Critical analysis needed 1
Class,
I'm providing a recently example of a critical analysis written by Dr. Valorie King. This example is based on the 1st case study for this class, CSIA 350.
I think most of you have a good idea of what's required for the case studies, but use the information as you need. I will continue to grade appropriate.
A Critical Analysis (CA) is a discussion response that has an introductory paragraph, an analysis section (around 3 paragraphs or so), and a brief summary. For Case Study #1, a really good CA would have looked something like this:
There are many reasons why a business should invest in cybersecurity products and services. In [her / his] essay, [student name] addressed ethical principles which drive such investments. While ethics are important, the business needs and requirements for IT security must also be considered. In this critical analysis response, I would like to take a deeper look at three important points which drive businesses to invest in IT security.
First, consider the question of the Business Benefits of IT Security products and services. Businesses exist to make a profit (Vitez, 2016). Making a profit requires that losses and unnecessary costs be avoided. This is where the business benefit of IT security products comes into play. An anti-virus product can prevent a malware infection (Drew, 2011). Spending some money to buy an anti-virus product to prevent malware will save money in the long run since the business will not have to pay to cleanup malware infections on laptops, workstations, and servers.
Second, consider the question of Why an organization should invest in IT security technologies. This is very similar to the first question. But, in addition to the financial benefits (cost avoidance) there are also legal and regulatory reasons why an organization should invest in IT security technologies (Smedinghoff, 2005). Many laws require that companies use encryption to protect private information (HIPAA, FERPA, etc.). This is an IT security technology that a company may be legally required to purchase (invest in).
In summary, there are many reasons why a business should invest in IT security and why those investments should include both people and products (technologies). But, the bottom line is that a business needs to make a profit to stay in business. Investing in IT security products is an important part of protecting profits and avoiding unnecessary costs.
References
Drew, J. (2011, August 30). The benefits of having anti-virus protection. TopTenReviews. Retrieved from http://anti-virus-software-review.toptenreviews.com/learning-center/the-benefits-of-having-anti-virus-protection.html
ISACA. (2009). An introduction to the business model for IT security. Retrieved from http://www.isaca.org/knowledge-center/research/documents/introduction-to-the-business-model-for-information-security_res_eng_0109.pdf
Smedinghoff, T. (2005, November). The new law of information security: What companies need to do now. The Computer and Internet Lawyer Journal, 9-25.
Vitez, O. (2016). What are the effects of profit or loss in a business organization? Houston Chronicle. Retrieved from http://smallbusiness.chron.com/effects-profit-loss-business-organization-824.html