Free Turnitin Report
Online Free Samples
Instant Call Back

Risk Management :- Personal and Societal Responses to Risk

Question

Select a disaster that is well documented on the web and that is in a situation or industry of interest to you. Provide relevant links etc. of all the sources you use, so that I may see the same detail that you have had access to.

The Topic 2 notes describe ten things that influence people’s perceptions of a risk (eg. voluntariness, equitability etc.). See slides 3 to 7 inclusive and, of course, study carefully the lecture on these slides and the associated notes. Read also the provided paper by Slovic (Perception of Risk).

  1. Your first task is to reflect on the application of these ideas to people affected by the disaster you have chosen. Do this considering both the people who were the victims of the case and a representative person from an organisation in control of the risk (employer/senior manager, Government department issuing development permits and approvals).
  2. Your second task is to comment on the management of this type of risk by society. To comment in a meaningful manner, you will need to study and reflect on the notes on this subject.

Answer

Part 1
Case study selection: Technology can be considered one of the most advanced sectors which are playing a he role in the sector of the life of the common people. On the other hand it can be stated that there are various type of security issue also which are playing a bigger role. The case study which is selected for the report is the target data breach. In the late 2013 and IT blogger of the security stated a big story: “Target IT system had been hacked” (Shu, Tian and Ciambrone 2017). This case study is basically selected due to the factor that it exposed the personal data of nearly 110 million customer which was one of the most comprehensive disasters in the technological field. After the event was stated after that target issue a video of the event which was basically involved so that the people would be having a clear idea of the event.

The main focus point of the report is to take into consideration the different aspects which are involved into the event taking into consideration their impact on the people as well as the organization. The main focus point which would be discussed in the report is the technical aspect of the event (data breach) from the point of view of the internal and external working relating to the aspect.

Influence of perception
Imposition: The case study which is selected which is the data breach of the Target Corporation is not only the sector of emphasis which can be stated here. It can be said that there are many similar types of event which takes place which directly affect the life of the common people. It is majorly seen that this type of breaches put forward a mentality from the end of the user that they do not trust the concept of the technology (Garner 2017).

Voluntariness: The investigation voluntariness which was involved in the event of the case study were the insight partners, DELL secure works, state secret service and many other small bodies of investigation (Manworren, Letwat and Daily 2016). The main prospective of the investigation was the analysis sector of the malware which was included into the event.

Equitability: Taking into consideration the case study it can be stated that these type of event brings a thought into the mind of the people towards the effectiveness of the existing mechanism of the security which are exposed in recent times (Baker et al. 2017). In the payment eco system it can be stated that it imposes a major threat relating to the credit card breach.

State of knowledge proximity: The proximity of the data breach which are related to the card holders have different types of loop holes in the aspect of the security practices and the techniques. These loop holes in the security majorly impact the sector of the breaches which are held online in the domain of the credit and debit card peripherals.

Time: The network and the target of the Target Corporation were breached in the month of November and December in the year 2013. In the same duration of time it can be stated that there were other security breaches also majorly a number which is 568. In some cases it is seen that the impact of an event can be considered directly proportional to the exposure of the activity relating to time duration. As seen in the case study the exposure of the time was increased to the lack of the dedication the field of implication.

Extreme value: The breach which is discussed in the case study has an extreme value due to the factor that it affected both the legal and the technical aspect. The loss of the data which is seen can be an extreme loss for the user as personal details can be easily used by the breaches. The technical aspect which was involved into the scenario was not up to the mark which helped the breach to be more prominent (Manworren, Letwat and Daily 2016).

Dread: The main aspect which can be stated here is that the data of the user would be directly involved into the process. The data in this scenario can be personal information of the user which is lost or accessed by some other person can be a big loss for the users. In most of the cases the data which is accessed are used by the third party for the involvement of any unethical practice for their own benefit

Unknown: The attachment of the event was the major discussion of the analysis of the involvement of the malware which basically explains how the flaw in the network of the target were directly exploited. The main factor which can be stated relating to the event is that how the event of the breach was not discovered for weeks after the actual event had undertaken. The Target breach is still now under investigation and there were no arrest which were made in the event, this is due to the factor that who is actually responsible for the event is still unknown.

target data breach

Numbers affected: The main result of the incident was about 40 million card holders and 70 million personal records were stolen. After the event took place there were multiple parties who focused on the investigation of the event which had occurred (Jepsen et al. 2015)

Part 2
Management of risk: There can be different types of aspects and implication which can be done in order to manage the risk factors which are involved into the process. Risk factors are sometimes very much inevitable and are reinforced in different scenarios. It should be always taken into consideration that the mitigation of the risk factors should be the first priority due to the reason that they should be possess threat to the people who would are involved into the activity. Few of the steps which can be followed in order to mitigate the risk factors which are stated in the case study are stated below:

  • Acknowledgment of the breach: In most of the cases it is seen that an organization does not communicate the risk factors which are involved in an event. On the other hand those organization who conducted the public awareness were left embarrassed due to the factor that later on they founded out that the event of the breach was more bigger and had a large type of impact on the society (Sen and Borle 2015)
  • Decision making capability: In most of the cases it is seen that when a breach event takes place the organization head (for example the managers) do not take proper decision in order to mitigate the factors of the risk. It should be taken into consideration that when an event of takes place instant solution to the problem should be incorporated. One of the strategy which can be implemented in this cases is that a backup should be kept which would be imposed when the event would be taking place.
  • Lesion learnt: When a breach is taking place the root cause of the event should be considered as one of the most vital factors in this field. In most of the cases it is seen that root cause of the event is not taken into consideration, this should be done due to the future precaution measure. This implies that the event would not be taking place in the near future.
  • Failure of policy: Most of the organization state that they have a good set of policies which are predefined into the internal as well as external working of the organization. In most of the cases data breach occur due to the lack in the implication of the policies. The policies can be stated to be playing a very vital role and it should be the role of the manger or the higher authority to take into consideration the aspects so that it frames a type of precaution measure (Teuteberg et al. 2015).
  • Role of head: The role of the head of the organization can also be considered as one of the most important role which can be very much helpful in the mitigation of the risk which are involved into the organization. In most of the cases it is seen that the code of conduct which is held by senior members helps the other members in the team to recover from the factors of the risk at a less time framework. Helping the formulation of the team is an important degree of the mitigation of the risk factors in recent times.

References
Ablon, L., Heaton, P., Lavery, D.C. and Romanosky, S., 2016. Consumer attitudes toward data breach notifications and loss of personal information. Rand Corporation.

Baker, W., Goudie, M., Hutton, A., Hylender, C.D., Niemantsverdriet, J., Novak, C., Ostertag, D., Porter, C., Rosen, M., Sartin, B. and Tippett, P., 2017. 2017 data breach investigations report. Verizon RISK Team, Available: www. verizonbusiness. com/resources/reports/rp_databreach-investigationsreport-2011_en_xg. pdf, pp.1-72.

Garner, R.L., 2017. Evaluating Solutions to Cyber Attack Breaches of Health Data: How Enacting a Private Right of Action for Breach Victims Would Lower Costs. Ind. Health L. Rev., 14, p.127.

Greene, C. and Stavins, J., 2017. Did the Target data breach change consumer assessments of payment card security?. Journal of Payments Strategy & Systems, 11(2), pp.121-133.

Jepsen, J.R., Zhao, Z. and van Leeuwen, W.M., 2015. Seafarer fatigue: a review of risk factors, consequences for seafarers’ health and safety and options for mitigation. International maritime health, 66(2), pp.106-117.

Kashmiri, S., Nicol, C.D. and Hsu, L., 2016. Protecting Retailers Against Contagion: Exploring the Shielding Role of Marketing in the Negative Spillover of the Target Customer Data Breach. In Celebrating America’s Pastimes: Baseball, Hot Dogs, Apple Pie and Marketing? (pp. 309-309). Springer, Cham.

Lee, K., Lee, K., Kim, H., Suh, C. and Ramchandran, K., 2018. SGD on Random Mixtures: Private Machine Learning under Data Breach Threats.

Lee, K., Lee, K., Kim, H., Suh, C. and Ramchandran, K., 2018. SGD on Random Mixtures: Private Machine Learning under Data Breach Threats.

Romanosky, S., Hoffman, D. and Acquisti, A., 2014. Empirical analysis of data breach litigation. Journal of Empirical Legal Studies, 11(1), pp.74-104.

Romanosky, S., Telang, R. and Acquisti, A., 2011. Do data breach disclosure laws reduce identity theft?. Journal of Policy Analysis and Management, 30(2), pp.256-286.

Sen, R. and Borle, S., 2015. Estimating the contextual risk of data breach: An empirical approach. Journal of Management Information Systems, 32(2), pp.314-341.

Shu, X., Tian, K. and Ciambrone, A., 2017. Breaking the target: an analysis of target data breach and lessons learned. arXiv preprint arXiv:1701.04940.

Teuteberg, J.J., Slaughter, M.S., Rogers, J.G., McGee, E.C., Pagani, F.D., Gordon, R., Rame, E., Acker, M., Kormos, R.L., Salerno, C. and Schleeter, T.P., 2015. The HVAD left ventricular assist device: risk factors for neurological events and risk mitigation strategies. JACC: Heart Failure, 3(10), pp.818-828.

Valecha, R., Bachura, E., Chen, R. and Rao, H.R., 2016, December. An Exploration of Public Reaction to the OPM Data Breach Notifications. In Workshop on E-Business (pp. 185-191). Springer, Cham.

Weiss, N.E. and Miller, R.S., 2015, February. The target and other financial data breaches: Frequently asked questions. In Congressional Research Service, Prepared for Members and Committees of Congress February (Vol. 4, p. 2015).

Submit Your Risk Management Assignment


Amazing Features

  • Plagiarism Free Work
  • Lowest Price Guarantee
  • 100% Money Back Guarantee
  • Top Quality Work
  • On Time Deliver
  • 24 x 7 Live Help




AU ADDRESS
9/1 Pacific Highway, North Sydney, NSW, 2060
US ADDRESS
1 Vista Montana, San Jose, CA, 95134
CONTACT

+61-3-9005-6676

EMAIL
support@totalassignment
help.com