Developing a Cybersecurity Business Plan: Tesco's Safety and Security

Verified

Added on 2023/06/18

AI Summary

This report presents a comprehensive business plan for cybersecurity at Tesco, focusing on the development and implementation of robust safety and security policies. It begins by defining cybersecurity and digital forensics, highlighting their importance in protecting Tesco's data and infrastructure. The plan addresses ethical, regulatory, and legal considerations, along with an analysis of technological phenomena relevant to cybersecurity. It examines the potential impact of the proposed cybersecurity measures on customers and the organization, emphasizing the importance of data privacy and security. The report also identifies technical and non-technical risks associated with implementing the plan and outlines contingency plans for risk management and secure systems architecture. The conclusion summarizes key findings and provides recommendations for Tesco to enhance its cybersecurity posture. Desklib offers this student-contributed assignment, along with a wealth of other solved assignments and past papers, to aid students in their studies.

Business plan on cyber security
field

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of Contents
 Introduction
 Concept of Cyber Security and Digital Forensics
 Business overview
 Business plan of safety and security policy in Cybersecurity
 Purpose of report
 Main body
 Analyse ethical, regulatory and legal phenomena in business proposal
 Analyse technological phenomena in business proposal
 Impact of the proposal on customers and organization
 Technical and non-technical risks
 Contingency plans considering risk management and secure systems architecture
 Conclusion
 Findings
 Recommendation
 References

Introduction

Concept of Cyber Security and Digital Forensics
Cyber security can be defined as the computer security which protects the technical
devices either hardware or software from various vulnerabilities which enters via
internet or networks. This results in the data theft or data breach which misdirects or
misleads the owner of data in a drastic manner. Therefore, cybersecurity takes care of
the technology from implementation to the maintenance of it so that any cyber crime or
cyber theft cannot enter in an organization. Basically cybersecurity saves the application
and processes along with the systems and networks which is followed by the programs
and devices and data from cyber attacks. Its target is to decrease the risk of cyber attacks
in order to protect against any unauthorised systems exploitations. Digital forensics can
be defined as the study of forensic science whose aims is to encompass the recovery and
the research of any thing found in the technical devices specifically associated with the
computer crime. It is basically the application of information technology which research
about the procedures for a ethical and legal targets which includes the examination of
digital evidences. It uses various tools and techniques in order to find out the computer
crime such as fraud, illicit use and many more. It has different phases through which the
whole process is based on such as identification and preservation along with the analysis
and documentation which is followed by the presentation (Berry and Berry, 2018).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Reason why to do business in Leicester
 This is one of the reason to do business in Leicester that it will be beneficial of the
firm to gather attention from more clients as this place is close to the client's
requirements and needs for better servicing nature of the information security
consultancy firm.
 Moreover, this is an another reason to do business in Leicester that it is nearest to
central city which means that central city has the attraction of large number of
business firms which actually require the servicing of information technology in terms
of safety and security plans of technology the business has adopted.
 Furthermore, this is also an another reason to do business in Leicester that it has good
number of target competitors which helps the company in analysing the situation and
unique selling proposition in order to gain the competitive advantages in the city and
more.

Business overview
Chosen organization is Tesco which one of the leading international super market
company specifically in retail sector headquartered in United Kingdom and established
in 1919. its products and services includes the groceries, clothing, food, home
appliances, electronics, credit card services, financial services and many more. They are
also up to the online shopping as well due to the current scenario of Covid-19 pandemic,
online services are more in demand and therefore, they want to establish the safety and
security policy in an organization in the form of cyber security. Currently they are
facing the issues in data management because of the big data they are handling of a lots
of customers along with the employees and other stakeholders as well. Moreover, they
also want to install a proper cyber security system so that they can not only save their
private data but also other crimes related to the internet and networks such as website
maintenance and many more. Furthermore, they are also facing the problem of training
and development of employees in context of technology so that employees can get
awareness about the cyber crime and cyber security for better functioning within
organization. Hence, business plan for cyber security is highly required by the
organization so that they can manage their operations in an effective and efficient
manner (Limba, Plėta, Agafonov and Damkus, 2019).

Business plan of safety and security policy in Cybersecurity
Tesco requires the cyber security policy and a proper business plan so that they
can easily implement and follow the same. It is important for the company to
execute the necessary plans only which can help them in an effective manner
but not those plans which are not of use. Such as Tesco is requiring the data
management and security plan along with the internet surfing safety plan such
emails or fraud websites. Moreover, the plan of access control and training and
development to employees as well (Aldawood and Skinner, 2019). Business plan
for cybersecurity includes the setting of password requirements and outlining of
email security measures along with the explaining that how to handle sensitive data and
setting rules around handling technology which is followed by setting standards for
social media and internet access so that preparation of an incident can be done in order
to keeping up the policy up-to-date which is related to the data and internet security and
management. Moreover, it also involves the authentication and authorization of data,
such as in the form of encryption and description. Password management and regular
updates are highly required along with the access control techniques so that the whole
process can be efficient within budget. Plan has the ability to identify and prevent the
any abnormal things so that detection of any fraud can be found out in order to respond
and recover the loss by formulating solid framework for the organization.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Purpose of report
The following discussion is based on the concept of cyber Security and digital
forensics along with the business overview in context of Tesco and business
plan of safety and security policy in cybersecurity under the introduction part.
Analysing ethical, regulatory and legal phenomena in business proposal and
analysing technological phenomena in business proposal along with the impact
of the proposal on customers and organization which is followed by the technical
and non-technical risks and contingency plans considering risk management
and secure systems architecture is also covered under the main body part.
Findings and recommendation are also discussed under the conclusion part. All these are
the purpose of report which is carried out for better formulation of the business plan for
Tesco. Such purposes will help the company in gaining the strategies on how they
further maintain their operations and management along with all their internal as well as
their external stakeholders. This is because outlining the business plan with processes
and tactics are essentially supportable for execution of the plan due to the particular
purpose carried out which specifies each and every aspect of plan from any risks
associated with the mitigation process and therefore, purpose of the report not only
assist the organization but also the people who are involved in the project of
implementing the policy of cybersecurity plan in Tesco.

Main Body

Analyse ethical, regulatory and legal phenomena in
business proposal
Ethical phenomena in cyber security plan within organization are basically the moral
principles that examines an individual behaviour and values in the company in context
of the technology and its devices associated with the internet and networks, mainly from
the external devices. Hence, ethical nature is a critical part of the defence strategies of
cyber security implemented in the firm. Cybersecurity in terms of risk management
often damages other parties with the reason being of unethical nature so therefore,
ethical standards and rules are important to maintain in the form of proper training and
development to employees regarding the following of rules and standards in a strict
manner so that they cannot attempt any unethical activity with technology and company
(Taylor, Dargahi, Dehghantanha and Choo, 2020). Regulatory and legal phenomena in
cyber security plan within organization formulates and maintains the written cyber
security program which includes administrative and technical along with the physical
safeguards in order to protect the personal information and confidential data as well.
Cybersecurity laws enforces the organization to follow the legislations so that they can
be protected from viruses, worms, trojan horses, phishing, denial of service attacks,
unauthorised access and many more. Therefore, it is basically the entire system which is
legal in nature associated with the legal informatics and digital circulation of software,
information security, e-commerce and information.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Analyse technological phenomena in business proposal
Technological phenomena in cyber security plan within organization are such that there
are different types of technology used in the company which supports cybersecurity but
the problem is such that it is difficult to select and make decision that what type of
technology is require as per the needs and requirements of the business plan on
cybersecurity. Therefore, according to the plan made as discussed above, some of the
technologies that can highly prove efficient to the organization are spying software and
google glass (Thomas, 2018). They are responsible for the tracking of fingerprint
movements on the screen which are touched in order to operate some functioning.
Moreover, the company can also use the memory scrapping malware and bespoke
attacks so that the detection can be appropriately done without compromising with a
whole system. Furthermore, there are some trends which supports the technological
phenomena such as by determining the impact of remote work with both new threats and
solutions, new challenges from ransomware, increased use of multi-factor
authentication, continued rise of artificial intelligence, increased attacks on cloud
services, data privacy as a discipline, COVID-19 phishing schemes, increased need for
cybersecurity professionals, insider threats on the rise, increased need for chief security
officers, critical need for real-time data visibility, prioritize growing the cybersecurity
workforce, invest in security automation and educate the Staff.

Impact of the proposal on customers and organization
Impact of the proposal on customers and organization are such that it protects the
business which contain big data related to the privacy of customers and it should not
breach or lost otherwise it can harm organization as well as customers also so it is a
positive impact on both the customers and organization. Proposal will protect the
personal information of the organizational employees along with each and every
stakeholders which includes the customers and suppliers along with the shareholders
and competitors and many more. Proposal impacts the employees to work safely in the
company because there is some sort of the security measures and beliefs that the
implementation of cybersecurity can safeguard them at any cost (Pandey, Singh,
Gunasekaran and Kaushik, 2020). It also protects productivity of the organization
because safety measures in technology helps the workforce to work smarter and hence
benefit to the customers as well because of the good quality products and services
offered by the organization. Proposal will help the company to stop the website from
going down which can helps in the more visits of the customers over the website and
also can increase the number of sales as well. Proposal denies spyware and prevents
adware which are the major causes or sources from where the attacks are generated.
Moreover, it also supports the information technology experts so that they can perform
their functioning in an enhanced and strategic manner. Furthermore, proposal inspires
confidence among customers on the organization as they can trust the company on not
being their privacy expose at any cost (Aldawood and Skinner, 2018).