Red Clay Renovations is a very prestigious company with a focus on residential buildings. With the emphasis of Red Clay Renovation being to renovate such structures, information technology, also known as IT, is often not as prioritized as other specific topics. IT governance by corporate infrastructures is actually quite crucial to the innerworkings of a profitable and healthy corporation. Therefore, information technology must be at the forefront of each and every shareholder, employee, and manager’s minds as Red Clay Renovations continues to prosper in the home improvement business.
Red Clay’s Annual Report has cited a variety of specific risk statements, to include the following, which will all be addressed in this specific report:
1. Cyber-attacks could affect our business.
2. Disruptions in our computer systems could adversely impact our business.
3. We could be liable if third party equipment recommended and installed by us, i.e. smart home controllers, fails to provide adequate security for our residential clients.
Red Clay Renovations currently takes a variety of approaches to addressing cybersecurity concerns. This can be found in our Company Profile (King, 2018). This includes adherence by the Chief Information Security Officer (CISO) to specific National Institute of Standards and Technology (NIST) guidance documents, to include NIST SP 800-12, NIST SP 800-18, NIST SP 800-53, NIST SP 800-100, and NISTIR 7621 (King, 2018). More information about these specific programs can be found on NIST’s website at https://www.nist.gov/ (U.S. Department of Commerce, 2019).
Firstly, it is absolutely true that cyber-attacks could affect our business. With our increased reliance on IT products to conduct daily business tasks, a cyber-attack could have devastating affects on our well-being. This could span from a worse-case scenario involving the release of our client’s private information to the public, or through a draining of all financial accounts in order to bankrupt the organization, preventing us from paying our debt, bills, and workers. This could have further effects on our reputation, and could even result in a business closure. A cyber-attack could even affect our employees’ abilities to work from home. One example of this happening to a company is through Sony’s cyber-attack in 2011, which resulted in a near month shutdown of Sony’s PlayStation Network (Gaudiosi, 2014). However, this is definitely a worse-case scenario, and we are taking a variety of steps in order to ensure any potential gaps in IT security are quickly addressed, closed, and constantly verified as being such by IT industry security professionals.
Secondly, disruptions in our computer systems could adversely impact our business. This is specifically true due to the fact that many of our key processes and procedures are conducted via computer systems, with specific examples being our various web, email, applications, and database servers (King, 2018). This includes our ordering system for raw material procurement such as doorknobs, wood, and drywall, as well as our tracking and payment systems for current debts, vendor payments, and other financial transactions. Even big businesses are not immune to these types of failures, as seen in the examples of Amazon, Slack, and even Delta Airlines; where specific equipment failures drastically affected business profitability (Gyarmathy, 2018). Therefore, our computer systems being made redundant would be very hurtful to our business, affecting our ability to operate through everything from procurement ordering to financial liabilities.
Thirdly, it is important to vet all IT/smart home materials that we install in residences. While these specific items are manufactured by third-parties, by installing them, Red Clay Renovations becomes responsible for these specific products and their effects. While responsibility can be ultimately traced back to manufacturers of these IT/smart home materials, as installers, we must exercise our due diligence in ensuring their full compliance with IT security standards. Attacks on things we install, such as through wireless access points, can be devastating security and lifestyle concerns for our clients (King, 2018). One example where a similar situation occurred when Chinese hackers developed a way to take control of Amazon Echo, making it a “surveillance tool” (Goldsmith, 2019). Although Amazon responded with fixes, Red Clay Renovations could be affected if we installed devices with such a known error into our clients’ homes. This can affect our reputation as stellar home renovators, as potential malfeasance by items we install in homes can actually cause real harm if done improperly, thus affecting our incoming business potential.
However, by taking proper information technology security procedures into account in order to ensure the utmost trustworthiness in the cybersecurity space, then we can prevent these specific line items from affecting our business. This can be accomplished by shoring up our defenses against cyber-attacks, cyber-hardening our computer systems, and making sure that all IT/smart home materials that we install pass through certain security vetting requirements. All in all, while these are specific problems that have been identified in the Annual Report, they can be and will be addressed, in order to ensure the utmost consumer and shareholder confidence in Red Clay Renovations.
References