and others building up to ethical cyber behaviours The company
must take steps to imply more importance in this area.
For protecting the cyber security of the organization, the management must keep eye
on the Risk Management Command which include Network Security, updation of the
operating systems and Malware Prevention. This will be helping in safeguarding the
Recommendation:
Deloitte must rectify their actions regarding this cyber theft incident and put the
personal of their depended at stake. For this they must take very important initiatives so that
such unethical incidents do not take place further in future.
The companies have the chief investment decisions taken in their boardrooms
therefore, the threat of cyber-attacks need to be attended more carefully and need to be in
chief agenda. The organization had push the issues out to their information security offices to
deal with whereas the security must be the agenda of the chief executive. The company must
be accepting the need of more investment in the security so that such unethical incidents do
not take place (Norris et al. 2017, p.114). The chief executives need to make decisions on
when to invest in the cybersecurity and it is his responsibility to make the roundtable heard.
Even the recent high-profile cyber thefts, such as the one against Sony and another
against Ashley Madison took pace for failure for focussed minds.
The company heads need to also create awareness among the employees about the
cyber-attacks because they are the most vulnerable to be disbelieved. According to the
researchers, the employees have access to the networks and all the computers of the
organization. They may be cause to the greatest cybersecurity risks mostly by accidents. They
often open malwares unknowingly from the mails or intentionally by using weak passwords
to steal data. Therefore, the company needs to guide them providing moral and ethical
direction.
Security knowledge of security has influence on the decision making procedure that
leads to the protection motivation. Organizations typically design various training
programmes for the cyber security purposes. Providing the security knowledge training
includes the security events which usually occur in the companies, risks confronted, basic
knowledge of the IS security, how to establish good security habits, and recommended
supports available when facing security problems (Harrington 2014, p.12). This helps
computer users understand the current protections served - by technical control, formal
control, law enforcement and others building up to ethical cyber behaviours The company
must take steps to imply more importance in this area.
For protecting the cyber security of the organization, the management must keep eye
on the Risk Management Command which include Network Security, updation of the
operating systems and Malware Prevention. This will be helping in safeguarding the
11BUSINESS ETHICS
infrastructure from the malicious threats. It is important to keep monitoring the systems
regularly so that the areas like secure configuration and removable media control to be strict.
It is very important to bring some changes in the security policy of the company by means
of a unique as well as complex passwords to maintain a clean desk atmosphere where there
remains no place for any confidential as well as personal information.
Conclusion:
Therefore, it can be concluded that ethical issues such as cyber hacking has been
proved to be a great danger for the organizations like Deloitte for this had destroyed the entire
internal security system and stole all personal information of the stakeholder of the company.
The preparation for taking measures for cyber security needs a complete knowledge of both
internal as well as external threats which have affected the entire security system of Deloitte
and left the information at stake. There are different motives of the hackers for exploiting the
system. However, the theories discuss the various aspects of the ethical issues that emerge in
the organizations and identifies the various motives of the unethical conduct. The report
discusses the type of misconduct that affected the stakeholders and how they were affected by
this unethical behaviour. Beside caring for reputation, there are other factors that also
affected the decision making procedure of the company. It finally concludes with the
practical and relevant recommendation to the management team of the company to protect
Deloitte from the further threat of cyber hacking. The company needs to understand the idea
of different cyber fraud schemes and their common threats for combating with the further
threat.
infrastructure from the malicious threats. It is important to keep monitoring the systems
regularly so that the areas like secure configuration and removable media control to be strict.
It is very important to bring some changes in the security policy of the company by means
of a unique as well as complex passwords to maintain a clean desk atmosphere where there
remains no place for any confidential as well as personal information.
Conclusion:
Therefore, it can be concluded that ethical issues such as cyber hacking has been
proved to be a great danger for the organizations like Deloitte for this had destroyed the entire
internal security system and stole all personal information of the stakeholder of the company.
The preparation for taking measures for cyber security needs a complete knowledge of both
internal as well as external threats which have affected the entire security system of Deloitte
and left the information at stake. There are different motives of the hackers for exploiting the
system. However, the theories discuss the various aspects of the ethical issues that emerge in
the organizations and identifies the various motives of the unethical conduct. The report
discusses the type of misconduct that affected the stakeholders and how they were affected by
this unethical behaviour. Beside caring for reputation, there are other factors that also
affected the decision making procedure of the company. It finally concludes with the
practical and relevant recommendation to the management team of the company to protect
Deloitte from the further threat of cyber hacking. The company needs to understand the idea
of different cyber fraud schemes and their common threats for combating with the further
threat.
12BUSINESS ETHICS
References:
Blais, CM & White, JL 2015. Bioethics in Practice-A Quarterly Column about Medical
Ethics: Ebola and Medical Ethics-Ethical Challenges in the Management of Contagious
Infectious Diseases. The Ochsner Journal, 15(1), pp.5-7.
Broucek, V & Turner, P., 2013. Technical, legal and ethical dilemmas: distinguishing risks
arising from malware and cyber-attack tools in the ‘cloud’—a forensic computing
perspective. Journal of Computer Virology and Hacking Techniques, 9(1), pp.27-33.
Cameron, RA & O'Leary, C 2015. Improving ethical attitudes or simply teaching ethical
codes? The reality of accounting ethics education. Accounting Education, 24(4), pp.275-290.
Cianci, AM, Hannah, ST, Roberts, RP & Tsakumis, GT 2014. The effects of authentic
leadership on followers' ethical decision-making in the face of temptation: An experimental
study. The Leadership Quarterly, 25(3), pp.581-594.
Dane, E & Sonenshein, S 2015. On the role of experience in ethical decision making at work:
An ethical expertise perspective. Organizational Psychology Review, 5(1), pp.74-96.
Denning, DE 2014. Framework and principles for active cyber defense. Computers &
Security, 40, pp.108-113.
Effelsberg, D, Solga, M & Gurt, J 2014. Transformational leadership and follower’s unethical
behavior for the benefit of the company: A two-study investigation. Journal of Business
Ethics, 120(1), pp.81-93.
Feltham, M 2017. Three things you need to know about cybersecurity and some recent
regulatory changes in Australia trends and special topics. Governance Directions, 69(3),
p.152.
Harrington, SL 2014. Cyber Security Active Defense: Playing with Fire or Sound Risk
Management. Richmond Journal of Law & Technology, 20(4), p.12.
Heyler, SG, Armenakis, AA, Walker, AG & Collier, DY 2016. A qualitative study
investigating the ethical decision making process: A proposed model. The Leadership
Quarterly, 27(5), pp.788-801.
References:
Blais, CM & White, JL 2015. Bioethics in Practice-A Quarterly Column about Medical
Ethics: Ebola and Medical Ethics-Ethical Challenges in the Management of Contagious
Infectious Diseases. The Ochsner Journal, 15(1), pp.5-7.
Broucek, V & Turner, P., 2013. Technical, legal and ethical dilemmas: distinguishing risks
arising from malware and cyber-attack tools in the ‘cloud’—a forensic computing
perspective. Journal of Computer Virology and Hacking Techniques, 9(1), pp.27-33.
Cameron, RA & O'Leary, C 2015. Improving ethical attitudes or simply teaching ethical
codes? The reality of accounting ethics education. Accounting Education, 24(4), pp.275-290.
Cianci, AM, Hannah, ST, Roberts, RP & Tsakumis, GT 2014. The effects of authentic
leadership on followers' ethical decision-making in the face of temptation: An experimental
study. The Leadership Quarterly, 25(3), pp.581-594.
Dane, E & Sonenshein, S 2015. On the role of experience in ethical decision making at work:
An ethical expertise perspective. Organizational Psychology Review, 5(1), pp.74-96.
Denning, DE 2014. Framework and principles for active cyber defense. Computers &
Security, 40, pp.108-113.
Effelsberg, D, Solga, M & Gurt, J 2014. Transformational leadership and follower’s unethical
behavior for the benefit of the company: A two-study investigation. Journal of Business
Ethics, 120(1), pp.81-93.
Feltham, M 2017. Three things you need to know about cybersecurity and some recent
regulatory changes in Australia trends and special topics. Governance Directions, 69(3),
p.152.
Harrington, SL 2014. Cyber Security Active Defense: Playing with Fire or Sound Risk
Management. Richmond Journal of Law & Technology, 20(4), p.12.
Heyler, SG, Armenakis, AA, Walker, AG & Collier, DY 2016. A qualitative study
investigating the ethical decision making process: A proposed model. The Leadership
Quarterly, 27(5), pp.788-801.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13BUSINESS ETHICS
Hopkins, N 2017, Deloitte hit by cyber-attack revealing clients’ secret emails. [online] the
Guardian. Available at: https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-
cyber-attack-revealing-clients-secret-emails [Accessed 8 Dec. 2017]. (Hopkins 2017)
Hutchings, A, Smith, RG & James, L 2013. Cloud computing for small business: Criminal
and security threats and prevention measures. Trends and Issues in Crime and Criminal
Justice, (456), p.11.
Kalsi, T, Babic-Illman, G, Ross, PJ, Maisey, NR, Hughes, S, Fields, P, Martin, FC, Wang, Y
& Harari, D 2015. The impact of comprehensive geriatric assessment interventions on
tolerance to chemotherapy in older people. British journal of cancer, 112(9), pp.1435-1444.
Lehnert, K, Park, YH & Singh, N 2015. Research note and review of the empirical ethical
decision-making literature: Boundary conditions and extensions. Journal of Business
Ethics, 129(1), pp.195-219.
Marcelino-Sádaba, S, González-Jaen, LF & Pérez-Ezcurdia, A 2015. Using project
management as a way to sustainability. From a comprehensive review to a framework
definition. Journal of cleaner production, 99, pp.1-16.
Marshall, L, Schwieger, D, Ladwig, C & Sen, S 2015. The Hack Attack at Winter's Tale
Publishing: The Forensic Accounting/internal Auditing Perspective. Journal of the
International Academy for Case Studies, 21(5), p.247.
McQueen, K 2015. Ethical Issues of Knowledge Organization in Designing a Metadata
Schema for the Leo Kottke Archives. Knowledge Organization, 42(5).
Norris, DF, Mateczun, L, Joshi, A & Finin, T 2017. Cybersecurity Challenges to American
Local Governments. In Proceedings of 17th European Conference on Digital
Government (pp. 110-117).
Rosati, P, Cummins, M, Deeney, P, Gogolin, F, van der Werff, L & Lynn, T 2017. The effect
of data breach announcements beyond the stock price: Empirical evidence on market
activity. International Review of Financial Analysis, 49, pp.146-154. Wang, P & Park, SA
2017. COMMUNICATION IN CYBERSECURITY: A PUBLIC COMMUNICATION
MODEL FOR BUSINESS DATA BREACH INCIDENT HANDLING. Issues in
Information Systems, 18(2).
Hopkins, N 2017, Deloitte hit by cyber-attack revealing clients’ secret emails. [online] the
Guardian. Available at: https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-
cyber-attack-revealing-clients-secret-emails [Accessed 8 Dec. 2017]. (Hopkins 2017)
Hutchings, A, Smith, RG & James, L 2013. Cloud computing for small business: Criminal
and security threats and prevention measures. Trends and Issues in Crime and Criminal
Justice, (456), p.11.
Kalsi, T, Babic-Illman, G, Ross, PJ, Maisey, NR, Hughes, S, Fields, P, Martin, FC, Wang, Y
& Harari, D 2015. The impact of comprehensive geriatric assessment interventions on
tolerance to chemotherapy in older people. British journal of cancer, 112(9), pp.1435-1444.
Lehnert, K, Park, YH & Singh, N 2015. Research note and review of the empirical ethical
decision-making literature: Boundary conditions and extensions. Journal of Business
Ethics, 129(1), pp.195-219.
Marcelino-Sádaba, S, González-Jaen, LF & Pérez-Ezcurdia, A 2015. Using project
management as a way to sustainability. From a comprehensive review to a framework
definition. Journal of cleaner production, 99, pp.1-16.
Marshall, L, Schwieger, D, Ladwig, C & Sen, S 2015. The Hack Attack at Winter's Tale
Publishing: The Forensic Accounting/internal Auditing Perspective. Journal of the
International Academy for Case Studies, 21(5), p.247.
McQueen, K 2015. Ethical Issues of Knowledge Organization in Designing a Metadata
Schema for the Leo Kottke Archives. Knowledge Organization, 42(5).
Norris, DF, Mateczun, L, Joshi, A & Finin, T 2017. Cybersecurity Challenges to American
Local Governments. In Proceedings of 17th European Conference on Digital
Government (pp. 110-117).
Rosati, P, Cummins, M, Deeney, P, Gogolin, F, van der Werff, L & Lynn, T 2017. The effect
of data breach announcements beyond the stock price: Empirical evidence on market
activity. International Review of Financial Analysis, 49, pp.146-154. Wang, P & Park, SA
2017. COMMUNICATION IN CYBERSECURITY: A PUBLIC COMMUNICATION
MODEL FOR BUSINESS DATA BREACH INCIDENT HANDLING. Issues in
Information Systems, 18(2).
14BUSINESS ETHICS
Shafer, WE 2015. Ethical climate, social responsibility, and earnings management. Journal
of Business Ethics, 126(1), pp.43-60.
Theguardian.com 2018, Deloitte hit by cyber-attack revealing clients’ secret emails. [online]
The Guardian. Available at: https://www.theguardian.com/business/2017/sep/25/deloitte-hit-
by-cyber-attack-revealing-clients-secret-emails [Accessed 11 Jan. 2018].
Valli, C, Martinus, I & Johnstone, M, 2014, January. Small to medium enterprise cyber
security awareness: an initial survey of Western Australian business. In Proceedings of the
International Conference on Security and Management (SAM) (p. 19).
Wells, LJ, Camelio, JA, Williams, CB & White, J 2014. Cyber-physical security challenges
in manufacturing systems. Manufacturing Letters, 2(2), pp.74-77.
Shafer, WE 2015. Ethical climate, social responsibility, and earnings management. Journal
of Business Ethics, 126(1), pp.43-60.
Theguardian.com 2018, Deloitte hit by cyber-attack revealing clients’ secret emails. [online]
The Guardian. Available at: https://www.theguardian.com/business/2017/sep/25/deloitte-hit-
by-cyber-attack-revealing-clients-secret-emails [Accessed 11 Jan. 2018].
Valli, C, Martinus, I & Johnstone, M, 2014, January. Small to medium enterprise cyber
security awareness: an initial survey of Western Australian business. In Proceedings of the
International Conference on Security and Management (SAM) (p. 19).
Wells, LJ, Camelio, JA, Williams, CB & White, J 2014. Cyber-physical security challenges
in manufacturing systems. Manufacturing Letters, 2(2), pp.74-77.
1 out of 15
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.