Challenges in Cyber Security For Business

Verified

Added on  2023/06/12

|18
|4370
|325
AI Summary
This report discusses the challenges faced by corporations regarding cybersecurity and how cybercriminals use different ways to breach the data of enterprises. It analyses the growing risk of cyber-attacks on companies and evaluates how it is affecting their profitability. The report also provides recommendations to companies for addressing the challenges faced by them regarding cybersecurity.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: CYBER SECURITY 0
Business Research
Challenges in Cyber Security For Business

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
CYBER SECURITY 1
Table of Contents
Introduction................................................................................................................................2
Project Objective........................................................................................................................3
Project Scope..............................................................................................................................3
Literature Review.......................................................................................................................4
Conclusion..................................................................................................................................9
References................................................................................................................................10
Appendix..................................................................................................................................14
List of Figures
Figure 1: Number of Unique Mobile Users.............................................................................14
Figure 2: Increase in Financial Consequences of Cyber Attacks.............................................14
Figure 3: Growth in Cyber-attacks on Small and Medium Businesses...................................15
Figure 4: Small Businesses Vulnerability to Cyber attacks.....................................................15
Figure 5: Insider threat Risks...................................................................................................16
Figure 6: Growth in Mobile Malware......................................................................................16
Document Page
CYBER SECURITY 2
Introduction
In previous few years, the role of technology has grown substantially between companies
with the increase in the number of internet users and smartphones. Organisations focus on
adopting a digital strategy for their business in order to improve the efficiency and
effectiveness of their operations. The role of the internet has grown in each sector, and it has
enabled people to innovate new products, services and processes for tackling different issues.
However, along with benefits, the risks associated with the internet have increased as well.
According to Genge, Kiss and Haller (2015), the number of cyber-attacks on organisations
and people has increased considerably in past few years. The increase in the number of cyber-
attacks is a serious issue because companies face serious financial and economic
consequences due to the breach of their confidential data. Shackelford (2014) provided that
the growing risk of cyber-attacks has increased the importance of cybersecurity among
companies, and they invest in the latest technologies to protect their data from
cybercriminals. However, corporations face a number of challenges while implementing
cybersecurity policies. This report will focus on challenges faced by corporations regarding
cybersecurity and how cybercriminals use different ways to breach the data of enterprises.
This report will discuss examples of different companies to understand the impact of cyber-
attacks. Further, this report will provide recommendations for companies to improve their
cybersecurity for protecting themselves from cyber-attacks.
Document Page
CYBER SECURITY 3
Project Objective
The main objective of this report is to critically evaluate different studies on the topic to
understand the view of experts on challenges faces by companies regarding cybersecurity.
This report will analyse the growing risk of cyber-attacks on companies and evaluate how it
is affecting their profitability. The secondary objective of this report is to provide
recommendations to companies for addressing the challenges faced by them regarding
cybersecurity.
Project Scope
This report will conduct secondary research on the topic of cybersecurity in order to
understand the challenges faced by companies regarding the security of their data. The scope
of this report includes examples from different organisations to understand the risk of cyber-
attacks and how cybercriminals use different tools to breach the data of companies. The
scope of this report will not include primary research on the topic.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
CYBER SECURITY 4
Literature Review
Amit and Zott (2012) stated that a large number of companies have emerged in the market
and gained a competitive advantage over incumbents by effectively utilising the internet-
based services. The expansion in the number of internet users has provided a new market for
companies such as Uber, Google, Facebook and others. These companies are one of the
largest enterprises in the world in terms of revenues, and they have sustained their growth
based on internet-based services. The success of these enterprises has encouraged many small
and medium companies to use online based services for performing various business
functions which result in improving the efficiency and effectiveness of their operations. An
online based system enables enterprises to expand their operations by reaching a wider
audience. As per Mansell (2012), it also assists them while communicating with their
customers to create strong relationships and collect valuable data that can be used during
development of business strategies. The corporations are competing with each other to
quickly adapt the latest technologies and innovations in order to generate a competitive
advantage over their competitors. Currently, there are over 5 billion unique smartphone users
and organisations target them by developing mobile applications to offer their products and
services directly to their smartphones (Kemp, 2017) (Figure 1). Moreover, the use of social
media sites has increased between people and companies as well. While using social media
sites, people share their personal data on the internet which can be accessed by an
unauthorised person to gain an unfair advantage. The technologies such as mobile wallet,
automatic ordering, and NFC payments are making online banking more accessible and
easier for people. However, while using online-based services, corporations face a number of
challenges relating to cyber security which can negatively affect their overall profitability.
In order to compete with others, corporations are quickly adopting the latest technologies for
improving their services and expanding their customer base. Elmaghraby and Losavio (2014)
provided that it increases the cybersecurity challenges faced by the enterprises because they
did not focus on the security of their services. In order to generate a competitive advantage,
companies did not prioritise the security of their online based services which resulted in
increasing the risk of cyber-attacks. In the past few years, the number of cyber-attacks has
increased considerably which increases concerns regarding the importance of cyber security
because the financial consequences of cyber-attacks are worsening as well (Accenture, 2017)
(Figure 2). Similarly, the popularity of social media sites has become a huge concern for
Document Page
CYBER SECURITY 5
cyber security because a large number of people share their personal data on these websites
and cybercriminals hack them to blackmail their victims. However, despite major security
concern both public and corporations around the world are using social media sites because
of their advantages. Along with social media sites, the growing popularity of online banking
services is a major challenge for cyber security. Wang and Lu (2013) provided that banking
corporations across the globe are focusing on attracting more customers by implementing the
latest technologies for performing banking functions. In recent years, no one preferred to go
to the bank, and everyone uses online banking services to check their balance, transfer
money, collect payments or perform other banking related functions. The popularity of
mobile wallets such as PayPal, Apple Pay, Amazon Pay and Google Wallet, has become
considerably popular. Wells et al. (2014) stated that in order to quickly offers these services
to customers, organisations take shortcuts by did not focus on the security of software. The
lack of security guidelines makes it easier for cybercriminals and hacks and breaches the data
of these online based services. These factors show the challenges face by the corporations
regarding cyber security.
Yan et al. (2012) argued that organisations avoid taking appropriate actions to improve the
security of their software which increases the chance of data breach. However, even if
companies want to improve the security of their software, they face a number of challenges.
One of the primary challenges of cyber security is lack of capital. Large organisations such as
Google, Facebook, Apple, Microsoft, and others invest billions of dollars in order to improve
their cyber security. However, small and medium enterprises face monetary challenges while
implementing appropriate cyber security policies. As per Li et al. (2012), technologies which
improve the cyber security of enterprises are expensive, and companies have to hire IT
specialists to use them properly which increase their overall expenses. Furthermore, in order
to improve security of mobile applications, rigorous testing of the software is crucial which
requires a significant amount of time and resources. O’Connell (2012) provided that in order
to avoid these issues corporations take shortcuts and launch their software without proper
testing which increases the risk of cyber-attacks. On the other hand, small enterprises which
use online based services for business use avoid making necessary investments to improve
their cyber security due to low budget.
The lack of resources makes them an easier target for cyber criminals, and they can easily
breach their data. The number of cyber-attacks on small and medium enterprises has
increased considerably from 34 percent to 43 percent (Figure 3). Furthermore, the lack of
Document Page
CYBER SECURITY 6
awareness regarding the risk of cyber-attacks resulted in increasing the challenges of cyber
security. As per Harris and Patten (2014), most small and medium organisations are not
aware of the risk of cyber-attacks, or they avoid taking precautionary measure because of the
high cost of cyber security. They think that they are too small to get attacked by cyber
criminals (Figure 4). On the other hand, people did not take their security seriously due to
lack of awareness regarding the risk of cyber-attacks. Sangani and Vijayakumar (2012) stated
that people avoid using strong passwords while using social media sites which make them an
easy target for cyber criminals. Furthermore, while using mobile wallets, people often avoid
taking proper security measures which increase the risk of cyber-attacks. These cyber
security challenges make it difficult for organisations and people to protect their privacy
online.
The number of cyber-attacks on the organisation is increasing continuously, and cyber
criminals are finding new ways to hack into the data of businesses. One of the most common
ways of cyber-attack is a DDoS attack or Distributed Denial of Service attack. Zargar, Joshi
and Tipper (2013) stated that in this attack, hackers make an online service available by
sending a large amount of traffic from multiple sources. The data servers of large enterprises
such as Amazon, Facebook, YouTube and Google are able to handle a significant amount of
traffic on their servers which makes it difficult for cyber criminals to hack their services.
However, other small and medium enterprises which do not require large data servers can be
hacked by cyber criminals. According to Yan et al. (2016), small and medium organisations
have limited bandwidth that can be stopped due to a large amount of traffic. The primary
reason for cyber criminals to send large traffic to a server is to stop and hack its data. Cyber
criminals send a large amount of traffic to the servers of a company which result in stopping
its operations. Yan and Yu (2015) argued that the lack of investment and awareness regarding
cyber security issues makes it easier for cyber criminals to hack into the data of small and
medium enterprises. Recent examples of DDoS attack include an attack on the election
campaign of President Donald Trump which resulted in hampering the online campaign
(Rayome, 2016). Further, the DDoS attack on DYN is a good example in which the attack
leveraged a Mirai botnet which consists 100,000 infected devices. It resulted in stopping of
multiple high profile websites for hours including Twitter, Spotify, Github and Etsy (Woolf,
2016).
Other than outside risk of cyber-attacks, insider threats are one of the primary reasons due to
which companies face challenges relating to cyber-attacks. Wall (2013) defined insider threat

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
CYBER SECURITY 7
as a malicious threat to a company which comes from people working within a firm such as
employees, business associates, or former workers. Studies have shown that more than 60
percent of the cyber-attacks are caused due to insider threat which increases the challenges of
cyber security face by employees (Figure 5). The lack of investment in cyber security
applications and awareness regarding security issues makes it easier for insiders to breach the
security of an enterprise. Furthermore, the growing popularity of ‘internet of things’ or IoT
devices increase the challenges of cyber security as well. As per Miorandi et al. (2012), smart
appliance market is relatively new, and organisations are competing with each other for
launching new products to capture the market. However, they did not focus on the security of
the software which makes it easier for cyber criminals to hack into their data. The IoT
devices are connected on a single network, and breach of any of the device makes it easier for
cyber criminals to hack other as well. These factors increase the challenges faced by
enterprises relating to cyber security, and they face huge financial losses.
Furthermore, the increasing rate of smartphone users makes them a potential target for cyber
criminals. Imgraben, Engelbrecht and Choo (2014) provided that cybercriminals attack
people smartphones because they contain private data of their owner such as personal
pictures, videos, banking information, passwords and others. The number of mobile malware
and smartphone-related cyber-attacks has increased. Cyber criminals target smartphone
applications of users in order to collect personal data of their users. Mobile malware such as
Ikee, DroneKungFu and Commwarrior are becoming popular, and hackers use them to breach
the data of users. Organisations also face the risk of mobile malware because cyber criminals
hack the smartphones of their employees or senior level managers which resulted in leaking
confidential data regarding the enterprise. Moreover, the popularity of Hacktivism creates
new challenges for organisations as well. As per Kelly (2012), the hacktivists are
cybercriminals that attack large organisations for political or social reasons. These attacks are
dangerous because the main motive of hacktivists is to decrease the reputation of an
enterprise rather than personal gain. The Panama Papers leak incident is a good example in
which over 11.5 million files were leaked by hackers which contains information regarding
tax evasion of celebrities and political figures from all across the globe (BBC, 2016).
Moreover, Sittig and Singh (2016) stated that Ransomware is a common cyber-attack in
which cyber criminals’ hack and control the computer system of an individual or
organisation, and they ask for ransom in return to give the access back to its user. WannaCry
and CryptoLocker are examples of Ransomware attack. Cyber criminals are finding new
Document Page
CYBER SECURITY 8
ways to attack organisation in order to gain an unfair advantage which increases the
challenges face by corporations regarding their cyber security.
Many precautionary measures and security policies can be implemented by organisations to
address the issue of cyber security. Firstly, corporations should use encryption in order to
protect their data while transferring because data is highly vulnerable during transferring.
Encryption is referred to converting of the data into a code which can only be accessed by a
specific key in order to prevent unauthorised access. Li et al. (2013) argued that especially in
IoT devices, encryption is a must because each IoT device is connected with others, and they
continuously share private data in order to improve their services. Furthermore, organisations
should increase the awareness regarding cyber security at the workplace, especially small and
medium enterprises. As per McGettrick (2013), employees should understand how important
cyber security is what actions can they take to avoid the risk of cyber-attacks. The companies
should provide training to its employees to teach them regarding the importance of cyber
security and avoid any mistakes that can lead to the breach of their data. The top-level
managerial personnel should also take cyber security more seriously, and they should
increase the investment in cyber security of the enterprise. According to Jenkins et al. (2014),
physical securing of the computer system and data servers is also necessary because insider
threat is the primary reason which resulted in cyber-attacks. The companies should issue
proper identification to employees, and they should go through security checks to ensure that
they did not indulge in any activity that could increase the risk of cyber-attacks. People and
organisation should use protection such as antivirus, firewalls and others to protect
themselves from cyber-attacks. These factors improve the cyber security of organisations and
reduce its challenges which protect them from data breaches and cyber-attacks.
Document Page
CYBER SECURITY 9
Conclusion
In conclusion, the use of the internet and online based services by people and organisations
has increased substantially which creates new business opportunities for enterprises. In order
to generate a competitive advantage, corporations are using modern technologies to provide
better products and services to their customers. However, along with the use of the internet,
the vulnerability of companies against cyber-attacks has increased as well. Organisations face
a number of challenges while implementing policies regarding cyber security in order to
protect themselves from cybercriminals. The challenges relating to cyber security has
increased because cyber criminals use different methods to attack the data of companies such
as Ransomware, Insider threat, Mobile malware, Internet of things, DDoS attacks and others.
The corporations also face difficulties due to lack of cyber security budget and awareness
regarding the issues. The companies can take appropriate steps to improve their cyber
security such as physically securing the local hardware, encrypted data, proper training and
others. These recommendations assist enterprises in addressing the issues relating to cyber
security by improving their current security which result in sustaining their future growth.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
CYBER SECURITY 10
References
Accenture. (2017) Cost of Cyber Crime Study. [PDF] Accenture. Available at:
https://www.accenture.com/t20170926T072837Z__w__/us-en/_acnmedia/PDF-61/
Accenture-2017-CostCyberCrimeStudy.pdf [Accessed 25th April 2018].
Amit, R. and Zott, C. (2012) Creating value through business model innovation. MIT Sloan
Management Review, 53(3), p.41.
Armstrong, M. (2016) Most Cyber Attacks Are An Inside Job. [Online] Statista. Available at:
https://www.statista.com/chart/4994/most-cyber-attacks-are-an-inside-job/ [Accessed 25th
April 2018].
BBC. (2016) Panama Papers: Leak firm Mossack Fonseca 'victim of hack'. [Online] BBC.
Available at: http://www.bbc.com/news/world-latin-america-35975503 [Accessed 25th April
2018].
Elmaghraby, A.S. and Losavio, M.M. (2014) Cyber security challenges in Smart Cities:
Safety, security and privacy. Journal of advanced research, 5(4), pp.491-497.
Fibernet. (2018) Cyber Security Services: Threats, Breaches & Prevention.
[Online] Fibernet. Available at: https://www.fiber.net/cyber-security-
services/ [Accessed 25th April 2018].
Genge, B., Kiss, I. and Haller, P. (2015) A system dynamics approach for assessing the
impact of cyber attacks on critical infrastructures. International Journal of Critical
Infrastructure Protection, 10, pp.3-17.
Harris, M. and Patten, K. (2014) Mobile device security considerations for small-and
medium-sized enterprise business mobility. Information Management & Computer
Security, 22(1), pp.97-114.
Imgraben, J., Engelbrecht, A. and Choo, K.K.R. (2014) Always connected, but are smart
mobile users getting more security savvy? A survey of smart mobile device users. Behaviour
& Information Technology, 33(12), pp.1347-1360.
Jenkins, J.L., Grimes, M., Proudfoot, J.G. and Lowry, P.B. (2014) Improving password
cybersecurity through inexpensive and minimally invasive means: Detecting and deterring
Document Page
CYBER SECURITY 11
password reuse through keystroke-dynamics monitoring and just-in-time fear
appeals. Information Technology for Development, 20(2), pp.196-213.
Kelly, B.B. (2012) Investing in a centralized cybersecurity infrastructure: Why hacktivism
can and should influence cybersecurity reform. BUL Rev., 92, p.1663.
Kemp, S. (2017) Facebook active users decline, mobile usage hits 5 billion and more.
[Online] TNW. Available at: https://thenextweb.com/contributors/2017/06/14/global-digital-
stats-june-2017-facebook-active-users-decline-mobile-usage-hits-5-billion/ [Accessed 25th
April 2018].
Li, M., Yu, S., Zheng, Y., Ren, K. and Lou, W. (2013) Scalable and secure sharing of
personal health records in cloud computing using attribute-based encryption. IEEE
transactions on parallel and distributed systems, 24(1), pp.131-143.
Li, X., Liang, X., Lu, R., Shen, X., Lin, X. and Zhu, H. (2012) Securing smart grid: cyber
attacks, countermeasures, and challenges. IEEE Communications Magazine, 50(8).
Mansell, R. (2012) Imagining the Internet: Communication, innovation, and governance.
England: Oxford University Press.
McGettrick, A. (2013) Toward effective cybersecurity education. IEEE Security &
Privacy, 11(6), pp.66-68.
Miorandi, D., Sicari, S., De Pellegrini, F. and Chlamtac, I. (2012) Internet of things: Vision,
applications and research challenges. Ad hoc networks, 10(7), pp.1497-1516.
O’Connell, M.E. (2012) Cyber security without cyber war. Journal of Conflict and Security
Law, 17(2), pp.187-209.
QuadMetrics. (2015) Why Should Your Small Business Care About Cybersecurity?. [Online]
QuadMetrics. Available at: https://www.quadmetrics.com/blog/posts/small-business-
cybersecurity [Accessed 25th April 2018].
Rayome, A.D. (2016) Hackers attempt DDoS attacks on Clinton and Trump campaign
websites using Mirai botnet. [Online] Tech Republic. Available at:
https://www.techrepublic.com/article/hackers-attempt-ddos-attacks-on-clinton-and-trump-
campaign-websites-using-mirai-botnet/ [Accessed 25th April 2018].
Document Page
CYBER SECURITY 12
Renda, A. (2013) Cybersecurity and Internet Governance. [Online] Council of Councils.
Available at: https://www.cfr.org/councilofcouncils/global_memos/p32414 [Accessed 25th
April 2018].
Sangani, N.K. and Vijayakumar, B. (2012) Cyber security scenarios and control for small and
medium enterprises. Informatica Economica, 16(2), p.58.
Shackelford, S.J. (2014) Managing cyber attacks in international law, business, and
relations: In search of cyber peace. England: Cambridge University Press.
Sittig, D.F. and Singh, H. (2016) A socio-technical approach to preventing, mitigating, and
recovering from ransomware attacks. Applied clinical informatics, 7(2), p.624.
Wall, D.S. (2013) Enemies within: Redefining the insider threat in organizational security
policy. Security Journal, 26(2), pp.107-124.
Wang, W. and Lu, Z. (2013) Cyber security in the smart grid: Survey and
challenges. Computer Networks, 57(5), pp.1344-1371.
Wells, L.J., Camelio, J.A., Williams, C.B. and White, J. (2014) Cyber-physical security
challenges in manufacturing systems. Manufacturing Letters, 2(2), pp.74-77.
Woolf, N. (2016) DDoS attack that disrupted internet was largest of its kind in history,
experts say. [Online] The Guardian. Available at:
https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet
[Accessed 25th April 2018].
Yan, Q. and Yu, F.R. (2015) Distributed denial of service attacks in software-defined
networking with cloud computing. IEEE Communications Magazine, 53(4), pp.52-59.
Yan, Q., Yu, F.R., Gong, Q. and Li, J. (2016) Software-defined networking (SDN) and
distributed denial of service (DDoS) attacks in cloud computing environments: A survey,
some research issues, and challenges. IEEE Communications Surveys & Tutorials, 18(1),
pp.602-622.
Yan, Y., Qian, Y., Sharif, H. and Tipper, D. (2012) A survey on cyber security for smart grid
communications. IEEE Communications Surveys and Tutorials, 14(4), pp.998-1010.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
CYBER SECURITY 13
Zargar, S.T., Joshi, J. and Tipper, D. (2013) A survey of defense mechanisms against
distributed denial of service (DDoS) flooding attacks. IEEE communications surveys &
tutorials, 15(4), pp.2046-2069.
Document Page
CYBER SECURITY 14
Document Page
CYBER SECURITY 15
Appendix
Figure 1: Number of Unique Mobile Users
(Source: Kemp, 2017)
Figure 2: Increase in Financial Consequences of Cyber Attacks
(Source: Accenture, 2017)

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
CYBER SECURITY 16
Figure 3: Growth in Cyber-attacks on Small and Medium Businesses
(Source: Fibernet, 2018)
Figure 4: Small Businesses Vulnerability to Cyber attacks
(Source: QuadMetrics, 2015)
Document Page
CYBER SECURITY 17
Figure 5: Insider threat Risks
(Source: Armstrong, 2016)
Figure 6: Growth in Mobile Malware
(Source: Renda, 2013)
1 out of 18
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]