Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Cyber Security in ABCT Company

Verified

Added on 2023/03/17

AI Summary

This document discusses the case study of ABCT Company and provides recommendations to improve cyber security and overcome the risks of cyber-attacks. It covers topics such as security vulnerabilities, emerging threats, and solutions.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CYBER SECURITY IN ABCT COMPANY
Cyber Security in ABCT Company
Name of the Student:
Name of the University:
Author note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1CYBER SECURITY IN ABCT COMPANY
Executive Summary
This cyber security document has elaborate on analysing and discussing the case study
company- ABCT Company. The company has recently been experienced cyber-attack in its
business operation. It has asked a Security Consultant to provide a document on cyber
security. This paper has briefly explained the security vulnerabilities in the system of ABCT
and has provided ways to improve cyber securities and overcome the risks of cyber-attacks
for the company. Recommendations are suggested in terms of Installation of reliable security
programs on mobile phones, training and education and use of free wireless LAN.

2CYBER SECURITY IN ABCT COMPANY
Table of Contents
1. Introduction............................................................................................................................3
2. Discussion..............................................................................................................................3
2.1. Cyber security and its importance for ABCT Company.................................................3
2.2. Security vulnerabilities in ABCT’s system.....................................................................5
2.3. Different types of emerging threats.................................................................................7
2.4. Recommendations...........................................................................................................9
3. Conclusion............................................................................................................................10
References:...............................................................................................................................11

3CYBER SECURITY IN ABCT COMPANY
1. Introduction
In today’s world, cyber security is no longer just a technology issue and has
developed itself into a business issues too. This is particularly due to the fact that businesses
world-wide has become more digitized than ever before as this is why, they are highly
exposed to increasing number of threats if they fail to manage the risk of their security in
proper manner (Buczak & Guven, 2016). As a Security Consultant of one of the security
consulting company, I am asked to prepare a document on the cyber security for ABC
Technologies (ABCT), a multi-national Australian technology company as it was very
recently been the victim of several types of cyber-attacks. This company is provides software
and hardware solution services to its Australian customers. It provides its computer services
by VPN (Virtual Private Network) through its head office at Canberra. However, as the
company was recently faced the challenge of cyber-attacks, it has become very concerned
that its data might have been hacked by the hackers and all the company details and
information are being accessed by them. This case has also made the company to lose the
trust of its loyal customers that ultimately resulted in loss of its revenue. This paper shall
elaborate on providing solution to ABCT to overcome this challenge and to ensure that it
never face this situation again in the future. It would identify and explain some security
vulnerabilities present in the system of ABCT and would also highlight some emerging
threats for the company. Lastly, it would analyse the information and would give proper
recommendations to protect home and office from the cyber-attack.
2. Discussion
2.1. Cyber security and its importance for ABCT Company
According to Mehmood et al. (2016), cyber security refers to the set of techniques that
are used for protecting the integrity of the networks, data and programs from cyber-attacks

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4CYBER SECURITY IN ABCT COMPANY
like digital damage, attack ad unauthorised access. It is to note that cyber-attacks are
launched from one computer(s) against any other computer(s) or networks. Such cyber-
attacks are basically aimed at changing, accessing and destroying all the sensitive information
or for extorting money from the users (Ahmed, Mahmood & Hu, 2016). It also interrupt the
normal business processes of the companies. Implementation of some effective cyber security
measures is very challenging in contemporary days as of the fact that there are more number
of devices today than there are people and therefore, the attackers are becoming highly
innovative. Being a high technology company, ABCT is more prone to cyber-attacks as it has
some very valuable information that are to be stolen (Uludag et al., 2016). With the same, the
other reason behind this proneness is the fact that high technology companies and their
employees have higher risk appetite as compared to their counterparts in the other industries.
At the same time, they also tend to be the early adopters of the new and innovative
technologies in the market that are still maturing in the other sectors. These factors are
making technology companies like ABCT Technologies more vulnerable to exploitations and
attacks.
Just as important, there are some parts of the technology industry that provide an
attack path into the other industries as the high technology products are considered to be the
key infrastructure elements for all types of organisations. Technology is considered to be the
key enables but it can also be a significant source of vulnerability (Botta et al., 2016). One of
the examples to consider in this context is due to tremendous need for establishing trust on
the internet, the attacks on the certificate authorities have caused some serious privacy
breaches over different industries in Australia. With the same, the vulnerabilities in the
systems of point of sale have also resulted in some significant security breaches for the
retailers and at the same time, the back doors in the field of communication hardware have
also exposed the companies like ABCT to wide range of cyber-attacks (Edwards, 2018).

5CYBER SECURITY IN ABCT COMPANY
Considering the back doors, it is to note that the growing involvement of the actors of the
covert state in this field have been making headlines very recently and this has caused some
significant reputational damage for the companies that are involved. For example, in case of
ABCT, as it was the victim of different recent cyber-attacks, the company is now more
worried that it would lose the trust of its loyal customers. Moreover, one of the other reasons
for why cyber security is important in ABCT Company is the fact that cyber-attacks can led
to loss of its intellectual property (IP) as well. If the IP is lost or stolen after the years of
investment could result in dramatic reduction in the competitive advantage of ABCT
Company. Competitors and States are often considered to be the actors in the IP theft.
Moreover, as ABCT Company also offer online services, there can of loss of customer
information and this is a significant threat as many nations require disclosure when the
personal identifiable information in lost. This is why taking proper measures to ensure strong
cyber security is very important for ABCT Company is very crucial.
2.2. Security vulnerabilities in ABCT’s system
a) VPN connection- The main aim of the VPN connection is ensuring online security and
privacy, so that the company that is using it (ABCT Company) can secure its online activities
without being worried regarding the interference of the third parties who might monitor its
online behaviours (Singh & Gupta, 2016). However, it is to be mentioned the hackers in the
contemporary world are highly persistent and that they may try for penetrating into the
network connection of the company even though it is making use of a VPN. The significant
things that is making the VPN connection of ABCT Company vulnerable to the cyber-attacks
are weak security protocol, unreliability of the VPN service, server problems, single layer
protection and the basic encryption system. It is to note that not all the security protocol have
same type of encryption quality and also, there are many VPN services that still make use of
weak security protocol as key protection system. It can be very disadvantageous for the users

6CYBER SECURITY IN ABCT COMPANY
because there are already many cases that prove that making use of weak security protocol
could put the users at risk. If the VPN of ABCT Company use weak security protocol like
PPTP then even though if the connection is encrypted with private network, it would still be
vulnerable to the attacks from the hackers (Jahan, Rahman & Saha, 2017). Once hackers can
detect the security protocol, they would use it as their point of entry for penetrating the
network further.
b) Bring Your Own Device (BYOD) policy- ABCT is making use of BYOD policy in place
for its employees who work onsite. Along with the growth of the modern technology and the
rise in adoption of the practices of workplace mobility, change from the company gave
devices for employees who are bringing their own devices is also affecting the policies of
cyber securities of many companies. According to Herrera, Ron and Rabadao (2017), this
system is one of the highly complicated headaches for the IT departments as it exposes the
whole organisation to high risks of security. Although BYOD is considered to be an excellent
business model that increases organisational productivity and ensures greater flexibility, it
has a significant impact on the traditional IT structure. Some of the significant aspects that is
making the BYOD policy of ABCT Company vulnerable to the cyber-attacks are data
leakage, combining the personal and the corporate data, increased infiltration of the malware
and expanding the IT infrastructure (Garba et al., 2015). It is to note that with the current
provided flexibility of BYOD system in the modern day workplaces, the avenues of data
leakage are escalating to a significant extent. Data leakage occurs when the employees are
allowed to get an access to the corporate data anytime and anywhere. As per the recent data,
data leakage can cost about 3.8 million dollars on an average. It is also to mention that mobile
devices are the weakest link to security of the company and are considered to be the most
vulnerable to attacks. Also, often BYOD system makes it very difficult to differentiate the
corporate and personal data as they are both kept on the same device. Therefore, if the device

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7CYBER SECURITY IN ABCT COMPANY
is lost by any chance, corporate data would be accessed by any other person who finds or gets
the device. In this way, the person can make use of the data for damaging the company’s
reputation. Furthermore, malware can also compromise the security of BYODs. If any of the
employees of ABCT Company unknowingly installs the malware and brings his or her
personal device to the workplace, it could easily spread the network of the company and can
even hamper its daily operations.
c) Free Wi-Fi for public use- In modern days, free Wi-Fi is widely available. It is widely
known that jumping on a free internet connection could be a convenient way of getting an
access to the online accounts, for catching up on the work and for checking emails. However,
it is to note that security risks is an important concern in all these process and should never be
forgotten. As the case study suggests that ABCT Company provides free Wireless LAN
access to all its clients and visitors at each of its locations. According to Chhaya et al. (2017),
free public wireless networks are susceptible to cyber-attacks as of the encryption protocol
that is used by some wireless networks and for the possibility of joining a rouge Wi-Fi
hotspot. In such cases the hackers and the attackers create a rogue hotspot with an intention
of unleashing MITM (Man-in-the-middle attacks on the unsuspecting victims that join their
rogue network. Giving the visitors and the guests an access to the internet opens the company
and its business up to some considerable risks. If these risks as not mitigated in proper time,
guest WiFi access could prove to be highly costly. Guests or visitors can take the advantage
of lack of restriction for accessing improper materials like pornography. Also, the individuals
could also engage in some morally questionable activities on the business network. With the
same, they can deliberately or accidently install ransomware or malware.
2.3. Different types of emerging threats
The five different types of emerging threats that might affect ABCT are as follows:

8CYBER SECURITY IN ABCT COMPANY
Ransomware- It has been one of the significant threats that is continuously
influencing the businesses since the last two years. It is exploiting the basic vulnerabilities
comprising of the shortage of network segmentation and the backups. In modern days, the
attackers are employing the same variants of ransomware that were earlier used for
encrypting the data for ransoming the resources and systems of an organisation in order to
mine for cryptocurrency or cryptojacking or crytopmining (Scaife, 2016). It is a strain of
malware that is very similar to the other types of strains that many types of ransomware such
as NotPetya and Petya has in place.
Geopolitical risks- There is a new breed of cyber-attack that is emerging into the
threat landscape and is fuelled by the geopolitical tensions. The modern cyber-attacks are
increasingly fuelled by this geopolitical tension and they reveal how clever the attackers have
become in evolving for remaining undetected by making use of technique like lateral
movement, counter incident and island hopping response in order to stay invisible. If ABCT
Company fail to take into consideration the geopolitical and location risk, those that store the
data in a third party or nation state that is very sensitive would run the risk of threat actors
that are being used against them.
Internet of Things (IoT) threats- Today, companies are going on adding solutions such
as security cameras and smart container ships and most of these devices do not have know
how they are gaining to manage them factored into the designing of the products.
Maintenance is more often the last consideration in terms of IoT. Companies that want to stay
safe need to ensure that all the IoT devices are manageable and that there is an
implementation of process for updating them.
Mobile malware- Mobile devices are significantly a top target of attack. Most of the
analyst firms that try to deploy the MDM solutions find that the privacy concerns are limiting

9CYBER SECURITY IN ABCT COMPANY
the adoption. As per the recent reports it has been claimed that majority of the Android
devices are running at old versions of android and it is challenging for them to continue
supporting the devices and get the patches in timely manner. Therefore, companies need to
ensure that their employees are getting the access to anti-malware solution
Cross-site scripting- Organisations today are struggling hard to avoid the XSS (cross-
site scripting) attacks in the cycle of development. About 21% of the vulnerabilities are
chosen by the bug bounty programs are the XSS areas that are making them the leading type
of vulnerability. These type of attacks allow the adversaries to make use of business websites
for executing the untrusted code in the browser of the victims for making it easier for the
criminals to interact with the user and stealing their cookie information that are used for
authentication for hijacking the site without taking any credentials.
2.4. Recommendations
Training and education- Before allowing the employees for bringing their own
devices at work, ABCT Company should implement some robust policies that would help in
keeping the devices safe and secured. For instance, it can engage into training and educating
its employees about the risks associated with using mobile devices during work, they could
strive for preventing the occurrence of data leakage to the hackers and attackers. With the
same, for addressing the threat of keeping the personal and corporate data on the same
location, ABCT company should educate its employees about how to ring-fence and sandbox
the data.
Installation of reliable security programs on mobile phones- The BYOD policy
implemented by the ABCT Company should ensure that the employees are installing the
reliable security programs on their personal devices and that all the employees are provided

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10CYBER SECURITY IN ABCT COMPANY
with all the technical supports for ensuring that the security measures are implemented in
proper manner.
Secure the free wireless LAN- Securing the free guest Wireless network is very
important to ensure that they are protected while connected to the network. Before providing
free wireless LAN access to the visitors, ABCT Company should make sure that there is
updated firmware, network segmentation and the wireless signals of the company are all
encrypted. Firmware are used for correcting the vulnerabilities that can easily be exploited by
the cyber-attackers for gaining an access to the networks and devices. If those vulnerabilities
are exploited in any ways, the configurations could be changes for several different nefarious
uses. Furthermore, ensuring segmentation of the network is also important. Securing the
guest WiFi is all about ensuring that the guests are able to gain the access of only the parts of
the network that are used by the employees. Internal network of ABCT Company should be
completely separated from the network that is used by the visitors. If the network is
segregates, it would help in limiting the caused damage. Also, ABCT needs to make sure that
its wireless network is encrypted with WPA2/WPA3 encryption.
3. Conclusion
Hence, from the above analysis it is to conclude that ABCT Company needs to work a
lot on its cyber safety and security measures. Although, free WI-FI network for public use,
implementation of BYOD and use of VPN connection are beneficial for ABCT Company, it
is also introducing number of risks of cyber security that needs to be manager properly.
ABCT needs to expand its security policies to comprise of the added devices accessing the
networks and must educate its employees and staffs on the ways of keeping the devices
secure. With the same, it should also ensure to constantly monitor if there is any security
breaches in the place or not. Employees should also be educated about keeping their mobile
devices up to date with the modern security patches.

11CYBER SECURITY IN ABCT COMPANY
References:
Ahmed, M., Mahmood, A. N., & Hu, J. (2016). A survey of network anomaly detection
techniques. Journal of Network and Computer Applications, 60, 19-31. Retrieved
from: https://www.gta.ufrj.br/~alvarenga/files/CPE826/Ahmed2016-Survey.pdf
Botta, A., De Donato, W., Persico, V., & Pescapé, A. (2016). Integration of cloud computing
and internet of things: a survey. Future generation computer systems, 56, 684-700.
Retrieved from: http://iranarze.ir/wp-content/uploads/2017/03/6229-English-
IranArze.pdf
Buczak, A. L., & Guven, E. (2016). A survey of data mining and machine learning methods
for cyber security intrusion detection. IEEE Communications Surveys &
Tutorials, 18(2), 1153-1176. Retrieved from:
http://www.parkjonghyuk.net/lecture/2017-2nd-lecture/forensic/s2.pdf
Chhaya, L., Sharma, P., Bhagwatikar, G., & Kumar, A. (2017). Wireless sensor network
based smart grid communications: cyber attacks, intrusion detection system and
topology control. Electronics, 6(1), 5. Available at
DOI:10.20944/preprints201610.0092.v2
Edwards, C. (2018). War by other means [cyber war]. Engineering & Technology, 13(11),
30-33. Available at DOI: 10.1049/et.2018.1101

12CYBER SECURITY IN ABCT COMPANY
Garba, A. B., Armarego, J., Murray, D., & Kenworthy, W. (2015). Review of the information
security and privacy challenges in Bring Your Own Device (BYOD)
environments. Journal of Information privacy and security, 11(1), 38-54. Available at
DOI: https://doi.org/10.1080/15536548.2015.1010985
Herrera, A. V., Ron, M., & Rabadão, C. (2017, June). National cyber-security policies
oriented to BYOD (bring your own device): Systematic review. In 2017 12th Iberian
Conference on Information Systems and Technologies (CISTI) (pp. 1-4). IEEE.
Available at DOI: https://doi.org/10.23919/CISTI.2017.7975953
Jahan, S., Rahman, M. S., & Saha, S. (2017, January). Application specific tunneling protocol
selection for Virtual Private Networks. In 2017 International Conference on
Networking, Systems and Security (NSysS) (pp. 39-44). IEEE. Retrieved from:
https://www.researchgate.net/profile/Sajeeb_Saha2/publication/312190925_Applicati
on_Specific_Tunneling_Protocol_Selection_for_Virtual_Private_Networks/links/
59dc5824aca2728e2018b59b/Application-Specific-Tunneling-Protocol-Selection-for-
Virtual-Private-Networks.pdf
Mehmood, A., Natgunanathan, I., Xiang, Y., Hua, G., & Guo, S. (2016). Protection of big
data privacy. IEEE access, 4, 1821-1834. Retrieved from:
https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7460114
Scaife, N., Carter, H., Traynor, P., & Butler, K. R. (2016, June). Cryptolock (and drop it):
stopping ransomware attacks on user data. In 2016 IEEE 36th International
Conference on Distributed Computing Systems (ICDCS) (pp. 303-312). IEEE.
Retrieved from: https://regmedia.co.uk/2016/10/27/scaife-icdcs16.pdf
Singh, K. K. V., & Gupta, H. (2016, March). A New Approach for the Security of VPN.
In Proceedings of the Second International conference on Information and

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

13CYBER SECURITY IN ABCT COMPANY
Communication Technology for Competitive Strategies (p. 13). ACM. Retrieved from:
https://www.researchgate.net/profile/Kuwar_Kuldeep_Veer_Vikram_Singh/
publication/307090754_A_New_Approach_for_the_Security_of_VPN/links/
5b3507d3a6fdcc8506d90b08/A-New-Approach-for-the-Security-of-VPN.pdf
Uludag, S., Lui, K. S., Ren, W., & Nahrstedt, K. (2016). Secure and scalable data collection
with time minimization in the smart grid. IEEE Transactions on Smart Grid, 7(1), 43-
54. Retrieved from:
https://deepblue.lib.umich.edu/bitstream/handle/2027.42/111642/Uludag2015Secure_
ToSG.pdf?sequence=3&isAllowed=y

1 out of 14

+13062052269

info@desklib.com

Cyber Security in ABCT Company

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Cybersecurity Risks and Recommendations for ABCT

Emerging Security Threats

Cybersecurity for Office and Home

Importance of Cyber Security for ABCT

Use of Cybersecurity within office and home systems

Professional skills for Information and Communication