Question

FinTechCo Case Study Company Overview FinTechCo is a medium-sized financial services company comprising of 45 employees...

FinTechCo Case Study

Company Overview

FinTechCo is a medium-sized financial services company comprising of 45 employees with an annual revenue of $10 million. It has approximately 1000 customers comprising of private individuals and small companies.

FinTechCo’s mission is to provide financial services and advice to its clients, to sell various products and services and offer consultation guidance regarding the information systems that support them.

Problem Statement

FinTechCo’s technical team were originally qualified financial planners who transitioned into technical roles and built their skills through ‘on-the-job’ learning. They are well-skilled in supporting and maintaining the information systems and related technology, however do not have proficiency in cybersecurity.

The Managing Director Fiona Teoh and the Senior Leadership Team are concerned about the vulnerabilities of their outdated security systems and increasing exposure to cybercrime.

FinTechCo currently has an Intrusion Detection System (IDS) which is a “passive system that scans traffic and reports back on threats.” The system was installed by an external company which has since ceased operations. In addition, it has now become apparent that the organisation’s network is being bombarded with countless daily attacks, and a more active cybersecurity system is required.

The IT manager, Kal Karmacharya recommends a third-party vendor to develop the new system as he believes their current in-house expertise is inadequate. However, the Managing Director does not have sufficient budget to engage an external vendor and firmly expresses the following to Kal:

“All IT people know everything there is to know about this industry. Therefore, your IT team are suitably skilled to deliver this project”[A1].

Kal thought to himself “Well, she is the Managing Director, so she must be right” [F1].

As a consequence, Kal and his IT Team were assigned and given full responsibility to plan, design, implement, test and ultimately deliver the proposed system.

Proposed Solution

Fiona Teoh and the Senior Leadership Team have requested the implementation of a new Intrusion Detection and Prevention System (IDPS) to automatically defend their network and reduce the need to individually investigate suspicious activity on a daily basis. The new IDPS will monitor network traffic, detect malicious activity, send alerts to security administrators, and take the required action to stop the attack.

Recommendations

Kal and his IT Team facilitate a brainstorming workshop with key stakeholders of FinTechCo to gather information and system requirements.

During the workshop Kal asked the stakeholders “What system requirements and functionality would you like to see in the new system?”

Stakeholder response 1: “Why do you want to change the security system? I didn’t know you were deeply suspicious of us and our clients!” [F2]  

Stakeholder response 2: “This new system will be a terrible security system. The last time we upgraded our system, we recorded our lowest profit ever.” [F3]  

Stakeholder response 3: “I think a system requirement should be focused on speed. It should respond reasonably quickly and refresh data frequently.” [F4]  

Stakeholder response 4: “I personally think the old system and its performance is good enough. I don’t think Senior Management should be worried about all the reviews, statistics and articles warning of increased cybersecurity attacks.” [F5]   

Stakeholder response 5: “All cybersecurity products made by Cisco are likely to be good. Cisco have 22 models of IDPS available. Cisco’s Firepower Next-Generation IPS (NGIPS) has embedded security intelligence and Advanced Malware Protection, so it should be a good product to use.” [A2]   

Conclusion

Kal and his IT Team, disregarded the concerns raised by the stakeholders and moved forward with the purchase and implementation of a low-cost IDPS product from a lesser-known vendor. In addition, their inadequate experience and knowledge led to multiple errors when integrating their existing technology with the new system. Kal and his IT team failed to meet the intended goals of minimising vulnerabilities and exposure to cybercrime.

Question

The Australian Computer Society’s (ACS) Code of Professional Conduct upholds the following core values:

1. The Primacy of the Public Interest

You will place the interests of the public above those of personal, business or sectional interests.

2. The Enhancement of Quality of Life

You will strive to enhance the quality of life of those affected by your work.

3. Honesty

You will be honest in your representation of skills, knowledge, services and products.

4. Competence

You will work competently and diligently for your stakeholders.

5. Professional Development

You will enhance your own professional development, and that of your staff.

6. Professionalism

You will enhance the integrity of the ACS and the respect of its members for each other.

Analyse the actions of the IT Manager, Kal Karmacharya and his IT team.

  1. Identify one core ethical value from ACS’s code of ethics that was not upheld. [1 mark]

Read the in-depth definition of your chosen core value https://www.acs.org.au/content/dam/acs/rules-and-regulations/Code-of-Professional-Conduct_v2.1.pdf

  1. Give two specific examples of how Kal and his IT team did not abide by these values and suggest what they should have done to prevent these breaches from occurring. (at least 2 sentences) [4 marks]

Homework Answers

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
Case Study: Larson Property Management Company. Larson Property Management Company is one of the largest property...
Case Study: Larson Property Management Company. Larson Property Management Company is one of the largest property management companies in California, with more than 1,000 employees. The company provides a full array of commercial management and development services. These activities include complete management services for commercial office and retail buildings and apartment complexes; construction, repair, and maintenance of commercial properties; and financial management and billing services for commercial real estate clients. The company has experienced significant expansion over the past five...
Case Study: Position Description and Specification for an HRIS Administrator One way to assess the nature...
Case Study: Position Description and Specification for an HRIS Administrator One way to assess the nature and importance of a particular function or position in an organization is to examine the job description and job specifications for this position, as they tell us what activities, duties, and tasks are involved in the job as well as what knowledge, skills, and abilities (KSA) are required to perform the job. The following is an actual advertisement for an HRIS administrator. A large...
Case Study: Position Description and Specification for an HRIS Administrator One way to assess the nature...
Case Study: Position Description and Specification for an HRIS Administrator One way to assess the nature and importance of a particular function or position in an organization is to examine the job description and job specifications for this position, as they tell us what activities, duties, and tasks are involved in the job as well as what knowledge, skills, and abilities (KSA) are required to perform the job. The following is an actual advertisement for an HRIS administrator. A large...
You have recently been hired by a new Japanese accounting firm, headquarter in Tokyo, as the...
You have recently been hired by a new Japanese accounting firm, headquarter in Tokyo, as the director of Information Systems and Telecommunications. Your assignment is to assist security posture of the firm and develop a security structure for this new company. Write your recommendations and reasons to the firm’s CEO. The firm has 600 employees in Tokyo, 50 in Houston, and is planning to open two branch offices in India and California. Ten accountants will be hired at each site....
The questions to answer regarding the case material are as follows: Company overview . How the...
The questions to answer regarding the case material are as follows: Company overview . How the company uses its own products or services to enhance the total compensation for its employees. The internal strengths and weaknesses you identified and how the company responded to these factors from a total rewards perspective. The external opportunities and threats you identified and how the company responded to these factors from a total rewards perspective. Examples of traditional and non-traditional rewards and how they...
Project Management Fundamentals Questions Only A project team is discussing the benefits and drawbacks of working...
Project Management Fundamentals Questions Only A project team is discussing the benefits and drawbacks of working on projects within their organization now that it has become project-oriented. They can agree on many advantages for the team and for the organization, but also agree there are some drawbacks, relative to the strong matrix structure the organization used to have. In a project-oriented organization the project team: ANSWER Will not always have a "home" Reports to the functional manager Has no loyalty...
Case Study Read the case study given below and answer all the questions that follow. SONY...
Case Study Read the case study given below and answer all the questions that follow. SONY : High Quality and Technological Innovation introduction Throughout the 20th century, the pace of technological advancement has increased dramatically. The digital revolution, now upon us, will see further massive steps forward. This case study looks at the ways in which Sony has been able to stay at the leading edge of the new technologies. Sony Corporation is the leading manufacturer of audio, video, communications...
The project has been performing as planned, and the team members have been exhibiting increasing levels...
The project has been performing as planned, and the team members have been exhibiting increasing levels of trust between each other. The sponsor and the buyer have been satisfied with the delivery of business value, and user acceptance testing results are positive. A technical expert consulting with the team has expressed concerns that the team is not in agreement on the best way to deliver to the next review. If the project manager wants to support the team in reaching...
Funding an IS project through a Chargeback method involves: Pricing the IS service out for the...
Funding an IS project through a Chargeback method involves: Pricing the IS service out for the customer buying the end product Direct billing by the firm for IS resources or services to the department that uses them Direct billing by the manager of a function for IS resources or services to an employee that uses them An accounting process that reduces tax liability for capital investments All of the following are attributes of considering IS costs as Overhead except the...
CASE STUDY – Jacobson Carpet Company In January 2002, Ms. Mary Lewis was preparing to meet...
CASE STUDY – Jacobson Carpet Company In January 2002, Ms. Mary Lewis was preparing to meet with Mr. Carpenter, President of Jacobson Carpet Company. Ms. Lewis assumed that the meeting was related to the recent Board of directors of the company. As a direct assistant to the President, she knew from experience that this type of meeting often resulted in a project to be studied. Her expectation was confirmed as soon as Mr. Carpenter began to inform her of the...