1. Do you agree or disagree with the author's assertions
regarding seasonal employees and cybersecurity risks in the
workplace? Why?
Bonderud (2016) stated that businesses that operate
using seasonal employees may have an increased risk of having
their cyber security efforts compromised. There are a few reasons
as to why this is the case, and I do agree that seasonal
employees may exacerbate cyber security risks in the workplace.
simply put, seasonal employees only work for a business for a
short period of time, meaning that they likely are not getting the
same comprehensive training and education that full-time
permanent employees receive. They are given a more skeletonized
form of training, as they are only temporary workers, meaning
that cyber security training may not be considered, putting forth a
greater cybersecurity risk for businesses. At the same time, with
dozens of employees coming and going as the seasons change,
there is more of a risk of both business and consumer data being
compromised, as that data could very easily be displaced or end
up in the wrong hands as it is bounced around. It is even possible
that some seasonal employees feel animosity toward their
workplace, meaning that they may be more likely to engage in
risky behavior or try to compromise the business. Some seasonal
employees are also highly careless since the job may not be much
to them, and that carelessness could also compromise private
data and put cyber security at risk.
2. What steps can (should) managers take to reduce security
risks associated with hiring seasonal or temporary employees?
(Consider whether or not the Secure Computer User training
course would be appropriate for these employees.)
Luckily, there are a few steps that managers can, and
should, take in order to reduce security risks that are associated
with hiring seasonal or temporary staff. The most important step
that management should take involves incorporating cyber
security training into the onboarding process, as well as
incorporating pertinent security guidelines and expectations into
the employees’ responsibilities (Coranet, n.d.; Bonderud, 2016).
Not only should employees be aware of what actions could lead
to security risks, they should also be trained on the appropriate
protocols to ensure data privacy and cyber security protection.
Furthermore, they should also be educated on the severe
penalties that should be introduced if security is somehow
compromised, such as due to carelessness. When employees
recognize that cyber security is nothing to mess around with,
coupled with the understanding that they could face severe
sanctions for failing to abide by cyber security protocol, they may
be more likely to maintain higher security standards. Managers
need to also make sure that they are fostering a positive and
productive environment, when that views the seasonal and
temporary workers the same as the full-time workers.
Organizational culture should also value security and privacy.
Secure Computer User training may be helpful in providing a
framework by which the employees can learn about computer
safety so that these values pertaining to integrity, confidentiality,
and security can be maintained.
There will always be some employees who do not
follow the rules and remain careless or malicious. Because of that,
managers should also make sure that there are strict protocols
into place to make sure data does not end up in the wrong hands
(Coranet, n.d.). Data should be highly restricted, to which methods
such as role-based access and authorization should be put into
place so that only the people who need to access that
information are able to (Bonderud, 2016). Additional security
means, such as firewalls, alert detection systems, and similar
should be incorporated to secure a strong security infrastructure.
It may even be necessary to hire a security guard. Even if all of
these methods are put in place, though, cyber security risks are
still present, meaning that managers should create a legal
backbone for themselves, such as by having employees sign
nondisclosure agreements or similar legal documents.
3. How can managers show leadership in the area of
cybersecurity defenses and best practices?
Managers can demonstrate leadership in the area of
cyber security defenses in best practices by spearheading
initiatives and implementing innovative ideas that align with the
goals, values, vision, and objectives of the organization, as well as
the needs and expectations of customers. By introducing and
recommending security protocols, both business and consumer
data can be better protected, and the organization can be more
productive and successful (UMGC, n.d.). Leaders need to also
know how to develop and implement business strategies that
reflect cyber security and the support of data integrity. Managers
must also be able to show that they can influence others to
adapt values pertaining to maintaining confidentiality, protecting
consumer and business data, and following cyber security
protocols.
References
Bonderud, D. (2016, November 2). Seasonal Employee Security
Risks: Present Danger, Proactive Defense.
Security Intelligence
.
https://securityintelligence.com/seasonal-employee-security-risks-
present-danger-proactive-defense/
Coranet. (n.d.). An Integrated Cybersecurity Strategy: Policies,
People, Processes, and Technology. Retrieved 17 March, 2022,
from, https://www.coranet.com/integrated-cybersecurity-strategy/
UMGC. (n.d.). Why do Businesses Need Security? Retrieved 17
March, 2022, from,
https://learn.umgc.edu/d2l/le/content/629864/viewContent/25216
539/View
