Challenges In Cyber Security For Business: Literature Review Essay.

Emerging trends in Cybersecurity for business

Question:

Discuss about the Challenges in Cyber Security for Business ?

Literature review can be understood as the review of writings and literature on the specific topic by different authors. The piece of writings are evaluated which supports and evaluates the research topics. The main purpose of literature review is to identify the terminologies and explain the, through various researches. It helps in explaining the theory, methodology and the findings. Here, the literature review is done for ‘Challenges in Cyber Security for Business’ and for this purpose, various articles, web sources are been referred.

As per Kaplan, Sharma & Weinberg (2011), Cyber security refers to the protection of digital business information and intellectual property against the misuse or theft. This is becoming the critical issue in businesses today which has to be fought in order to make businesses and their data safe and secure. US government has referred cyber security as one of the most critical challenges in the nation. The companies need to adopt various cyber security approaches in order to protect their information without compromising with the growth of the company.

In the recent years, Cyber security has become a bigger issue. According to Kaplan, Sharma & Weinberg (2011), a research has been conducted at the leading 25 companies at global level. The in depth interviews conducted which revealed that the increased use in technology in business has led to the need of more security in the corporate environment. The research identified four emerging trends which include Increase in the use of digital data, Increase in connectivity and openness which makes a way for malwares, increase in the technologically advanced hackers and cybercrime organisations and the interconnected supply chains which put the business networks at risks. In the views of James (2016), with the increased use of technology, the opportunities and challenges for the businesses have also increased. Cyber world is huge now. It includes mobiles, internet, smartphones, tablets and much more. 46% of the total population of the world is connected to internet and this shows that cybercrime is on boom with the opportunities in the cyber world. There are number of challenges the cyber world has to address. Many sectors like government, industry, service, academics, etc. need to adopt the approaches which can minimise the risks of cybercrimes. James further added that the challenges in cyber security of business include lack of leadership, Collaboration and lack of education and awareness in people.

One of the biggest challenges is lack of leadership for which different actions are to be taken. Security is something which builds trusts between people and technology. A good leadership is required to handle the issues and challenges. It helps in settling the governance in the organisation and in supporting the private sector and education. The second challenge is collaboration. It is seen that collaboration assist in sharing of knowledge can be shared well. Collaboration assists the hackers and cyber criminals to work together and develop new techniques to commit cybercrime. The third challenge is lack of education and awareness. The enrolments in ICT courses have dropped which creates a problem in the ICT industry and it is becoming tough to bring the industry on track. Skilled cyber security professionals are needed to handle this industry of Australia (Babate, et al., 2015).

Lack of Leadership

Service and privacy challenges have to be faced by the business.  It is often seen that even the most secure information can become public. This shows that the security is not strong for the information and data of business. The businesses nowadays collect personal data of the customers for providing those best suited services and products to them. These details can be leaked easily and the details such as bank accounts, ATM transactions can be used for theft by the criminals (Jabee & Alam, 2016).

According to Beshar (2016), in the last few years, cyber-attacks have increased and damaging the businesses. A framework is required for addressing the same. The ideas should be now turned into actions. The report by Fischer (2016) shows that over the years, the Information and communications technology has evolved a lot. In modern society, it has become an integral part of every individual as well as business. Cyber security is how ICT systems are been protected. There are some long term challenges which are to be addressed.  These challenges are related to:

• Design: designing the security system for cyber security has been a challenge for the designers. As per the experts, the security system should be a part of ICT design but developers believe that focussing on features that security is more important to earn more profits.
• Incentives: There are challenges related to cyber security. Where on one hand, cybercrime is cheap and profitable for the criminals, on other hand; cyber security is expensive for the companies.
• Environment: the emerging applications on mobiles, social media, big data, etc. have increased the environment for cybercrimes (Fischer, 2016).
• Consensus: Consensus of all stakeholders is needed for designing and implementing the cyber security policies.

According to Bingham, Bector & Herbolzheimer (2016), it is very important for the business to get success and for this, integrity is the main element which helps business in attaining success. The report says that the coming years will bring more challenges to handle the criminal activities in cyber world. But if the companies have good awareness then they can identify weakness and then can handle the scenarios in a better way. They can also set the priorities handling the issues.

As per Wang, et al. (2010), the security should be maintained in cyber world to maintain confidentiality. It will prevent the secret information of the business. It also helps in maintaining the privacy of the users. The security is needed to maintain integrity in business. It means that no modification in the data of organisation can be done without the permission of authorised entity.  There should be authenticity to ensure that the information, data and communication made within the business is genuine. In the report by Purdy (2016), one of the main global cyber security challenges is supply chain risk. Supply chain risk can be understood as the risk which may disrupt the Manufacturing, distribution, installation or other functions in the business.  It threats include installation of corrupted software or hardware, failure of systems of production or distribution or reliance upon malicious software or hardware. The companies may take steps to address this risk like adoption or usage of software’s like SAFECode which provides software for increasing trust in Information and Communications technology by promoting the awareness and use of safe and reliable software’s. It provides a framework which meets the challenge of the risk.

Different governments have also taken initiatives to meet these challenges like Chinese government has taken some initiatives which have an important impact on the technology firms in China. Network security and monitoring systems have been implemented for meeting cyber challenges. In July 2015, the government has drafted a cyber-security law for addressing the risks. The government of UK also adopted some approaches to secure the ICT global supply chain in the businesses. Risk mitigation plans are suggested for the same. The Nation Cyber Security programme (NCSP) of UK provides funds to the Trustworthy Software Initiative so that the trustworthy software’s can be promoted. In Japan, Cyber Security strategy has been issues in the year 2015 which aims at improving the awareness for cyber security in businesses. In United States, reforms have been made to improve the cyber security in businesses (Purdy, 2016).

Collaboration

As per Mohammed, Mariani & Mohammed (2015), Information technology has derived many benefits to the businesses but it also poses major challenges to the businesses. The business is facing threats of viruses, malwares, loss of data and information and disruptions in operations. The businesses are facing challenges of meeting the costs of managing these threats and of adopting the practices which attempts to improve the systems. Everyday communication in the business depends on the internet based services. Almost every function in the business is now dependent on the computer and technology based activities. So, it shows that the businesses are getting more reliant on the Information and communications technology and when there are short interruptions in the technology, a huge financial loss can occur to the business. Dependence on ICT can create huge risks to the business and their information. The lack in the technological infrastructure is also a challenge for the businesses (Abomhara & Køien, 2015).

There are billions of users of Internet in the world which shows that Internet is growing so rapidly worldwide. The companies based on computer and related functions are seeing high potential growth in the developing countries. The companies face a challenge of acquiring low cost and quality services and hardware. Also one of the biggest challenges is to save the activities from the illegal usage (OECD, 2012). The increase in the number of users on internet creates difficulties for the agencies to maintain control. It is tough to identify the different between legal and illegal content. The automation of processes limits the involvement of humans which also provides a change for automated hacking tools to corrupt the systems. The increase in communication has increased the fake emails, anti-social behaviour and other activities which are not accepted and are not good for the businesses and their growth (Chen, Chiang & Storey, 2012).

According to Banham (2017), the situation is terrible for cyber-attacks in corporate now. As per the Global Information Security Survey of 2016- 2017 conducted by EY, most of the companies are facing the risks of cybercrime.  Around 1735 global executives were surveyed and it was found that only 1 out of 5 surveyed consider cyber strategy and planning as the important one. The companies are facing financial losses because of cyber-attacks. Also, the companies are facing the damage and loss to their reputation because of such incidents. The companies will have to understand the importance of managing these threats otherwise the risk and threat will be unknown and the businesses will lose their integrity and reputation.

The businesses will have to identify the risk and its value. The survey concluded that 32 per cent of the respondents lacks in awareness of the planning and preparation part to meet the challenges of cybercrime. The survey gave other findings too. The findings include that 38 per cent of the respondents accepted that they have enough tools and information and they are bale to evaluate cyber risks. It was also seen that 9 out of every 10 businesses i.e. 89 per cent are not able to evaluate the impact of the cybercrime on their business. This shows that businesses and people are unaware about the loss they can face because of cyber security risks (Banham, 2017).

Privacy Issues

The industry has grown at a great speed.   Ten years earlier, the hackers used to sit somewhere in the basement and try these cybercrime activities just for fun but now the organisations are hiring the talented young graduates and people from the universities and offering them huge money to join them and perform such activities. As per Mansfield (2017), the statistics shows that 43 per cent of the cyber-attacks have small businesses on their target but only 14 per cent of the business has the ability to meet the risks and face the attacks. It is also found that 60 per cent of the companies vanish from the markets within 6 months of a single cyber-attack. This shows that the companies do not have strong policies and approaches to meet these risks and threats.  According to Zadelhoff (2016), the Cyber Security Intelligence Index of 2016 shows that the big corporations like IBM found that 60 per cent of the cyber-attacks are carried on by the insiders of the company. The research also found that most of the attacks and breaches are found in the business like health care, financial services and manufacturing services. It is because these industries have personal data, intellectual property and huge amount of financial assets. People conduct cybercrimes by leaking out the passwords or the methods and approaches adopted by the company (Hutchings, 2012).

Cyber security is important for the Australian economy and also for the society. Development in technology is more important but with this comes the responsibility of securing the data, information and systems.  The government should look for better policies and requirements of cooperation for better regulations so that the challenges can be met in the industry. The cyber security challenges will increase in future but the corporations have to take up more innovative approaches for interacting with the customers and for managing their data and information. The challenges have to be met properly by framing strategies, risk management and by handling the legal and technology functions well. Everyone has their own role to play in future for managing these attacks (Goutam, 2015). As an individual, a person should be fair enough and handle the data properly at the workplace. The government have to take positive actions to ensure that adoption of cyber security practices at the workplace. Education and Research can be carried out which improves the knowledge of everyone about the field.  The businesses could take certain steps to draw attention towards cyber security. Training programs can be conducted which can teach the workers that how the data can be secured and attention should be paid towards security of cyber systems at the workplace.  It can be concluded that there are some pillars which should be considered for promoting cyber security. These include Education unawareness, planning and preparation, Detection and discovery of breaches or losses, sharing and collaboration of the current and future risks and maintaining ethics at the workplace by the individuals and business as well.

References

Abomhara, M & Køien, G M 2015, ‘Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks’, Journal of Cyber Security, Vol. 4, 65–88.

Babate, A I, Musa, M A, Kida, A M & Saidu, M K 2015, ‘State of Cyber Security: Emerging Threats Landscape’, International Journal of Advanced Research in Computer Science & Technology, Vol. 3, Issue 1.

Banham, R 2017, ‘Why Cybersecurity Should Be A No. 1 Business Priority For 2017’, Forbes.

Beshar, P J 2016, ‘The Cybersecurity Challenge Every Business Should Prepare for’, Fortune.

Bingham, R S, Bector, R & Herbolzheimer, C 2016, ‘Evolving Challenges in Cyber Risk Management’, Marsh & Mclennan Companies.

Chen, H, Chiang, R H and Storey, V C, 2012, ‘Business intelligence and analytics: From big data to big impact’, MIS quarterly, 36(4), pp.1165-1188.

Fischer, E A 2016, ‘Cybersecurity Issues and Challenges: In Brief’, Congressional Research Service.

Goutam, R K 2015, ‘Importance of Cyber Security’, International Journal of Computer Applications, Volume 111 – No 7.

Hutchings, A 2012, ‘Computer security threats faced by small businesses in Australia’, Australian Government, No. 433.

Jabee, R & Alam, M A 2016, ‘Issues and Challenges of Cyber Security for Social Networking Sites (Facebook)’, International Journal of Computer Applications, Volume 144 – No.3.

James, C 2016, ‘Cybersecurity: Threats Challenges Opportunities’, ACS.

Kaplan, J, Sharma, S & Weinberg, A 2011, ‘Meeting the cybersecurity challenge’, McKinsey & Company.

Mansfield, M 2017, ‘Cyber Security Statistics– Numbers Small Businesses Need to Know’, Small Business Trends.

Mohammed, D, Mariani, R & Mohammed, S 2015, ‘Cybersecurity Challenges and Compliance Issues within the U.S. Healthcare Sector’, International Journal of Business and Social Research, Volume 05, Issue 02

OECD, 2012, ‘Cybersecurity Policy Making at a Turning Point: Analysing a New Generation of National Cybersecurity Strategies for the Internet Economy’.

Purdy, A 2016, ‘The Global Cyber Security Challenge’, Huawei.

Wang, E K, Ye, Y, Xu, X, Yiu, S M, Hui, L C K & Chow, K P 2010, ‘Security Issues and Challenges for Cyber Physical System’, ACM International Conference on Cyber, Physical and Social Computing.

Zadelhoff, M V 2016, ‘The Biggest Cybersecurity Threats Are Inside Your Company’, Harvard Business Review.