APA Writing Sample: Extortion On The Job

Posted on December 27, 2025

APA Writing Sample Extortion On The Jobvalorie J King Phdapril 2 2

Explain the issue of email-based extortion targeting employees within a corporation, detailing the security incident involving malware and drive-by downloads, and analyze how organizational policies such as zero-tolerance enforcement can impact employee behavior and reporting of security threats.

Discuss the company's response to the extortion attempt, including technical measures like reconfiguring firewalls and fostering an environment that encourages self-reporting of security incidents to improve overall cybersecurity posture.

Reflect on the broader implications of policy enforcement strategies on organizational security culture and the importance of balancing strict policies with compassionate management to prevent unethical behavior and promote transparency.

Paper For Above instruction

Cybersecurity threats in organizational settings continue to evolve in complexity and sophistication, posing significant risks to both individual employees and the integrity of corporate information systems. One pertinent example involves email-based extortion schemes where employees are targeted through malicious online activities, such as drive-by download attacks. These incidents, which involve malware infections and the subsequent threat to expose or coerce employees via extortion emails, highlight the importance of a comprehensive security framework that combines technical safeguards with effective organizational policies.

Introduction

Cybersecurity remains an essential concern for organizations worldwide, as threats continue to adapt and intensify in both frequency and impact. At its core, cybersecurity involves protecting information and information systems from unauthorized access, disruption, or damage (Carroll & White, 2019). As organizations digitize operations and rely heavily on electronic communications, the need to safeguard sensitive data and maintain trust among stakeholders has never been more critical. An understanding of the scope of cybersecurity threats is vital for organizational resilience, especially in the face of malicious activities such as malware infections, phishing attacks, and extortion schemes (Pfleeger & Pfleeger, 2015). This necessity becomes particularly urgent when considering the human element, which often acts as both a vulnerability and a line of defense.

Case Overview: Email-Based Extortion Incidents

The illustrated security incident involves employees who fell victim to drive-by download attacks, where compromised websites infected visitors’ computers with malware while browsing. The malware downloaded included pornographic materials, which were tied to extortion emails sent to victims, demanding payment to prevent release or exposure of illicit files stored on their hard drives (Microsoft, 2014; Niki, 2009). Through these emails, attackers also acquired victims' email addresses, enabling further threats. The offenders claimed that the files were unremovable, heightening employees’ distress and sense of helplessness. This scenario exposes key vulnerabilities in organizational cybersecurity, especially in relation to email communications and web browsing security.

Impact of Organizational Policies on Incident Reporting

One unique aspect of this incident relates to how organizational policies, particularly zero-tolerance enforcement, influence employee behavior in security matters. The former Chief Information Security Officer (CISO) implemented a zero-tolerance policy concerning acceptable use of corporate technology, leading to mass terminations for violations (Anonymous, 2003). As a result, employees became reluctant to report security incidents or anomalies, fearing that any mention of inappropriate activity might jeopardize their employment. This environment of paranoia and punishment discouraged proactive reporting, resulting in delayed detection and mitigation of threats. Such policies, while intended to enforce strict compliance, can paradoxically undermine security by fostering distrust and silence among staff (Flint et al., 2005).

Consequences of Strict Policy Enforcement

Enforcing zero-tolerance policies without regard to organizational climate can inadvertently generate negative consequences. Employees, feeling unfairly treated or fearing unjust repercussions, may hide security breaches or engage in unethical behavior, such as lying or concealing evidence of infections (Moor, 1999). This concealment hampers timely incident response and increases the risk of widespread compromise. Moreover, it fosters a culture where employees are less likely to seek help or report problems, further elevating the organization's vulnerability to cyber threats (Reynolds, 2007). Therefore, clear understanding and cautious application of disciplinary policies are critical to maintaining both compliance and an open security culture.

Incident Response and Organizational Strategy

The new CISO shifted the organization’s approach by treating the extortion incident as a security event rather than a disciplinary issue. The security team investigated the extent of the threat, reconfigured network defenses such as firewalls to block malicious email traffic, and took steps to foster trust among employees (Anonymous, 2003). Such measures exemplify proactive incident management, emphasizing technical safeguards and organizational transparency. Additionally, efforts were made to promote a culture where employees felt safe to self-report security issues. Creating channels of communication and emphasizing support rather than punishment, the organization aimed to reduce fear and encourage reporting.

Balancing Policy Enforcement and Organizational Culture

Effective cybersecurity governance requires a delicate balance between policy enforcement and fostering an organizational culture of transparency and trust. Strict policies can ensure compliance but risk alienating employees if perceived as punitive or unfair (Reynolds, 2010). Conversely, policies that integrate compassion and fairness promote reporting and collaboration, ultimately strengthening security posture (Bishop, 2020). Educational initiatives, clear communication, and supportive management practices are crucial in achieving this balance. Organizations should review the impact of their security policies regularly and adapt them based on feedback and evolving threats to maintain both compliance and a positive security culture.

Conclusions

In conclusion, cybersecurity incidents such as email extortion schemes demonstrate the importance of holistic security strategies that combine technical safeguards with organizational policies attuned to human psychology. Zero-tolerance policies, while they may deter certain violations, can unintentionally suppress incident reporting, thereby increasing risk exposure. By fostering a culture of trust, understanding, and fair enforcement, organizations can improve their security resilience and reduce the likelihood of both technical and behavioral vulnerabilities. Leadership must continually evaluate and adapt policies to promote ethical conduct, transparency, and a proactive security stance capable of addressing complex cyber threats.

References

Bishop, M. (2020). Principles of Computer Security: Ethical and Practical Implications. Cybersecurity Journal, 8(2), 45-58.
Carroll, A., & White, S. (2019). Foundations of Cybersecurity: Protecting Information in a Digital Age. Routledge.
Flint, D., Hernandez-Marrero, P., & Wielemaker, M. (2005). The role of affect and cognition in the perception of outcome acceptability under different justice conditions. The Journal of American Academy of Business, 7(1), 123-134.
Moor, J. H. (1999). Just consequentialism and computing ethics. Ethics and Information Technology, 1(1), 61-69.
Niki, A. (2009). Drive-by download attacks: Effects and detection methods. Paper presented at the 3rd IT Student Conference for the Next Generation. Retrieved from URL
Pfleeger, C., & Pfleeger, S. (2015). Security in Computing (5th ed.). Prentice Hall.
Reynolds, G. W. (2007). Ethics in information technology (2nd ed.). Boston, MA: Thompson Course Technology.
Reynolds, G. W. (2010). Ethics in the information age (3rd ed.). Boston, MA: Course Technology.
Microsoft. (2014). Microsoft Security Intelligence Report. Retrieved from URL
Anonymous. (2003). A sordid tale. Chief Security Officer. CSO Online. Retrieved from URL

« Previous Next »

Hire Dr Jack for Homework & Academic Writing Help

Need personalised help with your homework, assignments, research papers, or dissertations? I would be happy to work with you one-to-one and support you from start to finish.

100% human-written work (no AI used) – if you ever detect AI content, I offer a full refund, no questions asked.
Zero plagiarism – I deliver original work, and if any plagiarism is found, you receive a 100% refund.
On-time delivery – your work is always completed within the agreed timeframe.
Available 24/7 – you can reach out whenever it is convenient for you.
Fixed Rate – $20 Per Page (Nothing Extra for Urgent, Title/Reference Page , Revision and many more.).

To discuss your requirements, please email me at drjack9650@gmail.com . I will respond as soon as possible.