Question

Make a 10-minute presentation and argument to the rest of the class in support of an organization deciding not to self disclose suspicious activity it has discovered.

Answer 1

An organization always perform regular security auditing,to identify whether the system is secured or not,they keep on launching bug bounty programmes to identify bugs in the system. The most important aspect of organization is to focus on loopholes and vulnerability that there system might have.

In 20th century ,because of Advent of internet the new form of crime know as "Cyber crime" has emerged.out there when we transmit message on unreliable communication network there may be a malicious attackers trying to intercept our communication and may get illegal access to confidential data. Confidential information in now a days world is no less than real money.Designs of organizations product,there stakeholders information,there future policies,their investment and many other aspects needs to stay confidential,but if entire data is hacked or leaked by malicious attacker then it may even lead an organization so as to go bankrupt.

Multiple security attacks may include:

Spyware's attack(spyware is used to get confidential information)

Virus and Trojan attack(virus corrupts entire system leading to inefficient performance)

Denial of service attack(Makes system slow and incapable to respond to user's request thus defaming an organization)

Eavesdropping(Intercepting the data packet and getting access to confidential information)

SQL injection (malicious attacker try to access the database)

And many more

If an organization comes to know about a vulnerability or loophole which might be exploited by attacker ,it's better they don't disclose it as the disclosure or spread of information outside may lead an organization to compromise it's Confidentiality.Inspite of multiple security mechanisms and measures which are adopted by organization,system can never be free from loop-holes ,hence it becomes necessary in these types of issue to report directly to internal cyber security team of organization and get that loophole fixed.organization can also try to find out how many times previously that loop hole has been exploited and can identify those who exploited it,so as to lodge a criminal case against them.

Thereown internal cyber security team can identify those who have exploited loophole and may ask them about how they discovered that loophole.They may also try to enquire from them about existence of any other loophole they know and thereby can enhance security of their system .

Hope this helps in your presentation and supporting the topic about nondisclosure of malicious activity,please do specify types of security attacks that I have mentioned above, in your presentation. All the best for your presentation,do well!!

Please Up-Vote if you find this answer/information helpful !!