The concept of Cybersecurity in business organizations
Discuss about the Challenges in Cyber security in Business.
The assignment studies challenges which cyber security poses to the business organisations in today’s world. Cyber security issues are capable of causing loss of valuable business data like customer information, thus posing risk to both the companies and their customers. The first section discusses the concept of cyber security giving an idea about its importance in the current corporate situation. The next section points out the areas which come under cyber securities followed by the types of cyber securities. The final section points out the ways in which the companies can fight cyber security challenges they face. The facts are often accompanied by examples to make them more comprehendible.
Cyber securities are the techniques which are used to secure the networks, programmes and softwares used by the business organisations from authorised access or exploitation of information. The business organisations use several types of softwares and technological setups to acquire, maintain and share information related to business. This data is of great significance to the companies that own them and are under threat of misuse by illegitimate identities. These organisations or individuals try to hack and obtain corporate data unlawfully and use it in their interest. These threats are increasing with advancement of science and technology. They pose serious challenges in cyber security to business organisations today (The Economic Times 2017).
The major areas of cyber security are application security, information security, disaster recovery and network security. These cyber security areas are discussed in the following section:
Application security refers to the security which protects the strategic business data from theft during the designing the applications, upgrading them or while their development. These counteracts the data thefts by the third parties organisations which the principle organisations hire to maintain their vast data banks. The technical or engineering departments of the main companies use steps like validation of parameters, user authentication, session management and auditing usage of the data (Almorsy, Grundy and Müller 2016).
The companies often have to share their business data which business partners like other organisations, suppliers and distributors. This threat arises while the companies use their data to carry out daily business activities like mergers and acquisitions. The engineering departments of the companies use encryption and authentication of authorised user to counter this threat (Siponen, Mahmood and Pahnila 2014).
Malware:
Malware are the false antivirus which attackers use to get access to the computers used in organisations to get access to their data. Malware are types of harmful softwares like viruses and ransomewares. These cyber threats take control of the operations of the computers and cause all files to crash. They then send the strategic information to unauthorised groups like terrorists who use the data stored in the computer to their own benefits. The greatest cyber security threats posed by malware are that they appear like normal attachments with prompts to download them. These are actually malwares which get installed in the computer system once the user clicks them (Faruki et al. 2015).
Major areas of cybersecurity
The hackers use the phising techniques to install malware into a computer system and collapse it. The phising appear like normal emails with messages showing great concern like the fraudulent activities detected within the network. These emails are usually designed to make them trustworthy from legitimate sources. The emails usually prompt the users to click a link which actually installs the malware on clicking.
SQL Injection Attacks:
The Structured Query Language or SQL injection attacks are devastating cyber threats which harm both the companies and their stakeholders like partners and customers. The SQL are programming language which facilitate communication with databases. The multinational companies like banks and manufacturing companies store and exchange critical information using SQL. They exchange confidential information about customers like name and credit card numbers which are inaccessible to the outsiders. The hackers use SQL injection attack to crack any weak SQL code and run malware on the database. For example, the attackers may type a code in the search box which may make the database dump all the crucial information on their databases (Pearson and Bethel 2016). The SQL Injection attacks can have long lasting impact on the business of the victim companies. They cause loss of important data to the unauthorised entities. The company also loses customer or shareholder trust due to the leaking of their confidential information from the database of the company. Such loss of stakeholder trust causes business losses and competitive loss in the market position due to the negative image created (Hamilton 2015).
Cross site scripting:
The cyber attackers here target the users of the companies’ official websites and not the website using cross site scripting. The hackers design a malware into an apparent website which runs when the users use the official websites of the organisations. The malware then obtains information about the users when they put confidential information into the websites. For example, the hackers can embed malicious Java script as a comment on the blogs which the users run conceiving to be safe. The malware then transfers all the information from the blog to the hackers system. Cross site scripting can be very harmful because once their information are leaked, the companies develop negative image among the customers. The most dangerous threat of cross scripting is that it is very difficult to be detected in the initial stage (Gupta et al. 2015).
Disaster recovery:
The companies which face cyber security threats use their technical and financial strength to counteract the threat. The top management along with the cooperation of the engineers and specialists frame disaster recovery strategy to retaliate this threat.
Types of threats to cybersecurity in organizations
Network Security:
Network security deals with activities related to applications, reliability, security and integrity of the user. The companies interact with other companies and firms to carry out business. These third party firms and organisations often do not secure their networks using high level of security. The companies use this unprotected network to share vast amount of strategically important data. This exposes the both the companies to virus, spyware and malware attacks which causes the systems to crash or get corrupted. The companies using the network install antivirus which detects and prevents the virus from entering the information system. Firewall blocks unauthorised access to networks. This protects the vital data of the companies from illegal and unethical identities who try to hack the information system of other organisations using virus. Intrusion Prevention Systems detect fast spreading cyber threats like zero day and prevents them. Virtual private network provide secure remote access to the data users from all round the world and keeps the data of the companies security at the same time.
The business organisations can take the following steps to ensure and strengthen cyber security:
The companies should create a strong internal data sharing policy to ensure that the data is shared in ethical and legal manner. The supervisors and the technical departments should keep strict vigilance on data access available to employees. For example, employees of lower ranks should be given restricted access to data just to prevent them from getting access to confidential data and use it for their won advantage (Siponen, Mahmood and Pahnila 2014).
The companies should instruct all the employees to update their computers on daily basis. This will ensure that all the computers have sufficient cyber threat protection like updated anti viruses and firewalls. This will prevent the company from being attacked by malware owing to its updated firewall (Garba, Armarego and Murray 2015).
The companies should use cloud computing to share and obtain information. Cloud computing helps companies share information in a secure manner and save information security expenditure. They should also emphasise on obtaining cloud computing from reputed companies like Microsoft (Othman, Madani and Khan 2014).
The companies should create strong passwords which will prevent hackers from in filtering into their databases using malware. The companies should also ensure having different passwords for different areas (HuffPost 2017). This will prevent unauthorised people or organisations from cracking the passwords. This security system will shield the company against breakdown of the entire databases (Business Insider 2017).
Conclusion:
The assignment in a nutshell covers three areas each of which are related to and enrich the other. The cyber security challenges are becoming a colossal threats to the present organisations. The application systems, information systems and several other areas come under its purview. The hackers make use of apparently safe methods like sending links and mails to install malware. The companies and individuals should take steps to ensure cyber security and share data ethically. The companies should strengthen their securities to counteract the cyber challenges to their databases. This will help them to protect confidential business data and grow in the long run
References:
Almorsy, M., Grundy, J. and Müller, I., 2016. An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.
Business Insider. 2017. 12 Quick Internet Safety Tips That Will Save Your Digital Life From Getting Hacked. [online] Available at: https://www.businessinsider.in/12-Quick-Internet-Safety-Tips-That-Will-Save-Your-Digital-Life-From-Getting-Hacked/articleshow/35704507.cms [Accessed 16 Jun. 2017].
Faruki, P., Bharmal, A., Laxmi, V., Ganmoor, V., Gaur, M.S., Conti, M. and Rajarajan, M., 2015. Android security: a survey of issues, malware penetration, and defenses. IEEE communications surveys & tutorials, 17(2), pp.998-1022.
Garba, A., Armarego, J. and Murray, D., 2015. A policy-based framework for managing information security and privacy risks in BYOD environments. International Journal of Emerging Trends & Technology in Computer Science, 4(2), pp.189-98.
Gupta, B.B., Gupta, S., Gangwar, S., Kumar, M. and Meena, P.K., 2015. Cross-site scripting (XSS) abuse and defense: exploitation on several testing bed environments and its defense. Journal of Information Privacy and Security, 11(2), pp.118-136.
Hamilton, C.B., 2015. Security in Programming Languages.
HuffPost. 2017. 5 Ways to Prevent Cyber Crimes From Derailing Your Business. [online] Available at: https://www.huffingtonpost.com/toby-nwazor/5-ways-to-prevent-cyber-c_b_12450518.html [Accessed 16 Jun. 2017].
Othman, M., Madani, S.A. and Khan, S.U., 2014. A survey of mobile cloud computing application models. IEEE Communications Surveys & Tutorials, 16(1), pp.393-413.
Pearson, E. and Bethel, C.L., 2016, April. A design review: Concepts for mitigating SQL injection attacks. In Digital Forensic and Security (ISDFS), 2016 4th International Symposium on (pp. 169-169). IEEE.
Siponen, M., Mahmood, M.A. and Pahnila, S., 2014. Employees’ adherence to information security policies: An exploratory field study. Information & Management, 51(2), pp.217-224.
Siponen, M., Mahmood, M.A. and Pahnila, S., 2014. Employees’ adherence to information security policies: An exploratory field study. Information & Management, 51(2), pp.217-224.
The Economic Times. 2017. Definition of 'Cyber Security' - The Economic Times. [online] Available at: https://economictimes.indiatimes.com/definition/cyber-security [Accessed 16 Jun. 2017].
To export a reference to this article please select a referencing stye below:
My Assignment Help. (2018). Challenges In Cybersecurity In Business: An Essay On The Topic.. Retrieved from https://myassignmenthelp.com/free-samples/cloud-computing-application-models.
"Challenges In Cybersecurity In Business: An Essay On The Topic.." My Assignment Help, 2018, https://myassignmenthelp.com/free-samples/cloud-computing-application-models.
My Assignment Help (2018) Challenges In Cybersecurity In Business: An Essay On The Topic. [Online]. Available from: https://myassignmenthelp.com/free-samples/cloud-computing-application-models
[Accessed 22 December 2024].
My Assignment Help. 'Challenges In Cybersecurity In Business: An Essay On The Topic.' (My Assignment Help, 2018) <https://myassignmenthelp.com/free-samples/cloud-computing-application-models> accessed 22 December 2024.
My Assignment Help. Challenges In Cybersecurity In Business: An Essay On The Topic. [Internet]. My Assignment Help. 2018 [cited 22 December 2024]. Available from: https://myassignmenthelp.com/free-samples/cloud-computing-application-models.