مقاله سال ۲۰۱۶

The ease of use of the internet for business communication has been a boon in terms of keeping abreast of the market and collaborating with colleagues separated by geography and time zone. This ease of use, however, has fostered an attitude of complacency which exposes the information stored by users to greater risks of theft in a highly competitive business environment.

The impetus for protection of data lies in personal privacy and business concerns generated by the revelations of WikiLeaks, Edward Snowden (Sifry, 2011), and business reality. For the latter, cyberattacks are one of the biggest threats facing businesses. The cost of data breaches at companies is expected to hit $2.1 trillion globally by 2019 (Kharpal, 2015). Maintaining confidentiality of data in this environment has become a necessity for businesses and individuals seeking to take commercial advantage of their newly-developed knowledge, skills, and information.

In the ASEAN region, cybercrime is recognized as one of the eight transnational crimes, in addition to illicit drug trafficking, money laundering, terrorism, arms smuggling, trafficking in person, sea piracy,and international economic crime. The addition of cybercrime to the list was decided in the Official Senior Meeting on Transnational Crime (SOMTC) which was held in Singapore on October 10, 2001. Cross-national variations can encourage what is referred to as ‘regulatory arbitrage,’ with individuals and groups committing offenses in territories where they are assured of facing little or nothing in the way of criminal sanctions. The jurisdictional problem governing cybercrimes has caused the legal authority of each country to act like an athlete who runs around a track in a stadium while the cyber criminals are the peers and spectators, analyzing the way the authority runs and determining the leaks and weaknesses. No matter how many laps around the track the authority runs, the outcome is always the same: to arrive at the finishing line just to discover that it is the starting point all over again (Rahman, 2012). However, recent events in the U.S. indicate governmental concern about a lack of asset protection may be turning as government agencies find they can no longer eavesdrop into and/or covertly access certain databases and equipment.