Cyber Security Threats and Mitigation Strategies
VerifiedAdded on 2020/03/28
|16
|4139
|236
AI Summary
This assignment delves into the multifaceted world of cybersecurity. It examines diverse categories of cyber threats, ranging from malware and phishing attacks to insider threats and state-sponsored espionage. The discussion analyzes the profound consequences of these threats on individuals, organizations, and national security. Furthermore, the assignment explores a range of mitigation strategies designed to bolster cybersecurity defenses, encompassing technological solutions, policy frameworks, and human awareness initiatives.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Assignment on SWOT Analysis & Cyber security, Compliance and Business
Continuity.
Continuity.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Contents
Swot Analysis.........................................................................................................................................3
Strengths...........................................................................................................................................3
Weakness..........................................................................................................................................4
Opportunities....................................................................................................................................5
Threats...............................................................................................................................................5
Summary and recommendations..........................................................................................................6
Short term goals....................................................................................................................................7
Midterm goals.......................................................................................................................................7
Long term goals.....................................................................................................................................7
Introduction...........................................................................................................................................8
Why is Cybersecurity important?..........................................................................................................9
Common types of security breaches...................................................................................................10
Denial of Service..............................................................................................................................10
Bugs, Viruses and other Ransomware.............................................................................................10
Backdoor attacks.............................................................................................................................10
Types of Cybersecurity mechanisms....................................................................................................11
Application Security.........................................................................................................................11
Information Security........................................................................................................................11
Network security.............................................................................................................................12
Business Continuity.........................................................................................................................12
When is a Business Continuity plan required......................................................................................13
Conclusion...........................................................................................................................................14
Swot Analysis.........................................................................................................................................3
Strengths...........................................................................................................................................3
Weakness..........................................................................................................................................4
Opportunities....................................................................................................................................5
Threats...............................................................................................................................................5
Summary and recommendations..........................................................................................................6
Short term goals....................................................................................................................................7
Midterm goals.......................................................................................................................................7
Long term goals.....................................................................................................................................7
Introduction...........................................................................................................................................8
Why is Cybersecurity important?..........................................................................................................9
Common types of security breaches...................................................................................................10
Denial of Service..............................................................................................................................10
Bugs, Viruses and other Ransomware.............................................................................................10
Backdoor attacks.............................................................................................................................10
Types of Cybersecurity mechanisms....................................................................................................11
Application Security.........................................................................................................................11
Information Security........................................................................................................................11
Network security.............................................................................................................................12
Business Continuity.........................................................................................................................12
When is a Business Continuity plan required......................................................................................13
Conclusion...........................................................................................................................................14
SWOT Analysis of RealEstate.co.au
SWOT Analysis
RealEstate.co.au is an Australian real estate company with a well etched out web and mobile
platform that deals in the trade of property. The company has used state of the art Information
and Communication Technology (ICT) to design a website that is used for the advancement
of the business and cater to the needs of the customer. Prospective buyers can access the
website or the mobile app by the help of compact and portable devices such as smart phones,
tablets or laptops. In addition to the website, the company has also developed a mobile
application with a matching interface as that of the website. The website and the mobile app
together would serve as an ideal platform for prospective buyers to buy, view or choose a
property at a desired location. A SWOT analysis is done on the company to gain insight into
its operations and their subsequent plans for growth.
Strengths
RealEstate.co.au has a global presence which is well demonstrated by its pervasive
online presence.
The website has a customized appearance for different countries. They cater to an
international audience by localizing its user interface to different languages.
The appearance of the website is very coordinated and systemized. The specifications
of the properties are etched out well and displayed through the website.
The company provides an app with images and interactive features for the users to
browse through the properties on display. They are also provided with different
options to customize their search.
SWOT Analysis
RealEstate.co.au is an Australian real estate company with a well etched out web and mobile
platform that deals in the trade of property. The company has used state of the art Information
and Communication Technology (ICT) to design a website that is used for the advancement
of the business and cater to the needs of the customer. Prospective buyers can access the
website or the mobile app by the help of compact and portable devices such as smart phones,
tablets or laptops. In addition to the website, the company has also developed a mobile
application with a matching interface as that of the website. The website and the mobile app
together would serve as an ideal platform for prospective buyers to buy, view or choose a
property at a desired location. A SWOT analysis is done on the company to gain insight into
its operations and their subsequent plans for growth.
Strengths
RealEstate.co.au has a global presence which is well demonstrated by its pervasive
online presence.
The website has a customized appearance for different countries. They cater to an
international audience by localizing its user interface to different languages.
The appearance of the website is very coordinated and systemized. The specifications
of the properties are etched out well and displayed through the website.
The company provides an app with images and interactive features for the users to
browse through the properties on display. They are also provided with different
options to customize their search.
The company also has a strong presence in social media platforms such as facebook,
twitter, linkedin and youtube. These sites are used for advertising and showcasing
their presence and experience in the real estate arena.
With the website and the mobile app, the company intends to reach to clients on far
and remote locations. The site gives them additional interactive features so that the
clients can have a better look at the property they intend to own or rent.
Weakness
The performance of the website in a few browsers tends to be slow and takes
considerable amount of time to load.
Some of the functionalities that has been introduced in the website have not been
completely integrated in the mobile app. This creates a mismatch in the websites
appearance in different devices.
The company does not have the required amount of IT resources with ample
experience to support the system in case of an emergency or a breakdown.
The infrastructure, system and the gateways being used by the company are not
contemporary or state of the art. This becomes a limitation in hosting modern
technologies and updating the services as quickly as intended.
Since the site hosts a number of localized versions for different countries, there should
be enough IT personnel to take care of the local and global changes. The changes
have to be monitored and updated accordingly in the website. Currently the company
is at a shortage of skilled and experienced personnel.
Since RealEstate.co.au plans to extend its services mainly through the online medium,
there is a threat of losing traditional customers who may not be computer savvy
twitter, linkedin and youtube. These sites are used for advertising and showcasing
their presence and experience in the real estate arena.
With the website and the mobile app, the company intends to reach to clients on far
and remote locations. The site gives them additional interactive features so that the
clients can have a better look at the property they intend to own or rent.
Weakness
The performance of the website in a few browsers tends to be slow and takes
considerable amount of time to load.
Some of the functionalities that has been introduced in the website have not been
completely integrated in the mobile app. This creates a mismatch in the websites
appearance in different devices.
The company does not have the required amount of IT resources with ample
experience to support the system in case of an emergency or a breakdown.
The infrastructure, system and the gateways being used by the company are not
contemporary or state of the art. This becomes a limitation in hosting modern
technologies and updating the services as quickly as intended.
Since the site hosts a number of localized versions for different countries, there should
be enough IT personnel to take care of the local and global changes. The changes
have to be monitored and updated accordingly in the website. Currently the company
is at a shortage of skilled and experienced personnel.
Since RealEstate.co.au plans to extend its services mainly through the online medium,
there is a threat of losing traditional customers who may not be computer savvy
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Opportunities
The increasing use of mobile devices has made the company to concentrate more on
incorporating interactive features on the mobile apps.
Additional features like Youtube videos could be included in the website. This gives
the users a more interactive feel of visiting the place from the comfort of their homes.
Data analytics could be used for collecting information about the characteristics and
information about the users of the website. Demographic data about the users could be
used by the company for pitching promotions and deals.
Better platforms could be provided for the users to interact with the company
officials. They could offer online message portals or feedback forms within the
website for the customers to explain their need, the type of property or the location
they prefer.
The general trend of increasing website and mobile app users could be used by the
company towards its advantage. The company can provide a more streamlined and
automated system that provides accurate and easy service to the customers.
Threats
Different devices like smart phones, tablets and palmtops would be accessing the
application of Realestate.co.au by a number of different browsers. It may be noted
that the mobile app is compatible with these devices.
Increasing competition among other international real estate agents may put extra
burden on the company to modernise and use state of the art tools. This may cause a
cost overhead as there would be a pressure to recruit resources with technical
expertise.
The increasing use of mobile devices has made the company to concentrate more on
incorporating interactive features on the mobile apps.
Additional features like Youtube videos could be included in the website. This gives
the users a more interactive feel of visiting the place from the comfort of their homes.
Data analytics could be used for collecting information about the characteristics and
information about the users of the website. Demographic data about the users could be
used by the company for pitching promotions and deals.
Better platforms could be provided for the users to interact with the company
officials. They could offer online message portals or feedback forms within the
website for the customers to explain their need, the type of property or the location
they prefer.
The general trend of increasing website and mobile app users could be used by the
company towards its advantage. The company can provide a more streamlined and
automated system that provides accurate and easy service to the customers.
Threats
Different devices like smart phones, tablets and palmtops would be accessing the
application of Realestate.co.au by a number of different browsers. It may be noted
that the mobile app is compatible with these devices.
Increasing competition among other international real estate agents may put extra
burden on the company to modernise and use state of the art tools. This may cause a
cost overhead as there would be a pressure to recruit resources with technical
expertise.
The issue of security is always relevant for companies that use the customer’s
personal data for business. The more the company provides in terms of the services
and facilities, the more issues may arise in terms of user privacy of data and security
threats.
The rate of growth and updation in ICT related technologies has been more than
expected. There is an upsurge in the number of users accessing the application and the
website. Hence care should be given that a performance degradation does not occur.
Summary and recommendations
RealEstate.com.au provides a platform to the general public and prospective clients an
opportunity to have a better assessment of the properties that they plan to buy, sell, rent or
own by introducing ICT into their business. The company intends to build its customer base
by introducing new Information and Communication technology strategies. The immediate
aim is of having a far reaching audience, to consolidate its position as a leader the real estate
domain. The company intends to open up new avenues by localising its website to a global
audience and by launching it in different countries and languages. By including interactive
features and adopting new technology the company also plans to provide better experience
and satisfaction for the prospective buyers. Technological expertise could be used further by
the company authorities in different activities ranging from data collection about the users to
delivering a simple, customer friendly design to the users.
Short term goals
From the SWOT analysis, it is clear that the company lacks the necessary resources or the
infrastructure to handle the ICT advances they have made in the short span of time. Priorities
personal data for business. The more the company provides in terms of the services
and facilities, the more issues may arise in terms of user privacy of data and security
threats.
The rate of growth and updation in ICT related technologies has been more than
expected. There is an upsurge in the number of users accessing the application and the
website. Hence care should be given that a performance degradation does not occur.
Summary and recommendations
RealEstate.com.au provides a platform to the general public and prospective clients an
opportunity to have a better assessment of the properties that they plan to buy, sell, rent or
own by introducing ICT into their business. The company intends to build its customer base
by introducing new Information and Communication technology strategies. The immediate
aim is of having a far reaching audience, to consolidate its position as a leader the real estate
domain. The company intends to open up new avenues by localising its website to a global
audience and by launching it in different countries and languages. By including interactive
features and adopting new technology the company also plans to provide better experience
and satisfaction for the prospective buyers. Technological expertise could be used further by
the company authorities in different activities ranging from data collection about the users to
delivering a simple, customer friendly design to the users.
Short term goals
From the SWOT analysis, it is clear that the company lacks the necessary resources or the
infrastructure to handle the ICT advances they have made in the short span of time. Priorities
have to be set on what solutions are to be made on the website and how it can address the
incompatibility issues of different browsers or operating systems.
Midterm goals
Over the next 12 to 18 months, the company plans to launch several pilot programs and
promotional events through its website and mobile app. The company aims at collecting user
data and information like demographic data of the users from the website. They plan to
customize the appearance and functionalities of the website catering to the audience choices.
Long term goals
The company intends to have a global presence over the next three to five years. The
company officials have decided to attain better performance by increasing sales through
efficient IT governance strategies. As the company grows globally, there should be strategic
methods to ensure the consistency of data and functionalities across cross platform users.
Data analytics could be further used to gather deeper insights about the users buying
tendencies and customize the website and mobile app accordingly. All these are to be done
without compromising on privacy and security.
incompatibility issues of different browsers or operating systems.
Midterm goals
Over the next 12 to 18 months, the company plans to launch several pilot programs and
promotional events through its website and mobile app. The company aims at collecting user
data and information like demographic data of the users from the website. They plan to
customize the appearance and functionalities of the website catering to the audience choices.
Long term goals
The company intends to have a global presence over the next three to five years. The
company officials have decided to attain better performance by increasing sales through
efficient IT governance strategies. As the company grows globally, there should be strategic
methods to ensure the consistency of data and functionalities across cross platform users.
Data analytics could be further used to gather deeper insights about the users buying
tendencies and customize the website and mobile app accordingly. All these are to be done
without compromising on privacy and security.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Cyber security, Compliance and Business Continuity.
Introduction
Cyber security could be termed as the preservation and protection of digital systems from
piracy or destruction due to undesirable breaches. These breaches may be done by malicious
or unauthorized users. The digital systems that need protection may be Information
Technology components such as data, hardware or software. Cyber security is also breached
if there is an interruption in the services provided by computer systems (Probst et.al, 2013).
The significance of cyber security becomes critical in domains like finance, health care,
defence or business, as these fields make use of humongous load of data and information.
Due to the sensitivity in the nature of some kinds of data, like financial, private or intellectual
property, an attempt for illegal use could be disastrous and may result in adverse outcomes.
For a business to flourish and move ahead in an uninterrupted fashion, data has to be
transmitted continuously and unceasingly. During this uninterrupted flow of data, there
should be procedures to ensure that data and information that is being transmitted is secure
always. Since the frequency and ingenuity of cyber attacks is growing on a day by day basis,
the systems that are responsible for protecting data and information related to fields like
finance and personal security has to adopt steps to protect data confidentiality (Kritzinger and
von Solms, 2010). The significance of cyber security becomes all the more important in the
midst of a recent revelation by top intelligence agencies that cyber attacks could be the
highest threats to federal security eclipsing other crimes in the near future.
Unexpected catastrophes and crashes may inevitably occur in any business, if it comprises
sensitive data and the transfer of information. Information technology and business are
Introduction
Cyber security could be termed as the preservation and protection of digital systems from
piracy or destruction due to undesirable breaches. These breaches may be done by malicious
or unauthorized users. The digital systems that need protection may be Information
Technology components such as data, hardware or software. Cyber security is also breached
if there is an interruption in the services provided by computer systems (Probst et.al, 2013).
The significance of cyber security becomes critical in domains like finance, health care,
defence or business, as these fields make use of humongous load of data and information.
Due to the sensitivity in the nature of some kinds of data, like financial, private or intellectual
property, an attempt for illegal use could be disastrous and may result in adverse outcomes.
For a business to flourish and move ahead in an uninterrupted fashion, data has to be
transmitted continuously and unceasingly. During this uninterrupted flow of data, there
should be procedures to ensure that data and information that is being transmitted is secure
always. Since the frequency and ingenuity of cyber attacks is growing on a day by day basis,
the systems that are responsible for protecting data and information related to fields like
finance and personal security has to adopt steps to protect data confidentiality (Kritzinger and
von Solms, 2010). The significance of cyber security becomes all the more important in the
midst of a recent revelation by top intelligence agencies that cyber attacks could be the
highest threats to federal security eclipsing other crimes in the near future.
Unexpected catastrophes and crashes may inevitably occur in any business, if it comprises
sensitive data and the transfer of information. Information technology and business are
becoming increasingly interdependent on each other nowadays and many of the objectives of
a business rely heavily on IT. As the relevance of internet trading and online activity of a
business concern is expanding day by day, even a slight disruption in an organizations online
presence or activity might result in huge loss monetary wise (Karim, 2011). The majority of
companies which deal in e-business adopt a Disaster Recovery Plan to redeem its data and
continue its online activities in case of a major setback. In case this recovery plan does not
restore the company’s activities back to normalcy, a more formal and strategic approach is
followed to achieve business continuance. This approach is called the Business Continuity
Plan and it ensures the important components and resources are continuously available for the
uninterrupted flow of the business. Business Continuity could be roughly defined as the
ability of an organization in devising strategies that help in restoring the company to its
original form once a disruption occurs in its operations. Having a well etched out business
continuity strategy gives a foundation for the resources in times of a catastrophe, and
guarantees the reliability a business needs. Abiding to certain rules called business
compliance would help an organization in achieving business continuance. Compliance, in its
general sense could be termed as the readiness of an organization or an individual in
accepting the rules set forth by an authoritative body (Jouini et.al, 2014). For a business,
compliance could be termed as its willingness to adhere to certain standards put forth by the
governing bodies that ensure at least minimal security against cyber attacks.
Why is Cybersecurity important?
The main intent of Cybersecurity is to keep electronic data confidential and intact from theft
and piracy. Adopting cybersecurity measures would ensure that all the electronic systems and
data within a business are not subject to illegal or unauthenticated use (Rid and Buchanan,
2013). The term cybersecurity implies to both hardware and software used in a business and
a business rely heavily on IT. As the relevance of internet trading and online activity of a
business concern is expanding day by day, even a slight disruption in an organizations online
presence or activity might result in huge loss monetary wise (Karim, 2011). The majority of
companies which deal in e-business adopt a Disaster Recovery Plan to redeem its data and
continue its online activities in case of a major setback. In case this recovery plan does not
restore the company’s activities back to normalcy, a more formal and strategic approach is
followed to achieve business continuance. This approach is called the Business Continuity
Plan and it ensures the important components and resources are continuously available for the
uninterrupted flow of the business. Business Continuity could be roughly defined as the
ability of an organization in devising strategies that help in restoring the company to its
original form once a disruption occurs in its operations. Having a well etched out business
continuity strategy gives a foundation for the resources in times of a catastrophe, and
guarantees the reliability a business needs. Abiding to certain rules called business
compliance would help an organization in achieving business continuance. Compliance, in its
general sense could be termed as the readiness of an organization or an individual in
accepting the rules set forth by an authoritative body (Jouini et.al, 2014). For a business,
compliance could be termed as its willingness to adhere to certain standards put forth by the
governing bodies that ensure at least minimal security against cyber attacks.
Why is Cybersecurity important?
The main intent of Cybersecurity is to keep electronic data confidential and intact from theft
and piracy. Adopting cybersecurity measures would ensure that all the electronic systems and
data within a business are not subject to illegal or unauthenticated use (Rid and Buchanan,
2013). The term cybersecurity implies to both hardware and software used in a business and
may be used to safeguard all the information technology components that range from
something as simple as private data to information as complex as the ones pert that pertain to
national security. With the growing incidence of internet and its usage, the sharing of
electronic data has increase manifolds. The need for a security mechanism to protect and safe
guard this electronic data and devices have become more critical in the recent years. To make
sure that a system is impregnable against any form of security attacks, a deep knowledge
about the susceptibility of the system against the different forms of common security threats
is required (Kumar et.al, 2006). Cybersecurity mechanisms can effectively counter security
breaches in this case, if there is some information and insight about the systems security
lapses and the extent to which they could be exploited by unauthorised access or security
breaches.
Common types of security breaches
The different kinds of security breaches could be enumerated as follows:
Denial of Service
Denial of service is a very common type of security breach which denies the user rightful
access towards a system or a resource. A common strategy of attaining denial of service is by
overloading the system and not allowing the rightful owner access to a resource for which he
has access and control.
Bugs, Viruses and other Ransomware
Bugs and viruses are common programs that sneak into a system and alter the existing
structure of the system and make it behave erratically or unexpectedly. Ransomware is
another serious form of security breach, which gains entry into a system and locks the
resources in the system ad refuses to let go of the resources unless a ransom is being paid.
something as simple as private data to information as complex as the ones pert that pertain to
national security. With the growing incidence of internet and its usage, the sharing of
electronic data has increase manifolds. The need for a security mechanism to protect and safe
guard this electronic data and devices have become more critical in the recent years. To make
sure that a system is impregnable against any form of security attacks, a deep knowledge
about the susceptibility of the system against the different forms of common security threats
is required (Kumar et.al, 2006). Cybersecurity mechanisms can effectively counter security
breaches in this case, if there is some information and insight about the systems security
lapses and the extent to which they could be exploited by unauthorised access or security
breaches.
Common types of security breaches
The different kinds of security breaches could be enumerated as follows:
Denial of Service
Denial of service is a very common type of security breach which denies the user rightful
access towards a system or a resource. A common strategy of attaining denial of service is by
overloading the system and not allowing the rightful owner access to a resource for which he
has access and control.
Bugs, Viruses and other Ransomware
Bugs and viruses are common programs that sneak into a system and alter the existing
structure of the system and make it behave erratically or unexpectedly. Ransomware is
another serious form of security breach, which gains entry into a system and locks the
resources in the system ad refuses to let go of the resources unless a ransom is being paid.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Backdoor attacks
This is another type of security breach that gains access of a system without any usual
authentication procedures. In backdoor attacks a virus is created to gain control over a system
by hackers who intend to gain access of a system.
Types of Cybersecurity mechanisms
Cybersecurity is a generic term and it could be used to denote any kind of resource or
component that is being protected against unauthorised access (Razzaq et.al, 2013).
Depending upon the nature of the component or resource being protected, cybersecurity
mechanisms can be subdivided into the following categories:
Application Security
Applications are software components that are used to accomplish specific tasks for the end
user. Applications are utility programs created by the programmer and can be susceptible to
security breaches during any security threats during the different stages as it is being
developed (Six, 2011). The different stages during which an application is being created
could be listed out as the designing, coding, deployment and implementation. The security
mechanisms being offered during these different stages are an authentication mechanism that
authorizes the authenticity of the user and an auditing process that logs in each and every
action of a particular use.
Information Security
Information security could be defined as the procedure of safeguarding information from
unauthenticated users. Information security is again a very broad term and could be used to
denote the strategies that are followed to maintain the integrity and confidentiality of both
data and systems (Bulgurcu, et.al, 2010). Confidentiality and integrity ensure two things, that
This is another type of security breach that gains access of a system without any usual
authentication procedures. In backdoor attacks a virus is created to gain control over a system
by hackers who intend to gain access of a system.
Types of Cybersecurity mechanisms
Cybersecurity is a generic term and it could be used to denote any kind of resource or
component that is being protected against unauthorised access (Razzaq et.al, 2013).
Depending upon the nature of the component or resource being protected, cybersecurity
mechanisms can be subdivided into the following categories:
Application Security
Applications are software components that are used to accomplish specific tasks for the end
user. Applications are utility programs created by the programmer and can be susceptible to
security breaches during any security threats during the different stages as it is being
developed (Six, 2011). The different stages during which an application is being created
could be listed out as the designing, coding, deployment and implementation. The security
mechanisms being offered during these different stages are an authentication mechanism that
authorizes the authenticity of the user and an auditing process that logs in each and every
action of a particular use.
Information Security
Information security could be defined as the procedure of safeguarding information from
unauthenticated users. Information security is again a very broad term and could be used to
denote the strategies that are followed to maintain the integrity and confidentiality of both
data and systems (Bulgurcu, et.al, 2010). Confidentiality and integrity ensure two things, that
secure data and information gets transmitted only to the authorized receiver and that no
modification happens to the data during its transit from the source to the destination. The
protection mechanisms that are provided for ensuring that information security is guaranteed
to the users are termed as identification and authentication (Lewis, 2002). Both these
procedures provide certain rules to ensure that there is no unauthorized access to the
information systems. Apart from this, Cryptography is another technique where data is
scrambled into an intermediate form while it is being sent to a destination that could be
unscrambled and read only by the intended receiver.
Network security
Network security denotes the different security policies followed to prevent unauthorized
users from entering into a network. Network security also denotes the security mechanisms
that prevent an unauthorized entity from accessing a network or modifying or accessing the
resources in the network (Perlman et.al, 2016). Unauthorized access to a network connected
resource would result in a breach of the whole networks security mechanism. A few methods
of providing security to network components include the installation of components like
firewalls, virtual private networks and intrusion prevention systems (Rowe, et.al, 2011).
Network security is very critical towards preserving a company or organizations data
integrity and security policy as an unauthenticated user can gain access to any remote device
and get critical information from the main repositories of data storage.
Business Continuity
While discussing about Cyber security and attacks, it is very relevant and pertinent to discuss
about Business Continuity. As mentioned before, Business Continuity comprises of all the
strategies and backup mechanisms required mandatorily by a business to keep functioning
continuously even during a major disruption in its normal functioning. The strategies that are
modification happens to the data during its transit from the source to the destination. The
protection mechanisms that are provided for ensuring that information security is guaranteed
to the users are termed as identification and authentication (Lewis, 2002). Both these
procedures provide certain rules to ensure that there is no unauthorized access to the
information systems. Apart from this, Cryptography is another technique where data is
scrambled into an intermediate form while it is being sent to a destination that could be
unscrambled and read only by the intended receiver.
Network security
Network security denotes the different security policies followed to prevent unauthorized
users from entering into a network. Network security also denotes the security mechanisms
that prevent an unauthorized entity from accessing a network or modifying or accessing the
resources in the network (Perlman et.al, 2016). Unauthorized access to a network connected
resource would result in a breach of the whole networks security mechanism. A few methods
of providing security to network components include the installation of components like
firewalls, virtual private networks and intrusion prevention systems (Rowe, et.al, 2011).
Network security is very critical towards preserving a company or organizations data
integrity and security policy as an unauthenticated user can gain access to any remote device
and get critical information from the main repositories of data storage.
Business Continuity
While discussing about Cyber security and attacks, it is very relevant and pertinent to discuss
about Business Continuity. As mentioned before, Business Continuity comprises of all the
strategies and backup mechanisms required mandatorily by a business to keep functioning
continuously even during a major disruption in its normal functioning. The strategies that are
used to recover from the temporary disruption in the business and continue its normal
operation is called as disaster recovery. The formal definition of Business Continuity
describes it as a compilation of methods and mechanisms that is planned, prepared and stored
for disposal at the event of a catastrophe or a disastrous situation. The need for a business
continuity plan becomes all the more important in a business as it is impossible to predict the
incidence of a disaster. In today’s internet driven world, the importance and emergence of e-
business and an internet driven market has become a matter of endurance and survival for
many organizations. As the operations provided by e-business has to cater to the consumers
24 hours a day, 7 days a week, the reliance of the business on Information technology and
related concepts that provide an IT infrastructure is very substantial. This makes even an
hour’s duration of downtime or disruption disastrous for the business in the long run as it is a
failure in catering to the needs of the customer. So most companies adopt a procedure
formally termed as the Business Continuity Plan for explicitly specifying the procedures to
follow in case of a disruption. These procedures are termed as the ‘Business Continuity Plan’
and restores the critical components back to normalcy making them function as before.
When is a Business Continuity plan required
A Business Continuity Plan is required at certain occasions when an interruption occurs in the
business. These interruptions could be disastrous for the smooth functioning of a system.
There are certain events which disrupts the continuity of a business and which requires a
Business Continuity plan mandatorily (Walters, 2014). The most common types of
interruptions are during the attacks of malicious software. The malicious software may
comprise of different programs that temporarily stop the functioning of the system. A
disruption may also occur due to a failure in the power supply, internet or other major
equipments. Apart from these an application failure or a database issue could also sabotage
operation is called as disaster recovery. The formal definition of Business Continuity
describes it as a compilation of methods and mechanisms that is planned, prepared and stored
for disposal at the event of a catastrophe or a disastrous situation. The need for a business
continuity plan becomes all the more important in a business as it is impossible to predict the
incidence of a disaster. In today’s internet driven world, the importance and emergence of e-
business and an internet driven market has become a matter of endurance and survival for
many organizations. As the operations provided by e-business has to cater to the consumers
24 hours a day, 7 days a week, the reliance of the business on Information technology and
related concepts that provide an IT infrastructure is very substantial. This makes even an
hour’s duration of downtime or disruption disastrous for the business in the long run as it is a
failure in catering to the needs of the customer. So most companies adopt a procedure
formally termed as the Business Continuity Plan for explicitly specifying the procedures to
follow in case of a disruption. These procedures are termed as the ‘Business Continuity Plan’
and restores the critical components back to normalcy making them function as before.
When is a Business Continuity plan required
A Business Continuity Plan is required at certain occasions when an interruption occurs in the
business. These interruptions could be disastrous for the smooth functioning of a system.
There are certain events which disrupts the continuity of a business and which requires a
Business Continuity plan mandatorily (Walters, 2014). The most common types of
interruptions are during the attacks of malicious software. The malicious software may
comprise of different programs that temporarily stop the functioning of the system. A
disruption may also occur due to a failure in the power supply, internet or other major
equipments. Apart from these an application failure or a database issue could also sabotage
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
the normal functioning of a business for a few hours and stop its routine and conventional
flow. As the functioning of a business concerns IT activities has shifted from a centralized
repository to a distributed architecture during the recent years, the data and information may
be distributed all throughout the business. Due to this it is a better practice to involve a
variety of team members in the Business Continuity Plan like the higher authorities which
include the managers and top officials as well as the IT employees who oversee the network
and administration activities.
Conclusion
Cybersecurity compliance is a set of procedures that are put forward in published materials
that attempt to protect the security of the IT components and resources of a user or
organization. These components could specifically be the users, devices, data, information,
the application programs or the network. The primary aim of the compliance standards is to
reduce the risks, including prevention or mitigation of security threats like unauthorized
access. The compliance standards are generally a collections of strategies that contain
guidelines, instructions and risk management techniques to assure the safety of the resources
within the organization.
flow. As the functioning of a business concerns IT activities has shifted from a centralized
repository to a distributed architecture during the recent years, the data and information may
be distributed all throughout the business. Due to this it is a better practice to involve a
variety of team members in the Business Continuity Plan like the higher authorities which
include the managers and top officials as well as the IT employees who oversee the network
and administration activities.
Conclusion
Cybersecurity compliance is a set of procedures that are put forward in published materials
that attempt to protect the security of the IT components and resources of a user or
organization. These components could specifically be the users, devices, data, information,
the application programs or the network. The primary aim of the compliance standards is to
reduce the risks, including prevention or mitigation of security threats like unauthorized
access. The compliance standards are generally a collections of strategies that contain
guidelines, instructions and risk management techniques to assure the safety of the resources
within the organization.
Elliott, D., Swartz, E., & Herbane, B. (2010). Business Continuity Management 2e: A Crisis
Management Approach. Routledge.
Herbane, B. (2010). The evolution of business continuity management: A historical review
of practices and drivers. Business history, 52(6), 978-1002.
Järveläinen, J. (2012). Information security and business continuity management in
interorganizational IT relationships. Information Management & Computer Security, 20(5),
332-349.
References
Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance:
an empirical study of rationality-based beliefs and information security awareness. MIS
quarterly, 34(3), 523-548.
Jouini, M., Rabai, L. B. A., & Aissa, A. B. (2014). Classification of security threats in
information systems. Procedia Computer Science, 32, 489-496.
Karim, A. J. (2011). Business disaster preparedness: An empirical study for measuring the
factors of business continuity to face business disaster. International Journal of Business and
Social Science, 2(18).
Kritzinger, E., & von Solms, S. H. (2010). Cyber security for home users: A new way of
protection through awareness enforcement. Computers & Security, 29(8), 840-847.
Perlman, R., Kaufman, C., & Speciner, M. (2016). Network security: private communication
in a public world. Pearson Education India.
Kumar, V., Srivastava, J., & Lazarevic, A. (Eds.). (2006). Managing cyber threats: issues,
approaches, and challenges (Vol. 5). Springer Science & Business Media
Lewis, J. A. (2002). Assessing the risks of cyber terrorism, cyber war and other cyber
Management Approach. Routledge.
Herbane, B. (2010). The evolution of business continuity management: A historical review
of practices and drivers. Business history, 52(6), 978-1002.
Järveläinen, J. (2012). Information security and business continuity management in
interorganizational IT relationships. Information Management & Computer Security, 20(5),
332-349.
References
Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance:
an empirical study of rationality-based beliefs and information security awareness. MIS
quarterly, 34(3), 523-548.
Jouini, M., Rabai, L. B. A., & Aissa, A. B. (2014). Classification of security threats in
information systems. Procedia Computer Science, 32, 489-496.
Karim, A. J. (2011). Business disaster preparedness: An empirical study for measuring the
factors of business continuity to face business disaster. International Journal of Business and
Social Science, 2(18).
Kritzinger, E., & von Solms, S. H. (2010). Cyber security for home users: A new way of
protection through awareness enforcement. Computers & Security, 29(8), 840-847.
Perlman, R., Kaufman, C., & Speciner, M. (2016). Network security: private communication
in a public world. Pearson Education India.
Kumar, V., Srivastava, J., & Lazarevic, A. (Eds.). (2006). Managing cyber threats: issues,
approaches, and challenges (Vol. 5). Springer Science & Business Media
Lewis, J. A. (2002). Assessing the risks of cyber terrorism, cyber war and other cyber
threats. Washington, DC: Center for Strategic & International Studies
Probst, C. W., Hunker, J., Gollmann, D., & Bishop, M. (2010). Aspects of insider threats.
In Insider Threats in Cyber Security(pp. 1-15). Springer US.
Razzaq, A., Hur, A., Ahmad, H. F., & Masood, M. (2013, March). Cyber security: Threats,
reasons, challenges, methodologies and state of the art solutions for industrial applications.
In Autonomous Decentralized Systems (ISADS), 2013 IEEE Eleventh International
Symposium on (pp. 1-6). IEEE.
Rid, T., & Buchanan, B. (2015). Attributing cyber attacks. Journal of Strategic Studies, 38(1-
2), 4-37.
Rowe, D. C., Lunt, B. M., & Ekstrom, J. J. (2011, October). The role of cyber-security in
information technology education. In Proceedings of the 2011 conference on Information
technology education (pp. 113-122). ACM.
Six, J. (2011). Application Security for the Android Platform: Processes, Permissions, and
Other Safeguards. " O'Reilly Media, Inc.".
Walters, R. (2014). Cyber attacks on US companies in 2014. The Heritage Foundation, 4289,
1-5
Probst, C. W., Hunker, J., Gollmann, D., & Bishop, M. (2010). Aspects of insider threats.
In Insider Threats in Cyber Security(pp. 1-15). Springer US.
Razzaq, A., Hur, A., Ahmad, H. F., & Masood, M. (2013, March). Cyber security: Threats,
reasons, challenges, methodologies and state of the art solutions for industrial applications.
In Autonomous Decentralized Systems (ISADS), 2013 IEEE Eleventh International
Symposium on (pp. 1-6). IEEE.
Rid, T., & Buchanan, B. (2015). Attributing cyber attacks. Journal of Strategic Studies, 38(1-
2), 4-37.
Rowe, D. C., Lunt, B. M., & Ekstrom, J. J. (2011, October). The role of cyber-security in
information technology education. In Proceedings of the 2011 conference on Information
technology education (pp. 113-122). ACM.
Six, J. (2011). Application Security for the Android Platform: Processes, Permissions, and
Other Safeguards. " O'Reilly Media, Inc.".
Walters, R. (2014). Cyber attacks on US companies in 2014. The Heritage Foundation, 4289,
1-5
1 out of 16
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.