Posted: April 25th, 2025

discussion

Data protection within an organization encompasses not only the network and IT system but the personnel. Practicing proper data protection involves the entire company’s employees in being proactive and aware of their actions. Describe some of the issues that could exist if a company doesn’t practice proper data protection.

In response to your peers, identify some of the strategies or tools that could be used to help remediate the issues your peers identified in their initial posts.

To complete this assignment, review the

Discussion Rubric

.

RESPONSE ONE

Practicing proper data protection within an organization can look like many things. This starts with security awareness and ensuring that all employees understand the implications of what can happen if they are not serious about security. Security for an employee is having strong passwords, protecting sensitive information via encryption, and updating their systems regularly. Along with these keeping usernames and passwords private, changing passwords regularly, keeping safe backups of important data, and being mindful of where installations are coming from to ensure they are not malicious. This can be taught through training provided by the company that focuses on security and what can happen when it isn’t taken seriously. Although this may seem like a lot of work, it is nothing compared to what can happen when a company doesn’t practice data protection.  

When data is left unprotected, many things are at risk. Confidential data, the integrity of the business, and the availability of resources are all put at risk. Data breaches can cause problems that a business will have to deal with for years to come. Financial and legal trouble can come when sensitive data is exploited. It costs money to fix the security infrastructure and make sure that systems can’t be breached repeatedly. If HIPAA for example is broken due to a breach at a medical records organization, there could be legal fees and lawsuits in order. The reputation of an organization is looked upon negatively when data is breached, especially when they are supposed to be keeping data private and out of the hands of anyone, let alone someone with bad intent. Lastly, leaving data unprotected puts it at risk for cybercriminals to gain access to highly sensitive personal information, which is detrimental to not only the company but the individuals whose information was put at risk. Overall, there are many negative outcomes that come out of data being left unprotected. These breaches can take time to fix, and it can take time for business reputation to go back to normal. It is crucial that in the workplace we take security seriously from an employee standpoint.  

RESPONSE TWO

First, without strong data protection, a company is at high risk for financial loss due to data breaches. Financial loss can result from lost revenue from clients who no longer trust them as well as intellectual property leaks. There can be other costs such as settlements and compensation payouts. Meta (Facebook) was fined $1.3 billion in 2023 and Chinese firm Didi Global was fined nearly $1.2 billion in 2022 for violations of law (Sharma & Hill, 2024).

Second, weak data protection measures expose the company to legal issues, both criminal and civil. Failing to comply with industry regulations, particularly in finance and healthcare, can result in severe fines, lawsuits, and potential criminal penalties. While I’ve already mentioned financial loss, it’s worth reiterating here and also underscoring potential criminal prosecution that affects individuals. One glaring example of this is HIPAA, with possible annual penalties of over $2 million for willful neglect and one to ten years in jail for intentional disclosures (What are the Penalties for HIPAA Violations?, n.d.).

Third, poor data security practices can lead to reputational damage. Organizations depend on partnerships, whether it’s customers, suppliers, or other business partners. A data breach or insider threat incident can harm the company’s image, causing them to stop doing business altogether. Again, this relates back to financial loss and the ability of an organization to continue to function.

To briefly touch on the technical implications of not practicing data protection, we would observe things like a lack of data encryption, insufficient access controls, and untrained personnel. An audit might reveal unpatched systems and applications, inadequate monitoring, and a general lack of effective configuration management practices.

Undergraduate

Discussion Rubric

Overview

Your ac�ve par�cipa�on in the discussions is essen�al to your overall success this term. Discussion ques�ons will help you make meaningful connec�ons between the course content and

the larger concepts of the course. These discussions give you a chance to express your own thoughts, ask ques�ons, and gain insight from your peers and instructor.

Directions

For each discussion, you must create one ini�al post and follow up with at least two response posts.

For your ini�al post, do the following:

Write a post of 1 to 2 paragraphs.

In Module One, complete your ini�al post by Thursday at 11:59 p.m. Eastern.

In Modules Two through Eight, complete your ini�al post by Thursday at 11:59 p.m. of your local �me zone.

Consider content from other parts of the course where appropriate. Use proper cita�on methods for your discipline when referencing scholarly or popular sources.

For your response posts, do the following:

Reply to at least two classmates outside of your own ini�al post thread.

In Module One, complete your two response posts by Sunday at 11:59 p.m. Eastern.

In Modules Two through Eight, complete your two response posts by Sunday at 11:59 p.m. of your local �me zone.

Demonstrate more depth and thought than saying things like “I agree” or “You are wrong.” Guidance is provided for you in the discussion prompt.

Discussion Rubric

Criteria Exemplary Proficient Needs Improvement Not Evident Value

Comprehension Develops an ini�al post with an

organized, clear point of view

or idea using rich and

significant detail

(100%)

Develops an ini�al post with a

point of view or idea using

adequate organiza�on and

detail (85%)

Develops an ini�al post with a

point of view or idea but with

some gaps in organiza�on and

detail (55%)

Does not develop an ini�al

post with an organized point of

view or idea (0%)

40

Timeliness N/A Submits ini�al post on �me

(100%)

Submits ini�al post one day

late (55%)

Submits ini�al post two or

more days late (0%)

10



10/30/24, 10:53 AM Undergraduate Discussion Rubric – CYB-250-15105-M01 Cyber Defense 2024 C-6 (Oct – Dec)

https://learn.snhu.edu/d2l/le/content/1748997/viewContent/36623160/View 1/2

https://app.readspeaker.com/cgi-bin/rsent?customerid=9568&url=https%3A%2F%2Flearn.snhu.edu%2Fcontent%2Fenforced%2F1748997-CYB-250-15105.202486-1%2FUndergraduate%2520Discussion%2520Rubric.html&lang=en_us&readid=d2l_read_element_1

Criteria Exemplary Proficient Needs Improvement Not Evident Value

Engagement Provides relevant and

meaningful response posts

with clarifying explana�on and

detail (100%)

Provides relevant response

posts with some explana�on

and detail (85%)

Provides somewhat relevant

response posts with some

explana�on and detail (55%)

Provides response posts that

are generic with li�le

explana�on or detail (0%)

30

Wri�ng (Mechanics)

Writes posts that are easily

understood, clear, and concise

using proper cita�on methods

where applicable with no errors

in cita�ons (100%)

Writes posts that are easily

understood using proper

cita�on methods where

applicable with few errors in

cita�ons (85%)

Writes posts that are

understandable using proper

cita�on methods where

applicable with a number of

errors in cita�ons (55%)

Writes posts that others are

not able to understand and

does not use proper cita�on

methods where applicable (0%)

20

Total: 100%

10/30/24, 10:53 AM Undergraduate Discussion Rubric – CYB-250-15105-M01 Cyber Defense 2024 C-6 (Oct – Dec)

https://learn.snhu.edu/d2l/le/content/1748997/viewContent/36623160/View 2/2