ICT's Impact On Real Estate: SWOT, Cybersecurity, Compliance, Business Continuity - An Essay.

Real estate in Australia is increasing day by day. Now, with the advent of ICT the real estate can be largely benefitted. The realestate.com.au will be focused in this report. SWOT analysis of the impact of ICT on the retail estate sector will be discussed in the report to find the opportunities and the benefits as well as the risks associated within. The cybersecurity, compliance and the business continuity has been discussed in the report as well.

The realestate.com.au has been focused in this report. Real Estate market works almost similar to any other market and numerous management activities are involved and if these processes are deployed significant profit can be gained. The ICT is a new initiative which is going to change the real estate in mere future. With the advent of Big Data, the business activities related to construction, design can be further furnished. The advanced IoT sensors can be used further to collect and analyses data and can also be used to enhance security. Building Information Modelling (BIM) can be utilised to monitor the lifecycle of a construction building. BIM involves the complete monitoring from designing and manufacturing, later the optimisation and examination of building manufacturing components.

BIM can save time and money for a particular project, so that time can be utilized into undertaking other tasks. BIM provides the 3D design of the proposed project thus the model can be better understood and for this reason, it can assist in the further construction of the project (Laudon & Traver, 2013). BIM diminishes the errors incurred within the project pretty early thus avoid the threats associated at the time of construction. BIM is utilised widely in the construction industry ranging from mining, construction to facility management.

BIM does not cooperate among other occupations. It does not focus on providing information rather it only focus on building. Various sectors of a company must work collaboratively to effectively implement the BIM model (Laudon & Laudon, 2016). Though BIM gives cost-effective solutions, initially a huge amount of money is required to implement the software.

BIM assists and provides opportunities to stay connected with the BIM international leaders in terms of education. BIM prescribes the whole construction model prior to the construction starts (Anderson, 2014). BIM assists in learning new skills and methodologies in the respective field.

BIM can heavily influence the traditional working procedure of the construction and manufacturing industry sector and can even overtake the traditional industry as well (Khan et al., 2014). The BIM construction companies are comparatively lesser in number; thus the suppliers are quite less.

Internal Analysis

BIM details the construction process and also with that the required 3D model that can ease the construction industry (Anderson, 2014). For this reason, the real estate sector must adopt this technology, this can help them to build designs prior to construction moreover it saves time.

BIM can help them to diminish the waste of time and money, it will help them to find out the risks and threats prior and also help them to mitigate those risks prior to construction. BIM helps to monitor the construction lifecycle all throughout so it will generally help to reduce the errors incurred (Laudon & Laudon, 2016). Thus BIM can increase overall productivity in real estate sector.

Though a huge capital investment is required initially, in the long run, BIM will help the real estate sector to conduct business activities in quick times and in a profitable way. BIM' s 3D model technology will help to conduct each and every project in an effective manner (Laudon & Traver, 2013). Thus the real estate sector can earn huge revenues with the help of BIM software.

The chosen topic for the Part B section of this report is Cyber Security, Compliance, and Business Continuity.

Cybersecurity threats are emerging day by day due to the following vulnerabilities- the malware attack, the lost disks and the threatening DDoS attacks which involve the unauthorized system access. The other kinds of threats that are emerging right now are persistent threats, social web media for social engineering. Social engineering consists of two two procedures-

1. Pretexting-this method involves playing some sorts of tricks to convince individuals by the hackers to acquire secret information from the individuals (Morano, Tajani & Locurcio, 2015).
2. Baiting-offer incentive to individuals and the individuals falls into the trap of the greed and perform actions which are not secured.

APT involves attack of intruders over an insecure network over years and gain unauthorised access to steal the important data. APT can be a threat to the national defence system and also the national finance system (Levy, Yu & Prizzia, 2016). They do not cause any damage to the system as the intruders do not want to reveal their presence.

They generally target the national or government website and resources and make it vulnerable thus they steal all vital information. This is because of the insecure network system and the weak security architecture (Furfaro, Gallo & Saccà, 2016). All these gave them the opportunities to get into the loopholes and steal information for their benefits.

The intruders generally carried out their attacks by the in the form of data breaches, data leaks, data theft, threats and privacy invasions. For instance, they attacked Sony in the year 2011 and their system and the database got compromised and the sensitive information of the customers got leaked (Dhillon, 2015). The Sony PlayStation Network, Sony Online Entertainment got hacked and in this way, they lose market share, customer base and at the end lose reputation.

Weakness

Thus it is absolutely necessary to secure the website and web resources. The web data and web resources must be made accessible all the time having restriction access, implementation of rules and regulations with respect to proper use of hardware and software solutions must be capable to detect and handle any issues or any kind of security breaches (McCollum, 2016). The system and the database must be made compliant to recover back from any kind of disasters and disruptions occur within the network.

The vulnerabilities and threats of the system and the database are the malware attacks. He malware attacks involve the virus attacks, Trojan attack, spyware and any kind of unwanted programs. These can cause disruptions in any enterprises and the business operations suffer due to those data breaches and unauthorised access (Carter & Zheng, 2015). The vulnerabilities and the threats generally affect the confidentiality, integrity and the availability of resources.

Confidentiality refers to the authorized access of individuals and thus ensures protection and privacy of data, only the legitimate users can gain access to the system.

Integrity refers that the assets should not be modified or altered by any means of unauthorized access to the system and the database.

Availability refers to the portion of assets which can be accessed and modified at the time of need and those can be modified or altered by authorized users only (Ojeka, Ben-Caleb & Ekpe, 2017).

Passwords: The passwords can protect one's system and the database from unauthorised access. The password must be strong enough so that the intruders cannot discover that.

Internal threats: The internal threats involve the insiders or the employees of the organisation. This kind of malicious activity generally carried out by the employees and the intruders and to assure protection from all these kinds of security attacks firewalls, intrusion detection system must be applied (Gordon & Gordon, 2016).

Cloud Computing and Social Networking Risks: Cloud Computing is vulnerable if the security framework used is not secure enough if the hardware, software and the applications are not properly updated time to time. Again, the sharing of personal files, data, images and videos via social media and the social networking sites can lead to the violation of privacy. The intruders can use the media for the benefits, can modify the personal data and in this way, one's reputation can be at risks.

Defense-in-depth model: The Defense-in-depth model is a multi-layered initiative taken by InfoSec. The procedure lies within, if any layer fails, the other layers come to the rescue, in this way a system can be saved from data breaches to the utmost. For instance, the wireless network connectivity fails to protect data, and then the next layer or the next procedure can protect the data (McCarthy et al., 2016). By means of encrypting data, the data can be protected from all kinds of breaches. However, the process infosec have adopted are-

1. Senior management commitment and their support
2. Policies and IT training
3. Procedures involved it IT security
4. Keeping the hardware and software solutions up to date all the time.

External Analysis

Unintentional threats involve the human errors, environmental hazards and the failures of the computer system. Al these cause disruptions and malfunctions within the computer system. This can cause the disruptions within the business activities as well.

Intentional threats involve the botnets, spyware, adware, spam and phishing and all these activities require human interactions and they are generally carried out by intruders to steal personal information and resources (Slusky & Goodrich, 2016).

Insider fraud: Insider fraud refers to the intentional use of one’s information and assets for misuse purpose or to conduct any crime within. The insider frauds are carried out by internal employees of a company and the contractors for personal benefits. Special measures should be adopted to prevent this sort of attacks.

Internal fraud detection and prevention: The internal fraud detection and prevention can be carried out by respective companies. The companies should take harsh decisions and also should educate the employees with the fact that they are under constant vigilance of the company’s supervisors and any kind of fraud will not be entertained (Furfaro et al., 2016).

The defence strategies will be described as follows-

1. Prevention and deterrence:Proper security measures can assist in preventing any errors occur within, it also prevents the intruders to attack one’s system, the proper security measures also help in denying unauthorised access.
2. Detection:The proper security measures undertaken help to detect any attack or any malfunctions occurring within the system and the database.
3. Introduction of the fault-tolerant system:The fault tolerant system is responsible to perform operations in the system when the system is malfunctioned. The fault tolerant system can also be referred as safe mode (Slusky & Goodrich, 2016).
4. Recovery:A recovery plan must be prepared based on the damaged information system so that the data can be recovered quickly and the business operations can be started as early as possible.
5. Correction:Security measures must be taken to fix any sort of damages within the system and the database and these corrections will make the system to work as early as possible. It will also assure that these kinds of disruptions will not occur again.
6. Awareness and compliance:All the companies must be knowledgeable and stay educated about all the security measures. The management team along with the employees must be aware of the security control measures and the defence strategies to conduct business activities well.

The defence control can be classified into general control measures and physical control measures. The general control can be classified into physical control, access control, data security, communication, administrative, the access controls can again be classified into Biometrics and Web Controls. The Web Controls can be classified into authentication, encryption, cable testers, firewalls and virus protection (Slusky & Goodrich, 2016). The Application Controls can be classified into input, processing and output.

Network security measures involve the three layers-

1. First Layer:Perimeter Security: Perimeter security involves the control access to the network. Examples are firewalls and antimalware software.
2. Second Layer:Authentication: This layer is responsible to identify and recognize the authorized persons and only the authorised persons can gain access to the system. The examples are- usernames and passwords (McCarthy et al., 2016).
3. Third Layer:Authorization: The authenticated persons are given certain controls once they gain access to the network. Examples are- permissions.

The internal control and compliance are the working surroundings that are set by the company's management team for their employees. Therefore, the internal control procedures have been developed to gain-

1. Safeguarding of resources
2. Reliability of financial reporting
3. Business operations’ efficiency
4. Comply with the laws
5. Maintain policies and the regulations

A well-planned insider fraud and money-laundering activities can destruct the financial sector can affect the nation's economy. Thus risk management is necessary to control the finances, economy and the financial institutions. The introduction of IT has the capability to enhance the market and mitigate the frauds within.

1. The business continuity plan’s purpose is to keep the business running.
2. The recovery plan is a sort of resource protection. Each and every organization must take the responsibility to manage to 0rotect their own assets (McCarthy et al., 2016).
3. The proof of capability includes the what-if analysis  
4. All critical applications must be identified and their recovery procedures addressed in the plan (McCarthy et al., 2016).
5. The plan should be written so that it will be effective in case of disaster, not just in order to satisfy the auditors.

The audit is here to detect the vital part of the control system. The questions that must be answered to diminish the criminal activities. The questions are whether there are sufficient controls within the system, the controls which are absolutely necessary.

Cost-Benefit analysis can be conducted considering the ethical issues and risk management analysis based on the ethical issues. There are various ethical issues, those issues must be clearly diagnosed, certain controls must be imposed to mitigate those issues, now imposing controls may violate the privacy of individuals and the security can be compromised (McCarthy et al., 2016). Thus superior must consider the ethical issues based on the two doctrines: the duty of care and respondeat superior and must act responsibly to secure the company's business activities.

1. Yes, according to the Turnitin report, the bold, coloured text matches are clearly missing in-text references clearly.
2. Yes, according to the Turnitin report, the bold, coloured text matches are including three words consecutively in a row. I have tried my level best to paraphrase and write according to my language, however, the plagiarism has been detected in rows which are unintentional.
3. No, the plagiarism Turnitin report has detected plagiarism which is below 10% that means I have written more than 90% of the report completely in my own words.
4. Yes, the bold, coloured text matches are coincidental. The texts that have been matched are topic titles, keyword terms or technical terms, certain principles with respect to business processes upon which the report has been elaborately discussed. Therefore, those texts do not require any modifications, and they must be addressed properly to comply with the topic.
5. No, the short strings that have been matched are topic titles, keyword terms or technical terms, certain principles with respect to business processes upon which the report has been detailed and according to Turnitin report I have written more than 90% of the words in my own language, so as per norms it can be stated that I have successfully paraphrased the report.
6. Yes, I have not directly quoted the texts from the Internet sources, I have well represented each and every topic of the report with broad details and have highlighted the people’s perceptions in my report in my own words

Opportunities

 Conclusion

It can be concluded from the above discourse that the real estate can be greatly enhanced with the advent of ICT. The realestate.com.au has been focused in this report. SWOT analysis has been performed on the retail estate sector to find the opportunities and the benefits as well as the risks associated within. The CyberSecurity, Compliance and Business continuity has been discussed in the report.

 References

Anderson, D. M. (2014). Introduction. In Leveraging (pp. 3-34). Springer International Publishing.

Carter, W. A., & Zheng, D. E. (2015). The Evolution of Cybersecurity Requirements for the US Financial Industry. Center for Strategic and International Studies.

Dhillon, G. (2015). WHAT TO DO BEFORE AND AFTER A CYBERSECURITY BREACH?.

Furfaro, A., Gallo, T., & Saccà, D. (2016, August). Modeling cyber systemic risk for the business continuity plan of a bank. In International Conference on Availability, Reliability, and Security (pp. 158-174). Springer International Publishing.

Furfaro, A., Gallo, T., Garro, A., Saccà, D., & Tundis, A. (2016, May). Requirements specification of a cloud service for cyber security compliance analysis. In Cloud Computing Technologies and Applications (CloudTech), 2016 2nd International Conference on (pp. 205-212). IEEE.

Gordon, K., & Gordon, K. (2016). SEC proposes rules on adviser business continuity and transition plans. Journal of Investment Compliance, 17(4), 65-70.

Khan, H. U., Artail, H. A., Malik, Z., & Niazi, M. (2014, August). Information technology adoption, possible challenges, and framework of supply chain management: a case study of a leading gulf economy. In Engineering Technology and Technopreneuship (ICE2T), 2014 4th International Conference on (pp. 1-5). IEEE.

Laudon, K. C., & Laudon, J. P. (2016). Management information system. Pearson Education India.

Laudon, K. C., & Traver, C. G. (2013). E-commerce. Pearson.

Levy, J., Yu, P., & Prizzia, R. (2016). Economic Disruptions, Business Continuity Planning and Disaster Forensic Analysis: The Hawaii Business Recovery Center (HIBRC) Project. In Disaster Forensics (pp. 315-334). Springer International Publishing.

McCarthy, D., McCarthy, D., Gordon, K., & Gordon, K. (2016). SEC issues guidance on business continuity planning for registered investment companies. Journal of Investment Compliance, 17(4), 71-74.

McCollum, T. (2016). Time to shift the mindset: pulse report urges internal audit to focus on culture and cybersecurity response. Internal Auditor, 73(2), 11-13.

Morano, P., Tajani, F., & Locurcio, M. (2015). Land use, economic welfare and property values: an analysis of the interdependencies of the real-estate market with zonal and socio-economic variables in the municipalities of Apulia region (Italy). International Journal of Agricultural and Environmental Information Systems (IJAEIS), 6(4), 16-39.

Ojeka, S., Ben-Caleb, E., & Ekpe, E. O. I. (2017). Cyber Security in the Nigerian Banking Sector: An Appraisal of Audit Committee Effectiveness. International Review of Management and Marketing, 7(2), 340-346.

Slusky, L., & Goodrich, J. A. (2016, June). Human Factors of Cybersecurity Awareness. In EdMedia: World Conference on Educational Media and Technology (pp. 436-444). Association for the Advancement of Computing in Education (AACE).

Snedaker, S. (2013). Business continuity and disaster recovery planning for IT professionals. Newnes.