Challenges in Cyber Security for Business - Assignment

Verified

Added on 2021/06/18

AI Summary

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Challenges in Cyber Security for Business
Student’s name
Institution Affiliation(s)

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Table of Contents
Introduction......................................................................................................................................2
Problem Statement...........................................................................................................................3
Project Scope...................................................................................................................................3
Objectives of the Study....................................................................................................................3
Literature Review............................................................................................................................4
Common types of Business Cyber Security Threats.......................................................................8
Counter measures.............................................................................................................................9
Techniques usable......................................................................................................................10
Improved software functionalities.............................................................................................10
Firewalls.....................................................................................................................................11
Network security protocols........................................................................................................11
Public awareness........................................................................................................................11
Recommendations..........................................................................................................................13
Conclusion.....................................................................................................................................13
References......................................................................................................................................14

Introduction
The modern times are characterized by the presence of computers and other digital devices. All
around us we see the digital devices that have engulfed us. No office, no house or no vehicle can
be spotted that does not make use of the technology. It has made our life very easy, and
something that would take months and weeks are solved in matter of hours with help of these
digital devices. One can hardly imagine an activity that would not involve the computer and
other digital equipment being used in them. Their usage is further more visible in the
organizational structures, both on managerial front, educational and governmental level.
Having explained its dominance and presence all over in our surrounding, at the same time, it
must be said that computing world which is an online world is a fragile one and is extremely
vulnerable to the external threats and challenges. These threats come in form of security
concerns. While it is an outer world where there is no restriction on any one who may want to
join the network of World Wide Web, it becomes imperative to create a security factor
consideration which would enable safe operations. Since all kinds of activities are being
performed over the computer and internet, ranging from private data exchange to financial
records, governmental records, other documents of national security, central data bases and
various other elements, in such cases it becomes important to establish a mechanism that would
ensure safer operations on the internet.
Internet is being termed as one of the least equipped and least reliable source of communication
when it comes to privacy and security. This has been proven in cases and forms of all kinds of
breaches in different parts of the world from time to time. No bank, no individual, no
organization, no website is safe from the attack of these insurgents who pose threat to the
common flow of traffic across the board (Al, Pujolle, & Ali, 2015).

Problem Statement
Cyber world is just like the society of human being. While over 3 billion people from across the
world are on board on the digital interface, it does require patrolling and controlling of the entire
traffic. Just like the society would need law and order, police control and patrol, in the same way
a medium that has over 3 billion users would require a scheme which would ensure safe usage of
internet and computers. With all kinds of operations subject to the usage of online resources, it is
highly imperative to create a zone that is shielded with secure browsing of computers and the
world of internet.
Project Scope
The scope of cyber security is a very large one and it finds its application in any place where
there is computer and internet in function. It would find its usage in home applications, official
applications, educational institutes, governmental, even in the aero planes where most of the
transmission is done over computer and digital means, require safe coding methods. Anything
that is on the board of online interface is included in the scope of cyber security since it requires
protection in one way or other. Even the domestic users of computer who may use it for
ordinary online operations, require security and safety since any kind of malware or bug can
penetrate into their computer and cause the desired damaged.
Objectives of the Study
Understanding what the cyber security concept means, what challenges are faced by it, what are
the agents and elements that contribute towards it and finally, the remedial actions that can be
suggested towards counteracting and mitigating the impact of overall cyber security threats. In
other words cyber security pertains to all the elements both that work in its favor and those that

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

work against it. It is the overall study of the scenario with aim to bring about the most and best
out of the situation.
Literature Review
McAfee that has been in the business of cyber security and cyber protection for a long while,
took an initiative and conducted a thorough study on a massive scale to understand the overall
scenario of cyber security, the possible threats, the factors that contribute towards the cyber
security, the factors that act against it and those reasons due to which the cyber security remains
a constant loophole and menace on all levels which ranges from individual level to massive level
on organizational front as well as international level (Andress & Winterfeld, 2014).
The study took into account number of factors, and it was an extensive research in this field
which involved questionnaires, surveys and interviews from various stakeholders in the field of
computing. The studies aimed at addressing the core issues and problems that are faced in the
field of cyber security and computing (Grauman, Security & Defence Agenda, & McAfee,
2012).
The study took into account the opinions and observations of over 200 renown companies and
big wigs from the field of computing and technology and sought their opinion about the overall
standing and position and their understanding of the concept of the cyber vulnerabilities and
threats that are faced in different segments ("Cyber Security Evolution," 2012).
Although Lars Nicander explains this in the view point of governmental and nationwide security
that suffers from threats in form of cyber war fare.
The speed with which the attacks are being carried out has risen by extremely higher proportions
in recent years compared to the yester years. H.P (Hewlett Packard) a pioneer in the field of

digital devices and computers that has long affiliation with these devices conducted a survey in
2011 to find out the reasons and the possible impacts of the security vulnerabilities. According to
the report the recent times have seen more attacks directed towards the organizations and
computer enterprises of large scale. These include the service providers like Google Inc.,
Microsoft’s Msn, Sony, H.P’s own website and many other interfaces. The report findings state
that new means of attacks have been launched in recent times which are totally new in their
nature and type and have taken the users of computer both on individual level and on
organizational level by total surprise ("Cyber Security Objectives," 2012).
H.P report focuses on the basic point and that is of understanding the impact, the possible
repercussions that are attached to the attack and the real motives that may be based on the attack
on a certain area. Knowing the potential target areas, the objectives behind it, knowing which
areas could cost the respective organization more are few of the factors that need to be taken into
account in order to devise a better strategy towards cyber security enhancement (Ulsch, 2014).
H.P has adopted a special software and data base for this purpose in the name of Open Source
Vulnerability Database (O.S.V.D), which takes into account various factors related to the cyber
security, the trends, the target areas and many other areas and based on it, it helps creating
reports that further enable creating strategies towards reducing any threats that may exist in the
computer world of communications. OSVD generated a ten year report based on the target zones
and the areas that have been brought into attention by the hackers (Grauman, Security & Defence
Agenda, & McAfee, 2012).
The report tries to investigate and unearth the methods that are adopted towards security
infiltration and the report states that new methods have been adopted which are a total surprise to

the members of the field. It’s just like saying that the thieves have adopted new methods of
robbing the property and valuables.
H.P in its report for the year 2011 expresses deep concern over the growing rate of threats in
various forms yet it recommends the remedial actions towards it in form of prioritizing the level
of work along with the functions and content those need more security relative to the other
elements and functions which may require relatively less security.
The overall report aims to find out the inclination of the hackers and other spammers as to in
what way do they target the sites and sources. Based on the findings it is being underscored that
areas of financial importance are high value targets. These include the banking sectors as well as
the governmental organizations which serve the common citizens.
The threats may not be only in form of external links and threats, rather they can be from within
and it has been seen many a time that the insiders cause more damage to the organization than
would outsiders (Shoemaker & Conklin, 2012). One similar instance was seen in case of soft
drinks giants Coca Cola, where an internal member was convicted and caught in the process of
sharing the company’s secret information to the rivals in the market. This could have been
avoided if safe and protective measures were being adopted in the organization which would not
allow any individual unchecked access to all the documents and all the segments of organization
which can be of any strategic importance or could be used against the company in any
circumstances. This can be ensure in form of multiple protective layers within the organization
(Harkins, 2013).
There is a survey that was undertaken in 2009 by Verizon. The main point of the entire point is
concluded against a single point and that states that over 80 percent of the online mishaps that

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

took place in one form or another could have been avoided provided there was an infrastructure
available, or people were a little more aware about their roles, responsibilities in case of fulfilling
their duties towards making the network a safe medium to use for all kinds of purposes and
usages. The report further emphasizes that any kind of threat or weakness must not be taken
lightly and it is these threats that lead up to failures in longer run (Harley & David, 2011).
Verizon further looks into the possible reasons that contribute to them miss happenings and why
this menace persists to remain in the surrounding despite the realization of how dangerous it is.
Verizon conducted survey across hundred countries and tried to find out how they go about their
online operations, how much consideration do they give to the challenges and threats that are
present in the networks and many other factors which would enable creating a system that is
better suited to the needs of governments and military organizations.
The report states that the kind of network that is in place also defines the kind of vulnerability it
may be faced with (Santanam, Sethumadhavan, & Virendra, 2011). For example a commercial
network may not be in direct jurisdiction of the government agencies, rather the private service
providers or international organizations that bring about investment in the respective countries,
only they can handle this in time and enable saving much more loss that may be incurred
afterwards once the attacks have taken place. The possible solutions presented by this extensive
report also include the consideration of the guidance and training that may be provided to the
users of internet in these organizations which would enable them performing in a better way
towards improved existence of the cyber world functions. Providing the users with sufficient
technical knowledge, adapting them to the everyday changes in form of the hardware and
software can make things relatively easier with regard to the cyber security (Howard & Prince,
2011).

Having highlighted the areas of weakness, counter measures can be proposed as well. This can
be done in one of the following approaches and methods. Addressing the core issue: realization
of the need of cyber security:
It is normally being said that a problem identified is problem half resolved. This rule aptly
applies to the field of cyber security as well and the pertinent threats that are being faced by users
in one form or other (Samuels & Rohsenow, 2015). The realization of the fact as to what can go
wrong, how dangerous the concept of lack of cyber security is, what possible harms can it inflict
over the individuals and organizations, all these would enable understanding the problem at hand
in a better way and subsequently prevention and overcoming any vulnerability that may exist in
the system. Once that is identified, various measures are possible to be taken, while some may be
as preventive ones, others corrective and the rest can be possibly that of entire overhauling of
system or network (In Cleary & In Felici, 2014).
Common types of Business Cyber Security Threats
Just like a physical society may face threats in different forms, the cyber world is no exception
and it is faced with challenges and obstacles in various forms. These come in form of cyber
security concerns. They may show up in form of:
i. Banking frauds,
ii. Access to the private data of people,
iii. Forgery of accounts and data that has long been saved,
iv. Violating of privacy of different kinds,
v. Intellectual property infringement,
vi. Credit card frauds,
vii. Other kinds of embezzlements,

viii. Identity stealing (Conklin et.al),
Threat to the common people in form of unknown ids and unknown location usage and various
others which may include harassing over the digital medium and possible victimization. All these
may be conducted in different methods and there is no uniform method to the implementation of
the hacking operations, it is like gout which may show up from any corner that is least expected.
Their impact is highly severe and one is lucky if it does not cause the entire operating system to
stop working (In Vacca, 2014).
Identity stealing is the phenomena in which a particular I.P may pretend to be one which it is
actually not. It may impersonate to be the local I.P address or one that is established in the
network and has ease of access to the data inside the network (Reveron, 2012). Once the access
is gained into the network, various forms of actions can be performed by this particular I.P
ranging from entire blocking of the network to breaching of private data and jamming of certain
segments of the network.
Counter measures
Having identified various possible forms of attacks, types of vulnerabilities and the possible
targets, this part of the paper addresses the various techniques and approaches which may be
adopted towards the mitigation of cyber threats (Probst, 2010). These remedies come in an array
of options with each having its own special functioning and each complimenting other towards
the best yield in form of safer internet operations.
Techniques usable
Number of techniques can be used with regard to cyber security. These techniques range from
very basic ones to the very technical ones. While the basic ones may require the ordinary users to
implement them, the technical ones are related to the experts in the field who may adopt and

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

implement these techniques in the systems to make them less vulnerable to the threats (Institute
of Medicine (U.S.), 2014). The basic techniques can be more of recommendation against such
open world of internet which involves safe usage of computers, not leaving any important data
on the hard drives upon, not allowing any privileged access to any client who may not be known.
On technical front the techniques include the following:
i. Encryption
ii. Authentication process:
iii. Ciphering and deciphering at either end of sending data
iv. Anti-viruses
v. Firewalls
vi. Digital signatures usage
vii. Frequent change of passwords
viii. Usage of cyber security software
ix. Not allowing access to non-authentic users
Improved software functionalities
This is one of the methods which can make hacking relatively difficult. This can be done by
preparing software with due consideration of the hacking menace. This can be achieved by
creating code and writing the software programs in languages that are more secure and less prone
to any hackers’ access and target. The lower the chances of breaking through the software code,
the lower the changes of hackers getting into the system and hence higher the chances of
sustainable actions by the computers and computer users (IT Governance Publishing, 2013).

Firewalls
Firewalls are special devices and software that enable security to the network. Firewalls are
usually effective and implemented in situations of servers and giant networks that may include
multiple routers, switches and hubs. Firewalls as the name implies ensures protection of data and
traffic and make sure that no unauthorized element infiltrates in to the network. Firewalls are
often installed at back end (Privacy Commissioner of Canada, 2015). Even in the domestic
computers firewalls come in along with the windows and operating system packages and they
make sure that no unauthorized element may damage the system in any way.
Network security protocols
Making use of the particular protocols that are reliable and dedicated towards the purpose of
network safety must be used within the network. Their usage in remote networks and proxy
servers can help to a greater extend and make the networks more reliable. Protocols enable
dictating and choosing particular nodes, transmission paths, and servers along with I.ps for traffic
and network functioning (Kizza, 2013). Protocols also enable identifying the rightful I.Ps and
access points, at the same time it separates the nodes which may pose any kind of threat to the
network in one way or other.
Public awareness
Public awareness is one of the largest and possibly easiest ways towards ensuring cyber security.
This is a non-technical aspect unlike protocol creation, yet it is one of the most important factor,
and the realization and awareness can help creating ideas and policies towards better working in
the cyber field and cyber security domain. Creating the awareness and concept of what is right,
what is wrong, what should be done online, what must be refrained form, which connections
must be trusted and which must not be trusted ("One Government's Approach to Cyber Security
Policy," 2012). What could be the possible impacts of using and accessing unauthorized and less

secure networks and website interfaces, all these can make a larger difference. The awareness
may be created amongst the users and members of organizations as well. Especially the users of
and employees of banking sector, government organizations and military and defense
organizations (Li & Clark, 2015). Providing them with proper training, creating awareness
amongst them as to what may be trusted and what be kept away from can make the world of
internet and computer operations far more easy and better to work in. finally the individual users
at home must be given the directions never to give away their credit cards or other private
information such as social security number or bank accounts to unknown and unauthorized
people (Kizza, 2017). Finally clicking on ads at random is also a threat and hazard that is
constantly persistent over the internet medium which can be a direct form of threat.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Recommendations
MacAfee International, which conducted an extensive research in this field also proposed
number of recommendations, with aim to provide guidelines to the users of computer, both on
individual level and organizational level. These recommendations were in form of multiple
points policies each directed towards the resolution of glitches that are present in the present
world of communication and technologies (Linta & Khan, 2012).
In order to provide protection to computers on permanent basis, a resolution must be sought and
suggested to stop the ever expanding chain of the race between the viruses and anti-viruses.
Conclusion
The common saying of “a stitch in time saves nice” aptly applies to the field of cyber security.
This can be done so in multiple ways, the first being creating sense of awareness, second about
safe practices, third technical knowledge and increasing research in this field for further
advancements and finally making long term policies that are designed towards safer operations
of computers. Billions of dollars are being lost, and not just the monitory factor, rather other
valuable information is being breached through weak mechanism of cyber security, this all can
be overcome through vigorously keen interest based policies crafting by the stakeholders on
international level as well as local level in different parts of the world to make the world of world
wide web a better and more reliable one.
Internet operations are termed as once those are without borders, without walls and without
fences, everyone can barge into the network and can cause any damage what so ever. However
this damage can be controlled and checked if proper measures are adopted and implemented in
form of network security. Network security comes in various forms, such as hardware
implementation, software installation and many other factors relevant.

References
Al, A. K., Pujolle, G., & Ali, Y. T. (2015). Mobile and Wireless Networks. Somerset: Wiley.
Andress, J., & Winterfeld, S. (2014). Cyber Warfare: Techniques, Tactics and Tools for
Security Practitioners.
Cyber Security Evolution. (2012). Cyber Security Policy Guidebook, 15-38.
doi:10.1002/9781118241530.ch2
Cyber Security Objectives. (2012). Cyber Security Policy Guidebook, 39-67.
doi:10.1002/9781118241530.ch3
Grauman, B., Security & Defence Agenda, & McAfee. (2012). Cyber-security: The vexed
question of global rules : An independent report on cyber-preparedness around the
world. Brussels: Security & Defence Agenda.
Harkins, M. (2013). Managing risk and information security: Protect to enable. New York:
Apress.
Harley, & David. (2011). AVIEN Malware Defense Guide for the Enterprise. Syngress.
Howard, D., & Prince, K. (2011). Security 2020: Reduce security risks this decade.
Indianapolis, IN: Wiley Pub.
In Cleary, F., & In Felici, M. (2014). Cyber Security and Privacy: Third Cyber Security and
Privacy EU Forum, CSP Forum 2014, Athens, Greece, May 21-22, 2014, Revised
Selected Papers. Cham: Springer International Publishing.
In Vacca, J. R. (2014). Cyber security and IT infrastructure protection.
Institute of Medicine (U.S.). (2014). Advancing workforce health at the Department of
Homeland Security: Protecting those who protect us.

IT Governance Publishing. (2013). Cyber Security. Ely, Cambridgeshire: It Governance
Publishing.
Kizza, J. M. (2013). Guide to computer network security. London: Springer.
Kizza, J. M. (2017). Guide to computer network security.
Linta, S. R., & Khan, M. R. (2012). Today's Impact on Communication System by IP Spoofing
and Its Detection and Prevention. München: GRIN Verlag GmbH.
Li, Q., & Clark, G. (2015). Security intelligence: A practitioner's guide to solving enterprise
security challenges.
One Government's Approach to Cyber Security Policy. (2012). Cyber Security Policy
Guidebook, 211-237. doi:10.1002/9781118241530.ch7
Privacy Commissioner of Canada. (2015). Privacy and cyber security: Emphasizing privacy
protection in cyber security activities.
Probst, C. W. (2010). Insider threats in cyber security. New York: Springer.
Reveron, D. S. (2012). Cyber challenges and national security: Threats, opportunities, and
power in a virtual world. Washington, DC: Georgetown University Press.
Samuels, D., & Rohsenow, T. (2015). Cyber security. New York: Arcler Press.
Santanam, R., Sethumadhavan, M., & Virendra, M. (2011). Cyber security, cyber crime and
cyber forensics: Applications and perspectives. Hershey, PA: Information Science
Reference.
Shoemaker, D., & Conklin, W. A. (2012). Cybersecurity: The essential body of knowledge.
Boston, MA: Course Technology Cengage Learning.
Ulsch, N. M. (2014). Cyber threat!: How to manage the growing risk of cyber attacks.