Republic of the Philippines

Laguna State Polytechnic University

ISO 9001:2015 Certified Province of Laguna
Level I Institutionally Accredited

Name:
Section:

Performance Task 3

Please answer the following set of questions.

1. In your own opinion/understanding, what will be the impact of Cyber Crime in terms of:
a. Economic Cost
b. Reputational Cost
c. Regulatory Cost
Note: Explain your answer with a minimum of 85 words each.

a. the financial or economic cost of cyber crime is immense. beyond immediate financial losses,
businesses will invest heavily in cybersecurity measures. the consequences for bad
cybersecurity are extended disruption of operations due to maintenance, expenses of the ones
that are affected are used for repairs instead of innovations, and rebuilding of trust from
customers.
b. reputational costs are immeasurable. a cyber breach destroys trusts, ruins brand image and can
lead to customers not trusting your services. rebuilding said trust can be time consuming and
challenging, impacting market standing and customer loyalty
c. regulatory costs surge as governments respond to cyber threats with stricter regulations.
Compliance efforts demand substantial investments, adding to the overall burden on
businesses. Non-compliance risks legal consequences, further escalating regulatory costs.

2. What are the 3 steps to increase security and reduce risk of cybercrime?
- the three steps are educate all levels of your organization about the risks of social engineering
and common social engineering scams like phishing emails and typo squatting, invest in tools
that limit information loss, monitor your third-party risk and fourth-party vendor risk and
continuously scan for data exposure and leak credentials, and use technology to reduce costs
like automatically sending out vendor assessment questionnaires as part of an overall cyber
security risk assessment strategy

3. Read carefully the problem scenario and answer the question provided below.

Title: Data Breach at XYZ Corporation

Scenario:
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified Province of Laguna
Level I Institutionally Accredited

XYZ Corporation is a large multinational company with a vast amount of sensitive customer and proprietary
data. Recently, they have experienced a significant data breach, and it has had severe consequences. The
breach has exposed not only customer information but also valuable trade secrets. This breach has resulted
in substantial financial losses, damaged reputation, and legal implications.

The company is now facing the following challenges:

A. Loss of Customer Trust: The data breach has led to a loss of trust among XYZ Corporation's
customers. Many are concerned about the security of their personal information and are
considering taking their business elsewhere.

B. Legal Implications: XYZ Corporation is now facing potential legal action from both affected
customers and regulatory authorities due to the mishandling of data.

C. Intellectual Property Theft: The exposure of trade secrets poses a significant threat to the
company's competitive advantage. Competitors may exploit this information, resulting in lost
market share.

D. Financial Impact: The financial losses from the breach include the cost of investigating the incident,
potential fines, and the expense of implementing stronger cybersecurity measures.

E. Reputation Damage: The company's reputation has been severely damaged, and it will require
significant effort and resources to rebuild trust with customers and stakeholders.

What specific measures and policies would you recommend to address these challenges, and how can the
company ensure such an incident does not happen again in the future?

- to ensure that this company would not face these challenges, they should conduct regular security
audits and vulnerability assessments to identify and address potential weaknesses in the system.
XYZ should also train employees on cybersecurity best practices, emphasizing the importance of
safeguarding sensitive information and establishing a culture of security awareness to reduce the
risk of internal threats and human errors.