Evaluating IT Security Risks and Their Impact on Decision-Making

Verified

Added on 2022/09/16

AI Summary

This report analyzes the impact of information technology (IT) security risks on business operations and decision-making. It examines two articles focusing on IT best practices to mitigate risks such as cyber security threats, data breaches, and insider threats. The analysis highlights the importance of innovation, the role of governance, and the need for proactive measures, including cost-benefit analysis and security frameworks. The report emphasizes the significance of IT security best practices, such as support from top-level management and compliance with regulatory practices, in protecting data and improving overall business effectiveness. It concludes that these practices are crucial for organizations to safeguard against both internal and external IT-related risks, ultimately enhancing data reliability and informed decision-making.

Running Head: BUSINESS LAW 0
Business Law
Student Details:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

BUSINESS LAW 1
In today’s competitive business world, information technology (IT) enables
companies to increase their business operations which affects their decision-making strategies
and improves their overall effectiveness. There are various IT best practices which a
company should comply with in order to mitigate key risks which they face while relying on
these pratices and changing business environment. The objective of this paper is to analyse
two articles on information systems (IS) best practices which can assist companies in
avoiding IT security risks and evaluate their impact on decision making strategies. The first
article is “Innovation research in information systems: A commentary on contemporary
trends and issues” written by Ashish Kumar Jha and Indranil Bose, and the second article is
“The dark side of information technology use” written by Monideepa Tarafdar, Ashish Gupta
and Ofir Turel.
While using information systems in businesses, there are various risks that companies
must be aware about in order to properly manage their business operations. These risks
include cyber security threats, data breach, inefficient transfer of data, time consuming
decision-making and others. Jha & Bose (2016) provided that use of information systems
enables companies to innovate their business operations which allow them to stay relevant in
changing business environment; privacy is a key threat which affects organisations while
using IS that can be addressed by the implementation of best practices. The benefit of using
IS is seamless connection between different departments that can be located in various
countries which contributes to effective decision making and it also led to fostering a culture
that reinforce innovation in the workplace. Jha & Bose (2016) highlighted this argument
through analysis of innovation life cycle which shows a direct correlation between product
innovation and ICT innovations in emerging economies that leads to development of better
products. However, reliance on IS makes a company vulnerable towards cyber-attack which
lead to breach of sensitive organisational data that can harm its reputation or market share.
Cyber criminals could hack into information systems used by organisations in order to collect
their data to use it in order to gain unfair advantage. In next five years, the number of cyber-
attack cases is likely to increase because as per estimation, these attacks can cost
organisations $6 trillion by 2021 globally (Roth, 2020). Therefore, it is important that
companies must rely on strategic analysis decisions to watch out the key threats in the IT
field and decisions which they have to take in order to reduce the negative impact of these
crimes.

BUSINESS LAW 2
There are both internal as well as external information security risks that companies
face while using IS in their business operations and these risks are necessary to be addressed
since they affect their decision making strategies. Insider threat is a key internal risks faced
by organisations relating to IS because over 60 per cent of cyber-attack are caused by insiders
as per the study conducted by IBM (Henry, 2018). An external threat is the vulnerability of
data that is transferred in IS that are used by companies because these systems can get hacked
by cyber criminals that can use this data to gain unfair advantage. There are various
developments in the IT field that are targeted towards addressing these challenges; however,
they are not sufficient to handle the advancements made by cyber criminals in order to
improve their potentials to violate securities implemented by organisations to protect their
data. Internal and external risks also affect decision-making strategies of organisations
because they disrupt the reliability of data that is shared between different departments. The
top-level management finds it difficult to use the data in order to make informed business
decisions since it could be manipulated by cyber criminals through hacking or insider threat.
Therefore; the significant of IS best practices increased substantially for organisations to
make sure that they protect themselves from both internal as well as external risks which has
a potential to violate their data or affect their decision-making process.
According to Tarafdar, Gupta & Turel (2013), there are various complex and alarming
ways in which the dark side of IT affects organisations and individuals on a personal level;
these challenges can be addressed through implementation of IS best practices which allows
companies to take proactive measures in order to protect their data. Tarafdar, Gupta & Turel
(2013) highlighted the role of governance and regulatory practices in order to tackle internal
and external challenges relating to IS and how compliance with these guidelines can enable
companies in protecting their data. Another best practice is receiving adequate support from
top level management to set a budget and formulate guidelines that focuses on relying on
technological advancements to improve the security of IS. Companies should conduct cost-
benefit analysis before making a decision of adopting or changing their current IS to make
sure that its threat does not overcome its benefits. Organisations should also adopt adequate
security frameworks that eliminate internal and external risks such as encryption, firewall,
surveillance, devices, authentication devices and others. Decision-making strategies can also
be improved through these best practices since they will increase reliability of data by
reducing the chances of its modification that will benefit top-level management in making
informed decisions.

BUSINESS LAW 3
Based on the above observations, it can be concluded that IS best practices are crucial
for organisations to make sure that they are able to protect themselves from internal and
external IT related risks which has the potential to violate the confidentiality of their data and
decision-making strategies. Both the articles highlighted the significance of IS best practices
in promoting innovation and effective decision-making strategies in changing business
environment. Some of these best practices include support from the top level management,
conducting cost benefit analysis, compliance with regulatory practices, adaptation of security
frameworks and others. Compliance with these practices generates a competitive edge for
companies allowing them to protect their data and improve their overall effectiveness.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

BUSINESS LAW 4
References
Henry, J. (2018, August 21). These 5 Types of Insider Threats Could Lead to Costly Data
Breaches. Retrieved from Security Intelligence:
https://securityintelligence.com/these-5-types-of-insider-threats-could-lead-to-costly-
data-breaches/
Jha, A., & Bose, I. (2016). Innovation research in information systems: A commentary on
contemporary trends and issues. Information & Management, 53(3), 297-306.
Roth, J. (2020, February 13). $6 Trillion is Expected to Be Spent Globally on Cybersecurity
by 2021. Retrieved from IIBA: https://www.iiba.org/iiba-analyst-catalyst-blogs/$6-
trillion-is-expected-to-be-spent-globally-on-cybersecurity-by-2021/
Tarafdar, M., Gupta, A., & Turel, O. (2013). The dark side of information technology use.
Information Systems Journal, 23(3), 269-275.