The Subtle Balance And Trade-Offs In Cyber Security (Part 2)

Last week we looked at the cyber trade-offs that businesses have to make as they enter online market. We paid particular attention to the balance between cybersecurity for businesses balanced against usability for the customer. Today, we will look at cost and privacy trade offs.

Security vs. Cost

The question in Cyber security is not that of cost since it is a presumed variable to the equation. Companies now must think of the price associated with the development or integration of the control itself (for example, the cost of a firewall) as an investment in the core business of the company. Cyber security has now become a core function for businesses.

Security vs. Privacy

Privacy trade-offs have also been necessary as the balance has proved delicate. Confidentiality, integrity, and availability of data are the major considerations as far as data safety goes. The correct balance of these three principles will require tempering of each concept to enable the other concepts be effective.

Most businesses have therefore ended up creating solutions which are either focused more on security than privacy or more on privacy than security. For example, banking systems, while being secure to a good extent also allow for external inspection which is a data privacy breach. It would be foolhardy to have extremes of either in Cyber security. Each value has to give way to the other depending on where the greatest risk lies.

In conclusion, the only thing to be said is this: that you can never be too careful. Cyber attacks and security breaches have become rife lately, and as long as you have done the best you can possibly do as a business to protect your system and client data, then you will have offset the ‘reasonable man/woman’s’ test. A business is not expected to go over and above with it’s security measures, to a point that the service it seeks to provide digitally becomes inaccessible on account of it’s many security verifications.

It is a question of Reasonableness

For lawyers defending clients in Cybersecurity matters, the basics of Negligence will come into play. There is obviously a duty of care that businesses owe their clients when it comes to personal data. The question will be whether the business took such measures that an ordinary business, engaging in the same industry would take to protect its systems. The balance between security, convenience, cost and privacy will be tested on the standard of reasonableness.
There you have it ladies and gentlemen.

The more things change, the more they remain the same. Because, who would ever have thought that the depths of cybersecurity would lead us back to first year Torts? Shout out to @ayamunda (lecturer), the one and only [emoji here].

Written by Elixa on Tuesday May 14, 2024

Permalink -

« The Subtle Balance And Trade-Offs In Cyber Security (Part 1) - Tech Lingo For Lawyers »