INDIVIDUAL ASSIGNMENT

Introduction to Security and Forensic Technologies

CT046-3-1-ISFT

Group Members Names:

Yazeed Jamal Taher -- TP062178

Omar Hussam (“M.S.S”) Farah – TP062084

Soma Yuri – TP062016

Intake code: APD1F2009CS(CYB) – APD1F2009IT

Hand Out Date: 11 June 2021

Hand In Date: 11 July 2021

Title: Professional, Ethical and Legal Discussion

Table of Contents
1.0 Introduction...................................................................................................................................2
2.0 Who are the stakeholders?............................................................................................................4
3.0 What alternatives responses to the issue exist?................................................................................5
3.1 Kessa goes along with the request and builds the system with inadequate security...................5
A) Outcomes:...................................................................................................................................5
3.2 Kessa refuses to build the system and abandons the project........................................................6
B) Outcomes:...................................................................................................................................6
3.3 Kessa tells ToyTime that her company will build in better security, but only charge for the
cheaper option...........................................................................................................................................7
C) Outcomes:...................................................................................................................................7
Answer:..................................................................................................................................................7
4.0 What are the costs and benefits of each alternative?........................................................................8
4.1 Goes along with the request and builds the system with inadequate security.............................8
4.2 Refuses to build the system and abandons the project..................................................................8
4.3 Build in better security, but only charge for the cheaper option..................................................9
5.0 How would the benefits and burdens be distributed for each alternative?...................................10
5.1 Benefits for Kessa and her company:...........................................................................................10
5.2 Burdens for Kessa and her company:..........................................................................................10
5.3 Benefits for ToyTime’s Company.................................................................................................10
5.4 Burdens for ToyTime’s Company................................................................................................10
Conclusion................................................................................................................................................11
References.................................................................................................................................................12
1.0 Introduction
Security problems for internet-based assaults are among the most persistent difficulties in
database security. Hackers come up with new ways to infiltrate networks and steal data almost
every day. To withstand these attacks, database security procedures must be strong enough.
Some of these cyber security threats, such as phishing techniques that take user credentials and
use them without permission, can be difficult to spot. Other frequent cyber-threats include
malware and ransomware. In addition to the cost of informing consumers, a breached firm must
spend for forensic and investigation operations, crisis management, triage, and system
restoration, among other things. And for the current issue which is ToyTime refusing to pay for a
decent and strong system to protect its companies’ sensitive information from being hijacked and
stolen from hackers, but they only want to pay for a weak security system with a cheap cost
which is not sitting right with the company owner Kessa.
2.0 Who are the stakeholders?

Every person is interested in the interest of the company and has the decision to change or do
anything called a stakeholder and these people in the case of (Kessa) are the ones who must
convince them that the decision they took is wrong and may lead to dire consequences that may
reach millions of dollars. Among the most important stakeholders mentioned are the CEO of the
company and A (CEO) is a chief executive officer (CEO) is the company's highest-ranking
executive, with primary responsibilities including making major corporate decisions, managing
the company's overall operations and resources, acting as the company's main point of
communication between the board of directors (the board) and corporate operations, and serving
as the company's public face The board of directors and shareholders elect the CEO,  So in short,
whatever decision he makes will be decisive because of his influence , The second person who
agreed to the wrong decision and which will cost him and the company a lot of losses is
the CIO of the company and A company's chief information officer (CIO) is in charge of
information and computer technology management, deployment, and usability. The job of the
CIO has grown in popularity and relevance as technology advances and reshapes businesses all
around the world The CIO examines how various technologies benefit the firm or improve an
existing business process, and then implements a system to achieve that benefit or
improvement. This kind of job need a thorough understanding of how a business operates from
top to bottom CIOs should also be informed of technological trends, since technology can
change dramatically in the next two to three years. This individual must develop ties with other
top-level executives within the firm as well as field colleagues and all of this means that this kind
of man should be aware of what disaster his taking his company, and another stakeholder
mentioned is the (Director of Personnel) A career as a city's director of personnel, often known
as a human resources director, is both difficult and rewarding. Whether in a small town or a
major metropolis, the personnel director's decisions have an influence on not only the
municipality's employees, but also how the community is seen by the state government and
individuals and businesses contemplating migrating to the city, this job has a lot of
responsibilities like for managing and monitoring the human resources or personnel department's
personnel. This person is held accountable for every action made by a member of his
team[ CITATION inv21 \l 1033 ][ CITATION Chr212 \l 1033 ][ CITATION inv211 \l 1033 ]. 

3.0 What alternatives responses to the issue exist?

3.1 Kessa goes along with the request and builds the system with inadequate
security.

Starting and considering the first alternative which is ( Kessa agrees to the proposal and
constructs the system with inadequate protection. ) I will start with listing the outcomes of Kessa
agreeing to the proposal system with inadequate protection from ToyTime.

A) Outcomes:
i. Kessa will be able to do her work efficiently and in time.
ii. The money requested for the job will be given without any problems.
iii. The system built for company ToyTime will have a weak security system and will be an
easy target for whoever tries to penetrate the system and will be able to steal all the
important and sensitive information of the company.
iv. ToyTime will be at a big loss and a there will be a huge possibility of the company
closing or retiring.
v. Kessa will feel guilty for giving them the choice of how powerful the system that they
want.

3.2 Kessa refuses to build the system and abandons the project.
Now considering the second alternative which his ( Kessa refusing to build the system for
ToyTime with the least inadequate protection system. ) And now I will list the outcomes of
choosing this alternative.

B) Outcomes:

i. Kessa’s company will be at loss of losing a business deal with ToyTime, and also losing
a future business with ToyTime that could’ve been a possible thing to happen if the first
deal with Kessa’s company went well.
ii. ToyTime will be at loss of looking for another company to build their system, and not to
mention that they will also look for an inadequate system with the least security for the
cheapest price which doesn’t change the original outcome of dealing with Kessa’s
Company.
iii. Kessa’s company reputation would be damaged once the project is dumped and will give
a bad name for the company itself.
iv. Kessa will still feel bad and blame herself for giving them the thought of choosing the
level of the system protection.
3.3 Kessa tells ToyTime that her company will build in better security, but only
charge for the cheaper option.

Now considering the third alternative which is Kessa telling ToyTime that her company will be
building the system for the original cheap price decided with ToyTime.

C) Outcomes:

i. Kessa’s company will be at a big loss of building a strong system for a price that isn’t
worth the original work.
ii. Kessa will feel less guilty and will be able to do her job of protecting the company’s
sensitive information with a decent security system.
iii. Kessa’s company will gain a very good reputation and a good name between the other
companies with the same kind of work, of building the desire to build an honest
protection to company’s systems which will later bring a good outcomes and benefits for
her company.
iv. ToyTime will be at a big win of gaining a decent security protection for a cheap price all
thanks to Kessa’s favor.
v. ToyTime might come back at later years for a new system which will give Kessa’s
company a new incoming business in the future.

Answer:

The best alternative that responds to the existing issue and that give’s good outcomes for both
companies is the third alternative which is Kessa’s company building a decent security system
for ToyTime and charge ToyTime for the cheaper option.
4.0 What are the costs and benefits of each alternative?

4.1 Goes along with the request and builds the system with inadequate security.

In this case, the benefit to Kessa to build ToyTime's system is that it

would not cost her any additional money like labour costs and would save her time as she
would not have a highly secure system in place. On the other hand, the disadvantage is
that Kessa, as a company, would be uncomfortable with that specification as it is based
on the fact that it is vulnerable to hacking and other unauthorized access.

The benefit for ToyTime is that they will receive a system that meets their
requirements, as they have agreed to keep costs low and security low. On the other hand,
the disadvantage is that, due to the ease of unauthorized access, various confidential
information in the company may be leaked, and unauthorized access may result in losses
that go beyond the low cost of the system.

4.2 Refuses to build the system and abandons the project.

In this case, Kessa's expenses were reduced as she no longer had to pay for
labour and other operational costs associated with the development of this system, and
the benefit was that the security issues she was concerned about were no longer likely to
occur on her company's system. On the other hand, the disadvantage is that Kessa's
company will probably no longer be dealing with ToyTime.

The benefit of ToyTime is that they can find other system developers who
match their requirements and who may be less expensive than Kessa's company. On the
other hand, the disadvantage is that the abandonment of the development of the system
will delay the operation of the system, and if they find another system developer, they
may have the same security concerns as Kessa, or they may not accept the order.
4.3 Build in better security, but only charge for the cheaper option.

In this case, Kessa would incur an additional cost, but it would prevent
unauthorized access to the system created by her company. Another benefit is that, in the
event of unauthorised access during the operation of the system, if Kessa's company has
to take action, it will be as little hassle as possible. On the other hand, the disadvantages
are that she may not be paid for the improved security and that it may simply take more
time and effort to complete.

For ToyTime, this means that they get more security for the same
expenditure. Conversely, the disadvantage is that changes made to the specification of the
system may increase running costs and may be unnecessary if you also want to keep your
long-term budget in check.
5.0 How would the benefits and burdens be distributed for each
alternative?

5.1 Benefits for Kessa and her company:

i. Good reputation for the company.

ii. Good name among other companies with the same major.
iii. Kessa’s self-satisfaction and joy for building a secure system for ToyTime company.
iv. More future businesses with the company called ToyTime after this service.

5.2 Burdens for Kessa and her company:

i. Big loss regarding the additional fees that Kessa’s company will pay. and not enough
money paid for the work that they will do from ToyTime.
ii. Unsatisfaction between employees inside the company
iii. Delays in salaries for employees inside the company for a certain amount of time.

5.3 Benefits for ToyTime’s Company

i. A well-built system that will be able to protect its sensitive information.

ii. Future businesses with Kessa’s Company in the upcoming times.
iii. Gaining a decent security system for a cheap price.

5.4 Burdens for ToyTime’s Company

i. None.
Conclusion

In the end, protection must always be observed, because protecting the database from hacking
and from unwanted hands is the real protection for the company’s money and the public interest.
Therefore, kessa should not agree to the work of a database with weak protection because it
knows that it may display bank account numbers, employee information, their salaries and some
Other sensitive information for disclosure
References
Chron, 2021. Chron. [Online]
Available at: https://work.chron.com/job-description-director-personnel-city-government-24001.html
[Accessed 11 7 2021].

investopedia, 2021. investopedia. [Online]

Available at: https://www.investopedia.com/terms/c/ceo.asp
[Accessed 11 7 2021].

investopedia, 2021. investopedia. [Online]

Available at: https://www.investopedia.com/terms/c/cio.asp
[Accessed 11 7 2021].