Cyber Security Management: Data Collection, Protection Frameworks, and Social Engineering Strategies
VerifiedAdded on 2023/06/10
|7
|1967
|450
AI Summary
This report covers the significance and needs of user data collection by organizations, data collection and protection frameworks used by firms to preserve customer trust and to protect assets from accidental loss, and social engineering strategies which are used in domains to steal data.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Cyber Security
Management
Management
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Contents
INTRODUCTION...........................................................................................................................1
MAIN BODY...................................................................................................................................1
Specific needs of user data collection and their significance......................................................1
Data collection and protection frameworks used by organisations in each domain....................2
Social engineering strategies used in domains to steal data........................................................3
CONCLUSION................................................................................................................................4
REFERENCES................................................................................................................................5
INTRODUCTION...........................................................................................................................1
MAIN BODY...................................................................................................................................1
Specific needs of user data collection and their significance......................................................1
Data collection and protection frameworks used by organisations in each domain....................2
Social engineering strategies used in domains to steal data........................................................3
CONCLUSION................................................................................................................................4
REFERENCES................................................................................................................................5
INTRODUCTION
Cyber security management is termed as companies capabilities as strategic level to
protect data resources and competitive advantage in a landscape which is both complex and
evolves risks. In today's world, business environment is highly dynamic and fast paced which
encourages organizations to utilise their assets such as digital processes and information system
to achieve competitive advantage (Gupta, 2018). This contains personal identifiable information,
sensitive data, intellectual property and governmental and sector system of information. This
report covers significance and needs of user data collection by organizations. It highlights data
collection and protection frameworks used by firms to preserve customer trust and to protect
assets from accidental loss. It discusses social engineering strategies which are used in domains
to steal data.
MAIN BODY
Specific needs of user data collection and their significance
Information collection is the key to better enterprise and new developments as the more
information they have, the more management can organise themselves to provide the best results.
Thus makes it essential to collect data in various domains which can also be use to predict
current trends of specific parameters and events of future. For collecting the information in
health domain, companies specific needs are to provide people with personalised services of
patient care (Kahyaoglu & Caliyurt, 2018). It also assists firms like insurance companies,
registries etc. to offer necessary services to people who requires it. The significance of health
data collection for organizations is that it improves their competitiveness by understanding
patients requirements so that they can provide them timely services and helps in decision
making. Health data collection executed properly can maximise the quality of services provided
and at the same time also lead to greater market position and improved revenues.
In domain of gaming, companies need to collect information because properly defined
gaming analytics empowers them to make decisions which are data driven. The insights collected
assists organizations to improve designs of games, monetisation and business impact. It helps in
providing better gaming experiences with visual effects and graphics that the player most
resonate with as well as offers players with personalised markets. Data collection is gives bug
detection from data of gameplay and assures highest quality to customers who are invested in a
1
Cyber security management is termed as companies capabilities as strategic level to
protect data resources and competitive advantage in a landscape which is both complex and
evolves risks. In today's world, business environment is highly dynamic and fast paced which
encourages organizations to utilise their assets such as digital processes and information system
to achieve competitive advantage (Gupta, 2018). This contains personal identifiable information,
sensitive data, intellectual property and governmental and sector system of information. This
report covers significance and needs of user data collection by organizations. It highlights data
collection and protection frameworks used by firms to preserve customer trust and to protect
assets from accidental loss. It discusses social engineering strategies which are used in domains
to steal data.
MAIN BODY
Specific needs of user data collection and their significance
Information collection is the key to better enterprise and new developments as the more
information they have, the more management can organise themselves to provide the best results.
Thus makes it essential to collect data in various domains which can also be use to predict
current trends of specific parameters and events of future. For collecting the information in
health domain, companies specific needs are to provide people with personalised services of
patient care (Kahyaoglu & Caliyurt, 2018). It also assists firms like insurance companies,
registries etc. to offer necessary services to people who requires it. The significance of health
data collection for organizations is that it improves their competitiveness by understanding
patients requirements so that they can provide them timely services and helps in decision
making. Health data collection executed properly can maximise the quality of services provided
and at the same time also lead to greater market position and improved revenues.
In domain of gaming, companies need to collect information because properly defined
gaming analytics empowers them to make decisions which are data driven. The insights collected
assists organizations to improve designs of games, monetisation and business impact. It helps in
providing better gaming experiences with visual effects and graphics that the player most
resonate with as well as offers players with personalised markets. Data collection is gives bug
detection from data of gameplay and assures highest quality to customers who are invested in a
1
gaming firm for long. It helps in tracking how players use the systems as this information is use
to modify storylines, change levels of difficulty and aids in justifying new content. This is
significant for companies as it helps them save and track complaints against games with use of
sentiment analysis. It enables businesses to monitor and analysis data to effectively minimise
downtime (Mosteanu, 2020). It assist all the departments of gaming domain from marketing to
designing as all functions can be carried out with more efficiency and more personalised to users.
Data in social media is collected as it provides firm with deeper insights about who their
audiences are, what are their needs and how they can actively engage with firm. Needs for
collecting the information is to optimise social content as per preferences of audience. It allows
firms to comprehend which platform is widely used so that they can effectively carry out their
marketing activities. It facilitates organisations to analyse what their customers are sharing and
posting about so that they design content strategy which will effectively answers their any
concerns. This is significant for companies as it refines their strategies of marketing and adjust
accordingly. It creates new streams of revenues for businesses that captures huge amount of data
and sell it further for more opportunities. It aid firms to create targeted advertisements for each
user according to their search. It allows firms to better understand its audience in order to
provide them more content which they want to read, listen or watch.
Data collection and protection frameworks used by organisations in each domain
Data collection and protection frameworks are used to assist companies to ensure that the
personal information collected by them in view of their operations is appropriately protected and
responsibly used. Healthcare industry is highly targeted by cyberattacks thus they should manage
sensitive medical data and financial information. To preserve customer trust protection
frameworks used by healthcare firms are a firewall to forbid unauthorised individuals from
accessing any information or network (Rothrock, Kaplan & Van Der Oord, 2018). They uses
spam filter which blocks malicious malware and emails. Data encryption is another efficient
measure to safeguards personal information and sensitive data. But it should be used by both
parties and healthcare firms to have secure storage system. A framework developed by Center
for Internet Security develops Critical Security Controls to enhance healthcare data cyber
security.
It is essential for gaming organisations to build robust trust with it users regarding
collecting their personal data. They safeguard their interest in firm by prioritising transparency
2
to modify storylines, change levels of difficulty and aids in justifying new content. This is
significant for companies as it helps them save and track complaints against games with use of
sentiment analysis. It enables businesses to monitor and analysis data to effectively minimise
downtime (Mosteanu, 2020). It assist all the departments of gaming domain from marketing to
designing as all functions can be carried out with more efficiency and more personalised to users.
Data in social media is collected as it provides firm with deeper insights about who their
audiences are, what are their needs and how they can actively engage with firm. Needs for
collecting the information is to optimise social content as per preferences of audience. It allows
firms to comprehend which platform is widely used so that they can effectively carry out their
marketing activities. It facilitates organisations to analyse what their customers are sharing and
posting about so that they design content strategy which will effectively answers their any
concerns. This is significant for companies as it refines their strategies of marketing and adjust
accordingly. It creates new streams of revenues for businesses that captures huge amount of data
and sell it further for more opportunities. It aid firms to create targeted advertisements for each
user according to their search. It allows firms to better understand its audience in order to
provide them more content which they want to read, listen or watch.
Data collection and protection frameworks used by organisations in each domain
Data collection and protection frameworks are used to assist companies to ensure that the
personal information collected by them in view of their operations is appropriately protected and
responsibly used. Healthcare industry is highly targeted by cyberattacks thus they should manage
sensitive medical data and financial information. To preserve customer trust protection
frameworks used by healthcare firms are a firewall to forbid unauthorised individuals from
accessing any information or network (Rothrock, Kaplan & Van Der Oord, 2018). They uses
spam filter which blocks malicious malware and emails. Data encryption is another efficient
measure to safeguards personal information and sensitive data. But it should be used by both
parties and healthcare firms to have secure storage system. A framework developed by Center
for Internet Security develops Critical Security Controls to enhance healthcare data cyber
security.
It is essential for gaming organisations to build robust trust with it users regarding
collecting their personal data. They safeguard their interest in firm by prioritising transparency
2
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
about the ways in which their data is stored and used. General Data Protection Regulation for
users is part of global effort to make firms utilises personal data with dignity. Firms ask for user
permission before collecting any sort of data, it is on them whether they agrees on companies
terms and conditions of procuring data. They use secure network and encrypt all customer data
by adopting PCI compliance. They use data encryption on all portable devices and protect data in
transit. Gaming organisations uses intrusion detection system which tracks any changes in
interface or irregular network activities. Social media firms uses Data Loss Prevention software
to detect and monitor any activities which takes place around sensitive data (White & Daniels,
2019, June). Advanced technologies helps social media organisations to prevent serious threats
such as accidental data deletion, data breach and data exfiltration. Firms takes necessary
permission to customers before using their personal information to third party for more
personalised user-face. They allows customers to opt out any time for not giving their
information to firms. For security of cardholders data, the Payment Card Industry Data Security
Standard (PCI DSS) has been set up by all firms to process, keep and transmit credit and debit
card information. It aids businesses to prevent data breaches and secure payment card
transactions.
Social engineering strategies used in domains to steal data
In healthcare industry, with manipulation engineering strategies attackers are able to form
direct contact with potential victim to force them into sharing sensitive data about their medical
history. Engineering technique of whaling and spear phishing which targets specific individuals
with access to highly sensitive information. Attackers conduct malicious research to produce
message which cause targets to respond and execute desired actions. The firms end up getting
caught in these types of malware which hampers security of their sensitive information. In
domain of gaming, users are always exposed to theft of their private data (Roy, 2020, February).
Scareware is a social engineering tactic which trick victims into downloading or purchasing
updates that carries malware. It can leads to steal users data and their history of using the games.
These technique shows pop up which appears to be warning from real antivirus firms and when
user clicks on it, they end up stealing their privacy information. In domain of social media,
several social engineering strategies used such as pretexting where attackers create a fake
identity and utilise it to manipulate users into sharing private information.
3
users is part of global effort to make firms utilises personal data with dignity. Firms ask for user
permission before collecting any sort of data, it is on them whether they agrees on companies
terms and conditions of procuring data. They use secure network and encrypt all customer data
by adopting PCI compliance. They use data encryption on all portable devices and protect data in
transit. Gaming organisations uses intrusion detection system which tracks any changes in
interface or irregular network activities. Social media firms uses Data Loss Prevention software
to detect and monitor any activities which takes place around sensitive data (White & Daniels,
2019, June). Advanced technologies helps social media organisations to prevent serious threats
such as accidental data deletion, data breach and data exfiltration. Firms takes necessary
permission to customers before using their personal information to third party for more
personalised user-face. They allows customers to opt out any time for not giving their
information to firms. For security of cardholders data, the Payment Card Industry Data Security
Standard (PCI DSS) has been set up by all firms to process, keep and transmit credit and debit
card information. It aids businesses to prevent data breaches and secure payment card
transactions.
Social engineering strategies used in domains to steal data
In healthcare industry, with manipulation engineering strategies attackers are able to form
direct contact with potential victim to force them into sharing sensitive data about their medical
history. Engineering technique of whaling and spear phishing which targets specific individuals
with access to highly sensitive information. Attackers conduct malicious research to produce
message which cause targets to respond and execute desired actions. The firms end up getting
caught in these types of malware which hampers security of their sensitive information. In
domain of gaming, users are always exposed to theft of their private data (Roy, 2020, February).
Scareware is a social engineering tactic which trick victims into downloading or purchasing
updates that carries malware. It can leads to steal users data and their history of using the games.
These technique shows pop up which appears to be warning from real antivirus firms and when
user clicks on it, they end up stealing their privacy information. In domain of social media,
several social engineering strategies used such as pretexting where attackers create a fake
identity and utilise it to manipulate users into sharing private information.
3
Taligating is another social engineering technique which encompasses secure security
mechanisms of firms. Potential tailgaters comprises of thieves, ex staff and saboteurs who
searches to steal from company. They can cause heavy damage to business by stealing sensitive
information by carrying out additional attacks. These all engineering techniques are illegal in
nature as they tries to be present as someone else and steal data of companies to exploit their
customers data (Slipachuk, Toliupa & Nakonechnyi, 2019, July). These ends up malifying firms
reputation in market and breaks trust of its loyal customers. Companies take necessary
precaution to safeguards its information and sensitive data from malicious engineering
techniques by adopting necessary anti virus and security awareness trainings. Firms are
undertaking several creative measures to penetrate their defences with social engineering
techniques. A successful test can help companies to discover employees or systems that may
need to protect data. Modern tools can evaluate and block phishing messages or links to reach to
firms mailing systems which can pose threat of intelligence databases. All staff of organisation
should be aware of the dangers of social engineering and should take measures on individual
level to defend against it.
CONCLUSION
From the information presented above, it has been concluded that it is essential for firms
to undertake cyber security as it assist in safe guarding all categories of information from
damage and theft. It is done to preserve customer trust in organisation and enhance security of
cardholders by implementing several protection frameworks. It protects assets from accidental
loss or destruction against an international standards by facilitating data collection norms. This
paper discusses various social engineering strategies which are taken by attackers to steal data of
firms which are generally illegal in nature.
4
mechanisms of firms. Potential tailgaters comprises of thieves, ex staff and saboteurs who
searches to steal from company. They can cause heavy damage to business by stealing sensitive
information by carrying out additional attacks. These all engineering techniques are illegal in
nature as they tries to be present as someone else and steal data of companies to exploit their
customers data (Slipachuk, Toliupa & Nakonechnyi, 2019, July). These ends up malifying firms
reputation in market and breaks trust of its loyal customers. Companies take necessary
precaution to safeguards its information and sensitive data from malicious engineering
techniques by adopting necessary anti virus and security awareness trainings. Firms are
undertaking several creative measures to penetrate their defences with social engineering
techniques. A successful test can help companies to discover employees or systems that may
need to protect data. Modern tools can evaluate and block phishing messages or links to reach to
firms mailing systems which can pose threat of intelligence databases. All staff of organisation
should be aware of the dangers of social engineering and should take measures on individual
level to defend against it.
CONCLUSION
From the information presented above, it has been concluded that it is essential for firms
to undertake cyber security as it assist in safe guarding all categories of information from
damage and theft. It is done to preserve customer trust in organisation and enhance security of
cardholders by implementing several protection frameworks. It protects assets from accidental
loss or destruction against an international standards by facilitating data collection norms. This
paper discusses various social engineering strategies which are taken by attackers to steal data of
firms which are generally illegal in nature.
4
REFERENCES
Books and Journals:
Gupta, B. B. (Ed.). (2018). Computer and cyber security: principles, algorithm, applications,
and perspectives. CRC Press.
Kahyaoglu, S. B., & Caliyurt, K. (2018). Cyber security assurance process from the internal
audit perspective. Managerial Auditing Journal.
Mosteanu, N. R. (2020). Artificial Intelligence and Cyber Security–A Shield against Cyberattack
as a Risk Business Management Tool–Case of European Countries. Quality-Access to
Success. 21(175).
Rothrock, R. A., Kaplan, J., & Van Der Oord, F. (2018). The board's role in managing
cybersecurity risks. MIT Sloan Management Review. 59(2). 12-15.
Roy, P. P. (2020, February). A High-Level Comparison between the NIST Cyber Security
Framework and the ISO 27001 Information Security Standard. In 2020 National
Conference on Emerging Trends on Sustainable Technology and Engineering
Applications (NCETSTEA) (pp. 1-3). IEEE.
Slipachuk, L., Toliupa, S., & Nakonechnyi, V. (2019, July). The Process of the Critical
Infrastructure Cyber Security Management using the Integrated System of the National
Cyber Security Sector Management in Ukraine. In 2019 3rd International Conference
on Advanced Information and Communications Technologies (AICT) (pp. 451-454).
IEEE.
White, J., & Daniels, C. (2019, June). Continuous cybersecurity management through blockchain
technology. In 2019 IEEE Technology & Engineering Management Conference
(TEMSCON) (pp. 1-5). IEEE.
5
Books and Journals:
Gupta, B. B. (Ed.). (2018). Computer and cyber security: principles, algorithm, applications,
and perspectives. CRC Press.
Kahyaoglu, S. B., & Caliyurt, K. (2018). Cyber security assurance process from the internal
audit perspective. Managerial Auditing Journal.
Mosteanu, N. R. (2020). Artificial Intelligence and Cyber Security–A Shield against Cyberattack
as a Risk Business Management Tool–Case of European Countries. Quality-Access to
Success. 21(175).
Rothrock, R. A., Kaplan, J., & Van Der Oord, F. (2018). The board's role in managing
cybersecurity risks. MIT Sloan Management Review. 59(2). 12-15.
Roy, P. P. (2020, February). A High-Level Comparison between the NIST Cyber Security
Framework and the ISO 27001 Information Security Standard. In 2020 National
Conference on Emerging Trends on Sustainable Technology and Engineering
Applications (NCETSTEA) (pp. 1-3). IEEE.
Slipachuk, L., Toliupa, S., & Nakonechnyi, V. (2019, July). The Process of the Critical
Infrastructure Cyber Security Management using the Integrated System of the National
Cyber Security Sector Management in Ukraine. In 2019 3rd International Conference
on Advanced Information and Communications Technologies (AICT) (pp. 451-454).
IEEE.
White, J., & Daniels, C. (2019, June). Continuous cybersecurity management through blockchain
technology. In 2019 IEEE Technology & Engineering Management Conference
(TEMSCON) (pp. 1-5). IEEE.
5
1 out of 7
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.