Write a topic on "Challenges of cyber security in business".
The technological evaluation in the society is also enhancing the obstacles regarding the security features of an organization or an individual. The intruders are using the different technological elements in order to break into the system of an organization or a particular individual in order to hack all the important set of data. Along with that, according to Von Solms & Van Niekerk (2013), the cyber security can also hamper the organizational growth that can easily reduce the performance of the employees. The primary aim of this study is to evaluate the importance of the cyber security aspect for any business organization. Along with that the study also aims to satisfy the fact that how the organizations can use the different cyber security aspects in their business process. The study also describes the exact objectives of this particular project. In addition to that, the study also provides a brief literature review that defines the broader aspect of the concept of cyber security.
2. Objective of the project
3. Scope of the project
Being focused on the different aspect of the cyber security, the organizations can enhance their online performance. The project can help the business organizations to find out the different variables that can hamper their business process and based on those aspects the organization needs to mitigate those security issues by using different tools and techniques. Along with that, the study would also help the business organizations in order to be aware of the intrusion attacks from the intruders. The proper implementation of the cyber security elements can help an organization to maintain their business process properly. The study would also be helpful for the organizations that are new to the online platform and are dealing with the online fund transfer process. Therefore, it can be said that the entire study would help the organizations to understand the fact that how the threats can hamper the overall performance of the organization and how those threat factors can be mitigated.
4. Literature review
This section of the project mainly deals with the wide range of literature that is associated with the cyber security aspects of an organization. This part defines the proper concept of the cyber security along with its different elements. Moreover, it also defines the multiple types of cyber security threats that an organization ma face while performing their online business functions. Along with that, the study also provides different processes through which the security risk regarding the cyber security can be mitigated easily. Along with that, it also deals with the advantages for an organization that has the cyber security features. Moreover, it also defines the areas that are missed in this study due to different constraints. Finally, there is a brief summary regarding the multiple aspects that are related to the cyber security.
Concept of cyber security
According to Wang & Lu (2013), cyber security that is also known as the computer security is the proper protection of the computer systems from the theft or any kind of damage to the hardware or software of the system. In addition to that, it also protects the entire system from any kind of disruption regarding the different services. The concept of cyber security includes the controlling the physical access of the hardware of the system. Along with that, it also protects the system from any kind of harm that can be done through the network of the organization. Moreover, the malpractices of the intruders are enhancing day by day, therefore it has become mandatory for the business organizations to take the concept of cyber security into their business operations (Hahn, Ashok, Sridhar & Govindarasu, 2013).
Behavior of the employees can have an ample amount of impact over the information security in the business organizations. The cultural concepts can easily help the different parts of the business organization to work effectively and efficiently. On the other hand, there are some segments those are not really focused towards the information security. Therefore, it generates the vulnerability in the different parts of the organizations and those segments become the target of the intruders. In order to maintain the culture of the information security, the organizations should take five different steps (Amin, Litrico, Sastry & Bayen, 2013).
One of them is the pre-evaluation step in which it needs to identify the proper awareness regarding the information security within the employees’ of an organization and needs to analyze the current security policy that the organization is using. The next step is the strategic planning step that comes with a better awareness program for the employees that defines them their target. The third step is the operative planning step that derives the fact that there needs to be a good security culture that can be implemented based on the internal communication. According to Liu et al. (2015), the retail sector in Australia needs to be very much aware of the cyber threats as they mainly deals with their customers in the internet platform. Along with that, they also have their payments done online. In the implementation stage, the security culture needs to be implemented within the business industry and finally in the post-evaluation stage the business organization needs to evaluate the performance of the security culture in the organization (Gordon, Loeb, Lucyshyn & Zhou, 2015).
Different type of cyber security threat
There is an ample amount of security threats in this world. Some of them are very much harmful for the business organizations. The multiple type of cyber threats are described below.
They are considered as most complicated threat regarding the cyber security. Most of the threats to the banking system generates from the Trojan family like Zeus along with SpyEye (Hong, Liu & Govindarasu, 2014). In addition to that, it has the ability to hide them from the antivirus detection. If the Trojan is powerful, it is able to break the entire security system of the organization.
Before 10-20 years virus was considered as the most popular threat to the cyber system of an organization or an individual machine. It is considered as a malicious program that has the ability to replicate itself. Along with that, it has the main motive of destroying the functionalities of the system. However, according to Cavelty (2014), today viruses lost their popularity because of the introduction of the malwares. Therefore, in today’s age the viruses are basically used for the purpose of revenge taking.
Worms are not considered as a big threat to the computer systems. They are mainly designed to spread. They have the ability to spread from one system to another by having the access to the network or through the internet platform. According to Herrera, Ron & Rabadão (2017), the main threat regarding the worms is the fact that they use the disk space in the system and are able to take most of the bandwidth regarding their nature of spreading.
It is a kind of malware that is mainly designed for spying in the user’s system. The spyware is basically used in order to know the daily activities of the users. That helps the intruders to find out the important set of information regarding the user. It provides the intruder with an ample amount of chance to fraud the user and takes all the important information from them (Buczak & Guven, 2016).
It is something that has the record of every key stroke that the users made on their system. It is considered as one of the most powerful threats that can steal the login information of the users such as the username and the passwords. In addition to that, according to Wells, Camelio, Williams & White (2014), it is also considered as the sub-function of the Trojans.
The BotMaser mainly installs these in order to take all the control of the user’s system through the Botnet injection. It mainly infects the entire system by implementing different type of Trojans. Therefore, the system of the victim organization becomes vulnerable to the DDoS attacks.
In this process, a fake website is designed that looks like an authentic one. It is used to perform the phishing attack. According to Kwon, Liu & Hwang (2013), the process mainly tricks the user into entering their name along with the other personal details to login a fake page. Whenever the user provides all the details, it redirects the user into some other webpage and takes out all the data that the user have entered.
Earlier cookies are described as the malware. However, they are not a malware. This is the concept used by most of the websites to store data into the user’s system. Along with that, it also has the ability to track down the activities of a user’s system. Therefore, it is also considered as a threat to the business organizations.
It is considered as a part of malware that takes the entire control of a system in order to commit criminal activities. However, the hackers are not directly associated with this. They place some kind of Trojans that commit the crime (Bates, Tian, Butler & Moyer, 2015).
SQL injection do not hamper the end users directly. It attracts the vulnerable websites. This process mainly gets an authorized access to the database of the system and then the intruder is able to take out all the important information from the database. This can reduce the performance level of the organizations.
Mitigation process of the cyber security threats
When it comes to the process of mitigation the cyber security related risk factors, the business organizations needs to very much aware of this aspect. At first, they needs to identify the fact that for which type attack their system is vulnerable of and based on that they need to decide their security planning. However, as the technology is enhanced to such an extent, that the intruders can provide the organizations in different ways. Therefore, the organizations need to use the proper use of the anti-virus in their systems. Along with that, only the implementation of the anti-virus software would not be able to satisfy to mitigate the issues. Sou, Sandberg & Johansson (2013) said that, it needs to be updated at regular interval by the organization. In addition to that, the organizations can also use the firewalls. That prevents any kind of unauthorized access to the data set of the organization. More specifically, it can be said that the firewalls can prevent any kind of unauthorized access to the main database of the organization.
Moreover, the network of the organization also needs to be keep safe and needs to be monitored by the network administrator. On the other hand, the organizations also use some process that can reduce the threat factor regarding cyber security. The passwords need to be strong enough so that it cannot be decrypt by the intruders. Along with that, the employees of the organization needs to be aware before installing any kind of applications and needs to have a look at the permissions. Moreover, according to Ben-Asher & Gonzalez (2015), the organizations need to have a regular software update process. It may reduce the threat regarding the cyber crime and would enhance the level of performance of the different organizational functions.
Advantage of having cyber security component in the organization
When it comes to the advantages of the cyber security system, the main thing is the fact that it protects the entire business functionalities of the business organization. This allows the employees of the organization to use the internet and the intranet platform freely. Along with that, it also protects the personal set of information of the employees and the business organization. According to Kleinberg, Reinicke, Cummings & Tagliarini (2015), as the viruses are not able to break into the system, therefore the system can perform their functionalities properly. In addition to that, the most important thing that the business organizations have as the advantage is the fact that the employees can work with a free mind without having any kind of issues behind their mind.
The viruses are able to slow down the functionalities of the organizational functionalities. However, having the proper cyber security system can enhance the performance of the entire system. Along with that, it also protects the website of the business organization from going down. If the website of the business organization does not work properly, then they may face issues regarding their online processing along with the financial transactions. However, the proper security aspects can reduce the chance of thins thing to be happened. Moreover, according to Sommestad, Ekstedt & Holm (2013), it denies the Spyware and prevents the Adware that in turn enhances the performance of the organization.
Gap of the literature
In the previous researches, the different types of cyber security threats are described. However, in this particular research project, those types are described properly. Along with that, the study also evaluated other different type of threats such as the SQL injection along with the concept of Crimeware. These new type of threats has been found this study. The previous researchers have not properly described these types of security threats. Along with that, earlier the mitigation steps are very much limited. However, in this research it has been evaluated properly. Therefore, it provides an ample amount of knowledge regarding the challenges of the cyber security that an organization may face.
This literature review part mainly derives the fact that the cyber security aspect is very much important for the retail business industry in Australia. Along with that, it also defines the different type of threats that an organization may face in terms of cyber threat. The study also provides the concept of firewalls along with the anti-virus that can enhance the security performance of the organization. Moreover, the study also provides the different advantages that the business organizations may have by suing the proper security features regarding the cyber threat.
After summing up the entire study, it can be said that the implementation of the cyber security aspect can help an organization to grown in their own sector. Along with that, the study also concludes the fact that the intruders try to hack the organizational data by using different technological methods. Therefore, the employees of the organization need to be aware of any kind of malicious activity in their network. In addition to that, the study also concludes another important factor that the cyber security aspects can help the organization to keep a proper backup of their data set. Therefore, if the data set is lost due to the intrusion from the intruders, then the backup set can take into consideration.