Running Head: CIGO 1
Introduction
I have been selected as the Chief Information Governance Information Officer (CIGO) at Apple Company to develop a policy to promote secure data transmission and protect the enterprise and its customers from the vulnerable to cyber-attacks. Apple Company stores transmit sensitive information and handle large sums of money, which are at risk of increasingly sophisticated cyber-attacks (Kangyi, 2021). The damage that can be caused, both in terms of financial losses and damage to reputation, means that it is vital that companies take appropriate measures to protect their information.
Like many other companies in the electronic industry that hire and endorse the position of a CIGO, the company found it fit to hire me to assess the cyber-attack vulnerability and provide recommendations to the necessary authorities. One key role is that of the Chief Information Governance Officer (CIGO). As a CIGO, I am responsible for ensuring that all the processes are secure and that the organization complies with relevant legislation when ensuring the privacy of its data system. The other significant role is to ensure that the company’s community is protected from cyber-attacks. It is also in the customers’ interests that the company takes appropriate action to protect its information.
Based on the assessment provided by the executive, the company faces many technical and managerial challenges that create vulnerability to its sensitive data. One challenge is that the company still stores much of its data in hard copy. Information stored in hard copy is prone to theft, misplacement, and tearing, thus erasing critical information that can use during decision-making. Although the company has started to collect its data in electronic format, they lack a technology that fully protects the information. For instance, storing data in the file shares create security vulnerability since the technology is not compatible with advancing Firewall software,
The other challenge is storing information in a relational database without policies and systems to monitor the administration. The duplication issue can overwhelm the system, leading to the database’s crash and losing data without any chance of recovery (Mullon & Ngoepe, 2019). In business, managers always need to plan for the future. The most successful companies plan, set goals, and take responsibility for achieving those goals. However, some businesses do not plan. A business that does not have policies to address the management of data, business, or customers, is at a disadvantage.
Therefore, the main challenge of handling customers and data and leveraging social media with considering the legal issues or adaptive policies that govern other organizations is risky. Apple Company will likely lose considerable finances due to legal or financial penalties from the oversight authorities. The other main challenge is that the reputation of Apple Company will be tinted.
Establishing the policies based on the established legal regulations will enable Apple Company to know the firm or a person to consult during a data breach. The enterprise will not be able to respond to threats during a data breach. Apple Company is at risk of losing customers upon the realization that the company does not well safeguard its data. The business will risk losing employees who are not given the platform to advance their technical knowledge like other big enterprises.
In today’s business environment, companies must respond to changes in laws, technology, customer expectations, and competition (Agrawal & Alharbe, 2019). Business leaders and managers should create plans that prepare for “what if?” situations. The managers of a company that does not have policies to address the management of data, business, or customers are at risk of losing customers and money. There are several ways in which Apple Company can protect the information that they store. For example, they may encrypt data before it is sent over the internet or store it only on computers with strong firewalls. Companies can also take other steps to protect themselves. These include having clear guidelines and procedures for detecting and dealing with security.