ABSTRACT
Inadequate organizational countermeasures can result in expensive damage limitation and a hastily constructed reputation management programme, and in a severe situation, a fall in the organization's share price. In order that the company has a robust security policy in place, employees may be required to sign a document that protects the company itself and other employees working for the company. Martin Smith has suggested the insider threat is very real, and often management are focused on external issues and vulnerabilities and not on inappropriate behaviour of internal staff. Managers need to be more aware of how security systems are circumvented and how computer systems can be sabotaged. As well as cyber attacks, there are other challenges for management to confront and address, and it is clear that a commitment to organizational learning will provide the necessary platform from which policy and strategy can be developed that are aimed at making the organization sustainable.
