Challenges In Cyber Security For Business Enterprises

 Both malware and viruses are the greatest menaces which are highly affecting computing, security, and-and since most of the business data stored in a computer database the viruses affect it hence lack business visibility. In our developing society, most business operations are driven by technology which has the greatest significance to the business and limitations in terms of threats to the business. It is clear that the cybersecurity has progressively become a major business concern since many of the businesses rely on the cyber technology that is the internet and the use of computers. Attacks on business enterprises have been operating on an increasing note this is the day to day extortions, phishing attacks, hackling, on the other hand, this has adversely affected the operation of business services. In day to day, business is affected as result of security challenges which evolve during the use of machines, all this affect data stored in the computer software, and this is caused by technological changes cause this. Business operations and organizations face intense threats of cyber warfare that is data influence hence destruction, theft identification that is through signals, attack vectors, and digital trails that affect business operations. Through this attacks the is lack of trust since the privacy, and confidentiality of information (Elmaghraby & Losavio, 2014). Through this, it is evident that cybersecurity is worrisome to the There cannot be a single solution to counter such threats on business operations. The cybersecurity menace can be eliminated by a good combination of Law, People, methods and Technology which must be developed and then an effort should be made for the purpose unify the laws on cybersecurity to keep its standards

As the debts, cybersecurity is a menace that has affected the world business in both small and large enterprises. The cyber menace creates a significant fact of studying the issue on cyber safety on means or measures of minimizing the attacks. This project objective is:

1. To describe the effects of cybersecurity for both small and large business enterprises.
2. To explain the governmental laws on cybersecurity on business operations.
3. To elaborate the measures in which cyber insecurity can be minimized for business.

The main purpose of this research project as the topic depicts is to explain the challenges in cybersecurity for companies operations. The research covers cybersecurity as the greatest challenge to business enterprises in the world today this is due to technological advancement. The research covers cybersecurity objectives, measures to be taken in controlling the menace and the reparations if not controlled. The project illustrates that safety of data, the privacy of data in a company is essential for developing small and large business enterprises in the world. This is as a result of greatest motivation to customer sureness for the purpose of attaining profitable achievement on new technologies that is the internet. For instance, the research on debts that individual information is wickedly hacked thus leading to low confidence level as a result of the threat of personal identity, fraud, and malware which has a demerit on the business (Hay, Nance, & Bishop, 2011).

Project Scope

The study will be able to assess on various measures on controlling the cybersecurity that is laws on internet usage and computer operations this will enhance the confidentiality of information in the computer software.

The greatest threat that faces the entire world currently is a cyber attack. The cases of  Cyberattack are several ranging from drive-by browser attacks and phishing to web app flaws, and this target both small and large businesses. A lot of money is lost every day to crimes related to the cyber attack. Most hackers use mechanical means which facilitate easy malware into business enterprises thus conceding secluded and confidential in the firm. Most firms fail to identify security gaps that facilitate the manipulation of confidential information hence leading to the destruction of confidential documents (Roman, Zhou, & Lopez, 2013). The menace places the business at a greater risk of cyber insecurities whose effects are averse to business processes. Wrong staff in most companies are left, or they have access to email and computers which in turn create unknown links and files resulting to insecurity concerns. One of the latest cases of a cyber attack in the world is the Chennai Journalist Files case against abusive tolls in India on 8^th August 2017. This case saw vital information including tweets leaked. Another notable case was the cyber attack on Google in the year 2009. In this situation google Chinese headquarters detected a security breach that showed that hackers had gained access the main servers and went away with the intellectual property. Theft of credit card since 2009 marked a great fraud of cybercrime.

Through cybersecurity, most organizations face a challenge of losing confidential information from the computers or the company database. Dissatisfied workers carelessly expose data as a result of misplaced laptops and not shut down computers when they are not in use or when they are away from work. Experts have been hovering worries about cyber insecurity through the attacks. There are several instances of wary efforts to access company information by unauthorized individuals having an intention of damaging, stealing, and disturbance. It is clear that violation of information occurs in the working environment when employees are not satisfied hence leading to blunders of insecurity. (Roman, Zhou, & Lopez, 2013).  Through this, cyber Menace in most organizations has faced threats and policies from the policymakers who have strained to work on procedures to overcome the invading fraudsters. Information sharing in the organization with third parties led to leakage hence privacy and confidentiality of information is minimal. Third parties expose information which facilitates fraudsters to trace the confidential information

Literature Review

Cloud computing present’s immense challenges for companies. Despite the fact that cloud computing exceedingly works well for the IT-oriented companies, it is complicated from an information security perspective. Cloud computing creates new sets of data-security concerns since businesses have to relinquish security controls to outside parties (Scully, 2014). The providers of cloud computing do everything to establish secure data centers. However, data storage in the clouds where the environment is shared alongside other companies’ data differs from how a given firm stores its data. As a result, security concerns are posed hence bringing challenges on cybersecurity measures by businesses. The protection of ICT systems from cyber attacks is at stake in the event of cloud computing since computer networks, and other related hardware is shared by numerous users hence threatening data security (Hay, Nance, & Bishop, 2011). Fraudsters illegally access the elements of cyberspace, and this creates businesses with a risk for data modification by the fraudsters.

It is clear that hackers defuse business organization this is facilitated through the digital generation. The behavior of globally organized hackers is the greatest threat to both small and large enterprises since information is manipulated or leaked. There exists a corporate intelligence to deliberate theft within organizations due to computer hacking. Cyber-attacks is the greatest menace to organizational operations, and it has turned to be topic to focused attacks by fraudsters and this facilitated crime organization. Organizational confidential information is threatened by hacking operations. Through the additional use of computers by most business enterprises has resulted in the growth in cyberspace (Scully, 2014). Hackers take benefit through the wide use of internet and computer operations in the organization to interfere with business confidential information. Protection of this co0nfidential data has become the most challenge to most organizations due to lack of centralization which makes it be a challenge for IT experts in governing data security hence creates space for the hacking activities. Hacking has the greatest disadvantage to the business that is losing confidential clients and company data such as financial reports and customers’ private data.

Time wastage in most organizations occurs mainly due to engagements in social media platforms such as Twitter, snapchat and Facebook. More often, the time is wasted talking to friends and even strangers who are only social media friends. The use of company computers to access social media has always lead to massive leakage of companies’ confidential data. The social networks of the company can be hacked mainly due to the issue of outsourcing of business. This is due to the fact that it enables sharing of business information to the third parties who may be 0blivious (Jing et al., 2017)Facebook accounts should be given to the IT staff for the purpose of monitoring so as to avoid any threats to the company information.

Challenges in Cyber Security

Currently, smartphones are ubiquitous in the workplace, and this poses a data security threat to most businesses. Phishing is highly facilitated by the use of mobile devices. The fact that companies control computers configured to their server, most personnel use cell phones to download and access confidential corporate information that may lead to fraudsters (Choo, 2011). This gives the IT administration little or no control over employees’ access to the secured company data. With most employees bringing mobile devices with them to the workplace, the security personnel lacks the expertise to ensure that such devices are secure and safe. The implementation of safety specific platforms within the workplace has been confusing to the IT administrators. Therefore, mobile devices create a challenge in installing cybersecurity measures for businesses. Reducing cybersecurity risks created by the use of cell phones by employees requires a proactive, user training, and a higher level collaboration within enterprises (Choo, 2011). Downloading confidential company data to personal devices by employees cannot get trusted. The aim of the act requires scrutiny since an employee may be doing this with an intention to commit fraud and theft to the enterprise. Great advances have been made in the mobile devices. More sophisticated devices are being made that would bring a great revolution to the use of the mobile phones. Currently, most of the phones being produced are meant to be faster and with larger space. These devices are produced ton perform multiple functions, unlike the devices that were there before. Also mobile devices face a threat on security matters but of late the development on how to improve the security on the devices is the greatest business concern that is the set of laws on securing mobile devices by the use of passwords, and most organizations control the use of both organization issued smartphones and personal-owned since they provide a landline . The mobile use policy in most of the organizations is documented in the system security plan and hence the control of data leakage.

Organizations have a need to implement necessary security measures to mitigate the risks of cyber-attacks since the cyber security is a menace to the business operations. To promote cyber security organizations should instrument and adopt the following measures as discussed below.

Make changes to all default passwords: companies should safeguard their information by creating user passwords to stop threats that enable the unknown individual to log into the systems and install malware that can affect the running of the business operations.

Adjusting and removing administrative rights, administrative rights from all business desktops and servers should be minimized or removed through this practice there is hinderance malware installation and unauthorized applications that contribute to data breached (Choo, 2011).

Training: companies should offer training to core workers on the importance of safeguarding confidential information and sensitive information (Scully, 2014). Training on how to use mobile devices is essential in stopping employees from taking benefit of cloud computing in downloading and sharing confidential information of the company to fraudsters.

Password rotation: Companies practice employees transition or rotation this can enhance breakdown of familiarity, the failure to rotate employees and passwords enhances or establishes a room for cyber insecurity. (Scully, 2014).

Consistent identification and application of missing security patches: regular documentation of tactful information prevents the existence of cyber insecurity by fraudsters or any form of phishing and intended exposers to company data by the targets (Jing et al., 2014).

What are the challenges of cybersecurity for businesses?

1. What are the planned strategies, measures and steps that prevent cybercrime?
2. How does emerging risks and vulnerabilities in cybersecurity affect businesses?
3. What are the principles and rules of cyber behavior for businesses?

This section entails a clear theoretical description of various methods which will be applied in the field when carrying out research. Under this chapter, there is a description of techniques which will be used in the entire chapter to enhance the researcher to establish the gaps on organizational change. The techniques are as follows research design, research strategies, data collection methods, and data analysis.

The research design is the strategies that the researcher can select to use in integrating various elements in an orderly and clear way thereby enhancing the research problem under challenges on cybersecurity. The procedure involves the collection and examination of data for the purpose of describing the occurrence of the current status or condition. The research design is a section that entails research philosophies which are quantitative and qualitative.

The qualitative technique is a description of the data required for the project. Through it, there is a clear understanding of the underlying descriptions, opinions, and inspirations on challenges facing cybersecurity in various business. Qualitative has a great significance since it provides a clear understanding of the problem of study. Hence the researcher can develop the hypothesis required for the study. It uses structured and semi-structured techniques that is focus groups, one on one interviews and observation. Through this, the sample size is relatively small, and a few respondents are selected to provide a given information.

Due to the use of secondary data from the reliable sources, the information can be regarded as credible. The researchers’ reliance on secondary data in the making conclusion further strengthens the reliability index. Most of the sources of primary data such as observation and interviews may be biased because respondents who are contacted were freely willing to give away their personal information to our survey in the field of study. Considering the vigorous changes taking place in the field, it is quite a task to enhance validity over a longer period (Wang & Lu, 2013).

The validity of the research may, therefore, be interfered with as a result of the time lapse between the time collection of data took place and the period in which analysis and conclusion were done. Validity will also be checked during piloting to ensure that all items in the main study are functioning and it enhances data obtained to be reliable in representing a specific concept in the field of study. The pre-test was done in an area of the study which is not included during the actual research undertaking. Furthermore, reliance on secondary data may generate a reliability problem on the objective thus variance from the objective of the researcher who compiled the secondary data which research is relying upon (Wang & Lu, 2013).

Quantitative methods quantify the situation by generating numerical data or data can be transferred into statistics that can be used. This philosophy is used to quantify attitudes, opinions, behaviors and another variable to obtain data of the larger sample population. This quantitative philosophy is more structured as compared to qualitative since it includes surveys, face to face interviews, longitudinal studies, website studies, polls and systematic observation.

The research uses qualitative technique since it requires a small sample from the cybersecurity of businesses to represent the whole or the entire population is small. It has various limitations that are, the quality of the research is highly dependent on skills of the researcher, and it  is easily influenced by the biases, and in addition accuracy it is hard to maintain, assess and demonstrate on the data, it is time-consuming method on the analysis and interpretation of data due to the amount of data, it is difficult to understand and interpret, and the respondents are affected due to the presence of the researcher during data collection since they cannot respond well (Knowles et al., 2015). On the other hand, during data collection using this technique the issue of confidentiality is difficult hence some information might miss.

The researcher will apply stratified random techniques to select the required data or sample size since there are different levels of respondents that will be used to give out information. In probability, there is the fact that every individual in the population of research will have an equal chance to be selected. Through probability, the confidence intervals and margin errors will occur invalidation of the results of the research. The researcher will divide the sample into different strata, at the final stage selection subjects will be obtained by this technique of probability creates a sample. This technique produces features which are proportional to the sample gathered. Non-probability uses on- random processes for the verdict and expediency hence researcher has to determine the appropriateness of the research. This technique is easy and faster making the cost of carrying out the research to be low. Secondary data will be gathered in the form of case studies which will be carried out in journal articles, books in the field and from the internet sources. The sample size will be 60% of the population as this will give out a good percentage of the findings.

Despite the objectives, there are some challenges in the research which may end up affecting the validity and reliability of the research work. The project will cover a small sample of the targeted population; this is because time and resources do not allow the coverage of a wide sample of data collection. Through the use of a questionnaire, the respondents may not give clear and correct information in their responses which might interfere with the results. Insecurity will disclose some information since some respondents will be much suspicious of the motive of the research. 

Conclusion

Cybersecurity is the greatest business menace for both small and large enterprises. This is since organizations information is exposed through leakage hence affecting the level of confidentiality. Largest World companies such as Google have been affected by cyber-attacks where the result is the destruction of information or exposure of confidential information. The growth of cyber insecurity has become the major topic of research in the world today. Currently, all cyber-attacks target businesses and they are less sophisticated than most people think. Most businesses have developed solutions for the attacked that is through the creation of passwords and training employees on the importance of keeping information intact rather than exposing to fraudsters and other ill-oriented individuals and exposing the companies to the threat of collapse. There has been pushing of email attacked and other web-based application flaws over which access to private and confidential data has been gained by unauthorized personnel, but Google has created a mechanism of sensing insecurity. The organization should engage all personnel within them on the importance of keeping information confidential and access to computer passwords is only allowed to the authorized employees this will enhance private as information is not easy to leak out.   

References

Choo, K. K. R. (2011). The cyber threat landscape: Challenges and future research directions. Computers & Security, 30(8), 719-731.

Elmaghraby, A. S., & Losavio, M. M. (2014). Cybersecurity challenges in Smart Cities:     Safety, security, and privacy. Journal of advanced research, 5(4), 491-497.

Hay, B., Nance, K., & Bishop, M. (2011). Storm clouds rising: security challenges for IaaS cloud computing. In System Sciences (HICSS), 2011 44th Hawaii International           Conference on (pp. 1-7). IEEE.

Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of the internet of things:     Perspectives and challenges. Wireless Networks, 20(8), 2481-2501.

Knowles, W., Prince, D., Hutchison, D., Disso, J. F. P., & Jones, K. (2015). A survey of cybersecurity management in industrial control systems. International journal of critical infrastructure protection, 9, 52-80.

Roman, R., Zhou, J., & Lopez, J. (2013). On the features and challenges of security and privacy in the distributed internet of things. Computer Networks, 57(10), 2266-2279.

Scully, T. (2014). The cybersecurity threat stops in the boardroom. Journal of business continuity & emergency planning, 7(2), 138-148.

Wang, W., & Lu, Z. (2013). Cybersecurity in the Smart Grid: Survey and challenges. Computer Networks, 57(5), 1344-1371.). Cybersecurity in the Smart Grid: Survey and challenges. Computer Networks, 57(5), 1344-1371.