preview

Zara Case Analysis

While the Federal Trade Commission has data security guidelines there is some significant room for improved regulations. The one regulation that is relevant to all companies is that they must meet cyber security compliance requirements. The FTC has the ability to charge companies for poor security practices, especially those that put consumers in danger. In order for Zara to prevent a FTC cyber security action lawsuit they must enact this incident response plan. The components of this plan include all of the compliance measures, which can avoid lawsuits similar to those faced by Zara’s competition. Retail companies are at risk to cyber incidents just as much as other industries. The size of Zara puts even more employees and customers at risk.…show more content…
Preparation is focused around stopping incidents before they occur. To reduce the likelihood of a cyber incident at Zara the company must have certain preparations in place to protect their network and systems. If the best security practices are implemented all those who need to understand the incident response plan will be ready to act and have access to all the resources they need. First and foremost, Zara will hire a Chief Information Security Officer (CISO) to establish and manage all internal security policies. Zara currently does not have this position or anything similar to it. Once the CISO position is created and filled, the CISO will hire or appoint employees for the primary and distributed incident response teams. Preparation can be broken down into two categories, prevention and business continuity. Prevention focuses on activities important prior to an incident, including security efforts such as internal security policies, employee training, systems protection, and protection for hardware and software (Motta, 14). When employees are properly trained and security measures are in place attacks and/or incidents are less likely to occur because there will be fewer…show more content…
This can occur through software or an employee. “If your defenses can disrupt the early stages of these attacks, you are in a far better position to minimize the damage or cause the intruder to go elsewhere” (O’Dell, 71). In general the issue must be brought to the attention of the Chief Information Security Officer. They will be able to determine if the incident is in fact a cyber security concern, severity, scope, and type. When a cyber incident occurs, the specifics of that incident must be identified in order to accurately response. There needs to verification exactly what occurred, who/what was the attack source, how long it took to detect, what damages and/or losses have already occurred, and what potential damages can still happen if no action is taken. Another goal of identification is to discover what vulnerabilities and attack vectors, internal and/or external, were targeted. It is very important to fully understand the impact to operations, legal, customers, human resources, physical security, partners, and law enforcement. There should be significant documentation of all of the identification steps. This documentation will be helpful in the analysis process and for potential legal matters after the fact. The Chief Information Security Officer will be responsible for declaring the incident and the Incident Response Team will implement the incident response plan. All of the resources necessary to complete the IRP
Get Access