Introduction to Cyber Crimes in Businesses
In today’s digital era, every company is equipped with numerous computers, often accessible from outside, creating open networks. This widespread presence of computers means that, in theory, a cyber crime can be committed in any company. External accessibility increases the likelihood of attacks by individuals who are not part of the company’s staff, known as “outsiders,” making their detection more challenging. Those who choose to commit such crimes can often do so remotely, significantly increasing their chances of evading capture. Additionally, it is essential to note that today’s corporate assets are entirely dematerialized, meaning that all relevant business information, whether economic or strategic, is stored digitally.
The Internal Threat: “Insiders”
Contrary to external threats, internal threats are less visible but potentially more damaging. “Insiders,” such as unfaithful employees or dishonest consultants, have an in-depth knowledge of the company’s security systems and can easily carry out prohibited actions like fraud, information theft, data deletion or alteration, or misuse of computer systems for personal purposes. Crimes committed by organization members are seldom reported to the Judiciary due to companies preferring to protect their public image. Indeed, companies are more inclined to take disciplinary actions against their employees caught engaging in illegal activities.
Criminal Law Regulations and Their Impact on Cyber Crimes
Effects of Criminal Laws in the Cyber Sector
Recent regulations provide business operators with a sense of security, as they offer the ability to assert their rights in court if a cybercrime is confirmed. The existence of specific regulations and the provision of custodial penalties are intended to deter many with malicious intent from engaging in illegal activities. However, these provisions can also cause significant concern among those responsible for managing the company, as there is a fear that the use of information technology could unwittingly lead to criminal liability, potentially causing damage to the company’s image that exceeds the direct damage of the crime experienced.
Extension of Administrative Responsibility
The concern is heightened by the fact that, as stipulated by Article 7 of Law No. 48/2008, the administrative responsibility of the entity, and thus also of companies, is extended to most cyber crimes committed by top executives or employees. This extension of responsibility increases the pressure on companies to adopt effective preventative measures.
Mitigation Strategies
The only way to alleviate or eliminate the “state of agitation” caused by these implications is to implement all necessary precautions to address the emergency represented by cyber crime. Companies are called upon to strengthen their security systems and adequately train their staff to prevent, detect, and effectively respond to cyber attacks.