Emerging Security Threats
VerifiedAdded on 2023/03/21
|12
|3912
|46
AI Summary
This report evaluates the cyber security aspects regarding the organization ABC Technology and analyzes different security vulnerabilities in their IT system. It also discusses five different types of emerging threats and provides recommendations for protection against cyber-attacks.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: EMERGING SECURITY THREATS
EMERGING SECURITY THREATS
Name of the Student
Name of the University
Author Note
EMERGING SECURITY THREATS
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1EMERGING SECURITY THREATS
Executive summary:
This report aims to evaluate the cyber security aspects regarding the organization ABC
Technology. This report has analysed different security vulnerabilities that is relevant for IT
system of ABC Technology organization. This ABC Technology organization is a Australia
based technological organization which provides various of high class hardware services to
its customers.
Through this assessment the present cyber security in the ABCT organization has been
analysed. The assessment has identified different security vulnerabilities such as security
issue in VPN service, cloud services and BYOD policy. This report has then analysed three
important security vulnerabilities that is associated with the information system of the ABCT
Company. It is hence necessary for the company to increase security for all of its system.
Securing the system through advanced measures is not only an option for ABCT, it is an
essential strategy that they have to consider for securing their important data regarding
business, employee and consumers.
From the conclusion it is clear that the cyber security is very much important aspects for all
the organizations including the ABC Technology. The importance of cyber security for the
organizations has been justified in this case. This report also cleared that proper control over
the cyber security threats is very much important for betterment of the ABCT organization.
Implementation of the proper cyber security framework will help the organization to protect
them from any types of serious issues.
The following recommendations have been provided for the protection purpose of home and
offices from the cyber-attacks.
Strong password must be implemented by the users for protecting their personal
devices.
Infrastructure and the software services must be always up to date for protection
against the cyber security risks.
Awareness among the employees is needed for so that they can deny any type of
phishing and spoofing attack.
Executive summary:
This report aims to evaluate the cyber security aspects regarding the organization ABC
Technology. This report has analysed different security vulnerabilities that is relevant for IT
system of ABC Technology organization. This ABC Technology organization is a Australia
based technological organization which provides various of high class hardware services to
its customers.
Through this assessment the present cyber security in the ABCT organization has been
analysed. The assessment has identified different security vulnerabilities such as security
issue in VPN service, cloud services and BYOD policy. This report has then analysed three
important security vulnerabilities that is associated with the information system of the ABCT
Company. It is hence necessary for the company to increase security for all of its system.
Securing the system through advanced measures is not only an option for ABCT, it is an
essential strategy that they have to consider for securing their important data regarding
business, employee and consumers.
From the conclusion it is clear that the cyber security is very much important aspects for all
the organizations including the ABC Technology. The importance of cyber security for the
organizations has been justified in this case. This report also cleared that proper control over
the cyber security threats is very much important for betterment of the ABCT organization.
Implementation of the proper cyber security framework will help the organization to protect
them from any types of serious issues.
The following recommendations have been provided for the protection purpose of home and
offices from the cyber-attacks.
Strong password must be implemented by the users for protecting their personal
devices.
Infrastructure and the software services must be always up to date for protection
against the cyber security risks.
Awareness among the employees is needed for so that they can deny any type of
phishing and spoofing attack.
2EMERGING SECURITY THREATS
Table of Contents
1.0 Introduction:.........................................................................................................................3
1.1 Background:.....................................................................................................................3
1.2 Aim:..................................................................................................................................3
1.3 Scope:...............................................................................................................................3
2.0 Explanation of CyberSecurity:.............................................................................................4
2.1 Cyber Security and its Importance of its to ABCT:.........................................................4
2.1.1 Assessment of Security Vulnerabilities:....................................................................4
2.1.2 Securing Virtual Private Network:............................................................................5
2.1.3 Securing Hardware and Software Services:...............................................................5
2.2 Security Vulnerabilities in ABCT’s System:...................................................................5
2.2.1 VPN Vulnerability:....................................................................................................5
2.2.2 BYOD Policy Vulnerability:.....................................................................................6
2.2.3 Cloud Computing Vulnerability:...............................................................................6
3.0 Five Different Types of Emerging Threats:.........................................................................7
3.1 Cryptojacking:..................................................................................................................7
3.2 Threats from the IoT devices:...........................................................................................7
3.3 Geopolitical risk:..............................................................................................................7
3.4 Cross-site scripting:..........................................................................................................8
3.5 Mobile malware:...............................................................................................................8
4.0 Conclusion:..........................................................................................................................8
5.0 Recommendation:................................................................................................................9
6.0 References:.........................................................................................................................10
Table of Contents
1.0 Introduction:.........................................................................................................................3
1.1 Background:.....................................................................................................................3
1.2 Aim:..................................................................................................................................3
1.3 Scope:...............................................................................................................................3
2.0 Explanation of CyberSecurity:.............................................................................................4
2.1 Cyber Security and its Importance of its to ABCT:.........................................................4
2.1.1 Assessment of Security Vulnerabilities:....................................................................4
2.1.2 Securing Virtual Private Network:............................................................................5
2.1.3 Securing Hardware and Software Services:...............................................................5
2.2 Security Vulnerabilities in ABCT’s System:...................................................................5
2.2.1 VPN Vulnerability:....................................................................................................5
2.2.2 BYOD Policy Vulnerability:.....................................................................................6
2.2.3 Cloud Computing Vulnerability:...............................................................................6
3.0 Five Different Types of Emerging Threats:.........................................................................7
3.1 Cryptojacking:..................................................................................................................7
3.2 Threats from the IoT devices:...........................................................................................7
3.3 Geopolitical risk:..............................................................................................................7
3.4 Cross-site scripting:..........................................................................................................8
3.5 Mobile malware:...............................................................................................................8
4.0 Conclusion:..........................................................................................................................8
5.0 Recommendation:................................................................................................................9
6.0 References:.........................................................................................................................10
3EMERGING SECURITY THREATS
1.0 Introduction:
1.1 Background:
ABCT, an Australian technology company that specializes in delivering high tech
products that include hardware as well as software products. In not only Australia, but also it
has offices in overseas as well. Hence the company needs to manage services of two oversees
office as well.
1.2 Aim:
Hence, this report analysis the root cause of the security issues that are relevant to the
IT infrastructure of the company along with recommendation for developing security
measures for managing security threats due to cyber-crimes and illegal activities of the
hackers.
1.3 Scope:
The report specifically provides a detailed explanation of the concept of cyber-
security and describes why it is important for the company. This will give them a
comprehensive overview about the concept of cyber security and things they need to consider
while executing their business process through information system and technology for
enhancing efficiency of the overall business process.
This report has then analysed three important security vulnerabilities that is associated
with the information system of the ABCT Company. Explanation of the vulnerabilities is
based on research made on this topic analysing different literature in this context.
The next section includes discussion on five different types of emerging threats that
has potential to impact or influence security of the overall IT system of ABCT and thus might
compromise the security of the overall system as well.
While two section as described above have analysed different security aspect related
to the ABCT system, the report then includes a recommendation section, which describes
three techniques for protecting home and office from cyber-security threats.
The recommendation section is followed by a conclusion section, which provides the
findings of the overall report for effective analysis of the report.
1.0 Introduction:
1.1 Background:
ABCT, an Australian technology company that specializes in delivering high tech
products that include hardware as well as software products. In not only Australia, but also it
has offices in overseas as well. Hence the company needs to manage services of two oversees
office as well.
1.2 Aim:
Hence, this report analysis the root cause of the security issues that are relevant to the
IT infrastructure of the company along with recommendation for developing security
measures for managing security threats due to cyber-crimes and illegal activities of the
hackers.
1.3 Scope:
The report specifically provides a detailed explanation of the concept of cyber-
security and describes why it is important for the company. This will give them a
comprehensive overview about the concept of cyber security and things they need to consider
while executing their business process through information system and technology for
enhancing efficiency of the overall business process.
This report has then analysed three important security vulnerabilities that is associated
with the information system of the ABCT Company. Explanation of the vulnerabilities is
based on research made on this topic analysing different literature in this context.
The next section includes discussion on five different types of emerging threats that
has potential to impact or influence security of the overall IT system of ABCT and thus might
compromise the security of the overall system as well.
While two section as described above have analysed different security aspect related
to the ABCT system, the report then includes a recommendation section, which describes
three techniques for protecting home and office from cyber-security threats.
The recommendation section is followed by a conclusion section, which provides the
findings of the overall report for effective analysis of the report.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4EMERGING SECURITY THREATS
2.0 Explanation of CyberSecurity:
Cyber-security in simple terms refers to protecting system, networks and programs
from virtual threats that digital system has these virtual threats on digital platforms also
known as cyber-attacks is aimed at exploiting digital systems and network for accessing
various important data either for money or popularity or it might be sponsored by states
(Hwang, 2015). However, no matter what is the aim behind these cyber-crimes, it is equally
harmful for system and data security.
Innovation in technology has made a digital revolution and it has replaced manuals
systems with digital services and solutions (Zhou et al., 2017). Although it has increased
efficiency of the way data is accessed and applied for business for increasing revenue, it has
increased security threats as well.
Detailed analysis of the ABCT information shows that there are security threats for
the system and this need careful attention for developing appropriate security measures which
will help in securing important business and consumer data that is important for the business.
Hence, ensuring cybersecurity is not only important for the business, but for the
individual as well. Common types of cybersecurity are application security, hardware
security, network security, cloud security, Data Loss Prevention (DLP), Cryptography,
Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), Identity and
Access Management (IAM), and Antivirus/anti-malware (Abomhara, 2015). It is not that a
hacker will consider all of these options at once, rather it depends on the choice and type of
security vulnerabilities associated with the targeted system. Sometime a single technique is
enough for executing the plan, but sometime it might require application of different
techniques as mentioned here for execution of the strategy (Almorsy, Grundy & Müller,
2016). Hence, a single cyber-security plan is not enough, it need to consider different security
issues while designing the strategy for mitigating cyber-security issues.
2.1 Cyber Security and its Importance of its to ABCT:
2.1.1 Assessment of Security Vulnerabilities:
One thing in this context is important to consider that as companies are trying to
secure their information. They are also adopting smarter means to take advantages of the
vulnerabilities that the system has and then establish illegal access to important data that
violates security and privacy and this has made developing effective security policy and
2.0 Explanation of CyberSecurity:
Cyber-security in simple terms refers to protecting system, networks and programs
from virtual threats that digital system has these virtual threats on digital platforms also
known as cyber-attacks is aimed at exploiting digital systems and network for accessing
various important data either for money or popularity or it might be sponsored by states
(Hwang, 2015). However, no matter what is the aim behind these cyber-crimes, it is equally
harmful for system and data security.
Innovation in technology has made a digital revolution and it has replaced manuals
systems with digital services and solutions (Zhou et al., 2017). Although it has increased
efficiency of the way data is accessed and applied for business for increasing revenue, it has
increased security threats as well.
Detailed analysis of the ABCT information shows that there are security threats for
the system and this need careful attention for developing appropriate security measures which
will help in securing important business and consumer data that is important for the business.
Hence, ensuring cybersecurity is not only important for the business, but for the
individual as well. Common types of cybersecurity are application security, hardware
security, network security, cloud security, Data Loss Prevention (DLP), Cryptography,
Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), Identity and
Access Management (IAM), and Antivirus/anti-malware (Abomhara, 2015). It is not that a
hacker will consider all of these options at once, rather it depends on the choice and type of
security vulnerabilities associated with the targeted system. Sometime a single technique is
enough for executing the plan, but sometime it might require application of different
techniques as mentioned here for execution of the strategy (Almorsy, Grundy & Müller,
2016). Hence, a single cyber-security plan is not enough, it need to consider different security
issues while designing the strategy for mitigating cyber-security issues.
2.1 Cyber Security and its Importance of its to ABCT:
2.1.1 Assessment of Security Vulnerabilities:
One thing in this context is important to consider that as companies are trying to
secure their information. They are also adopting smarter means to take advantages of the
vulnerabilities that the system has and then establish illegal access to important data that
violates security and privacy and this has made developing effective security policy and
5EMERGING SECURITY THREATS
techniques challenging and organizations are finding it difficult as well (Puthal et al., 2015).
However, detailed assessment of existing security infrastructure in this context is extremely
important to identify impotent issues with the infrastructure and this will help in designing
efficient cyber-security measures.
2.1.2 Securing Virtual Private Network:
The computer services that is provided by the company is delivered through the
virtual private network and it is deployed in the main office located in Canberra. The VPN
service allows employees to work from home and for employees posted onsite, the company
also allows to bring their own devices including smartphone, tablet, and laptop under the
Bring Your Own Device (BYOD) policy (Downer & Bhattacharya, 2015). In order to ensure
effective access to data related to business and customer the company has opted for cloud
service.
2.1.3 Securing Hardware and Software Services:
However, the company has recently learned about a cyber-crime and according to the
company it has might exploited its important business data and hackers might have acquired
important consumer data as well. The company is worried about this as this according to the
company, will affect consumer viewpoint and they even might lose their loyal customer and
this will have a significant impact on the business process of the company as their
information system has already been exploited which has made it vulnerable to such types of
security exploitation (Hwang, 2015). Hence it is important for ABCT to ensure cyber-security
for their services including hardware and software services for enhancing consumer trust on
the organization and retain market position as consumer might not trust an organization who
does not have the capability to protect their data that that they provide to the organization.
2.2 Security Vulnerabilities in ABCT’s System:
2.2.1 VPN Vulnerability:
VPN service although provide security measures for data that is communicated
through this virtual network over the internet. However, it is important to know that although
VPN encrypts data for data security, the level of encryption is not same and it depends on the
various aspects such as vendor chosen, model of service and pricing of the system. Now it
completely depends on the service provider that how data is encrypted and how this
processed before it is sent to the destination. It might also happen that service provider might
techniques challenging and organizations are finding it difficult as well (Puthal et al., 2015).
However, detailed assessment of existing security infrastructure in this context is extremely
important to identify impotent issues with the infrastructure and this will help in designing
efficient cyber-security measures.
2.1.2 Securing Virtual Private Network:
The computer services that is provided by the company is delivered through the
virtual private network and it is deployed in the main office located in Canberra. The VPN
service allows employees to work from home and for employees posted onsite, the company
also allows to bring their own devices including smartphone, tablet, and laptop under the
Bring Your Own Device (BYOD) policy (Downer & Bhattacharya, 2015). In order to ensure
effective access to data related to business and customer the company has opted for cloud
service.
2.1.3 Securing Hardware and Software Services:
However, the company has recently learned about a cyber-crime and according to the
company it has might exploited its important business data and hackers might have acquired
important consumer data as well. The company is worried about this as this according to the
company, will affect consumer viewpoint and they even might lose their loyal customer and
this will have a significant impact on the business process of the company as their
information system has already been exploited which has made it vulnerable to such types of
security exploitation (Hwang, 2015). Hence it is important for ABCT to ensure cyber-security
for their services including hardware and software services for enhancing consumer trust on
the organization and retain market position as consumer might not trust an organization who
does not have the capability to protect their data that that they provide to the organization.
2.2 Security Vulnerabilities in ABCT’s System:
2.2.1 VPN Vulnerability:
VPN service although provide security measures for data that is communicated
through this virtual network over the internet. However, it is important to know that although
VPN encrypts data for data security, the level of encryption is not same and it depends on the
various aspects such as vendor chosen, model of service and pricing of the system. Now it
completely depends on the service provider that how data is encrypted and how this
processed before it is sent to the destination. It might also happen that service provider might
6EMERGING SECURITY THREATS
sent this data to other third party, which will definitely compromise the security of the data
(Zahadat et al., 2015). Hence, it is important to identify service provider based on their
popularity, service reliability and consumer reviews. Hence, it is recommended to choose
service provider based on their profiles. Along with that, it is also recommended to identity
the VPN technology that the service provider offers. It is recommended not to choose VPN
service that is offers torrenting, also known as peer-to-peer connection as it allows third party
other than the service provider who might install malicious software, which steals important
data. Hence, it is recommend choosing VPN service that offers end-to-end encryption, which
makes it difficult to access data without proper authorization.
2.2.2 BYOD Policy Vulnerability:
The company offers bring your own device to increase the workflow efficiency of the
employees. Employees access organizational database and network through their personal
devices. Now how these devices are secured completely depends on the employee themselves
and this is where there is security risk emerges. It is often seen that most of the time
employees shows very careless attitudes such as they do not log out from their system, do not
create strong password for their system, even they set passwords that are often easier to
identify and exploit as well. All these factors are taken into consideration, which lets hackers
take advantages of these security flaws. Due to these security flaws, it becomes easier for
hackers to have control over this devices that have access to the organizational database and
network. Hence, this becomes easier for them to access important data from the
organizational servers. All it requires is to enter into the system through these devices that
employees bring into the workplace and access work related software and services (Downer
& Bhattacharya, 2015). Hence, this presents and important security vulnerability that needs
proper assessment as it have significant impact on the overall security of the company and
thus it needs enhanced security protection for ensuring data security which is important for
ABCT for securing their business.
2.2.3 Cloud Computing Vulnerability:
As cloud computing security depends completely on the cloud service providers and
type of security measures they implement for their service is often not provided to the client
which makes it difficult to identify if there is any potential threats for the data that is stored
there. If cloud service opted by ABCT does not have enhanced access control techniques and
sent this data to other third party, which will definitely compromise the security of the data
(Zahadat et al., 2015). Hence, it is important to identify service provider based on their
popularity, service reliability and consumer reviews. Hence, it is recommended to choose
service provider based on their profiles. Along with that, it is also recommended to identity
the VPN technology that the service provider offers. It is recommended not to choose VPN
service that is offers torrenting, also known as peer-to-peer connection as it allows third party
other than the service provider who might install malicious software, which steals important
data. Hence, it is recommend choosing VPN service that offers end-to-end encryption, which
makes it difficult to access data without proper authorization.
2.2.2 BYOD Policy Vulnerability:
The company offers bring your own device to increase the workflow efficiency of the
employees. Employees access organizational database and network through their personal
devices. Now how these devices are secured completely depends on the employee themselves
and this is where there is security risk emerges. It is often seen that most of the time
employees shows very careless attitudes such as they do not log out from their system, do not
create strong password for their system, even they set passwords that are often easier to
identify and exploit as well. All these factors are taken into consideration, which lets hackers
take advantages of these security flaws. Due to these security flaws, it becomes easier for
hackers to have control over this devices that have access to the organizational database and
network. Hence, this becomes easier for them to access important data from the
organizational servers. All it requires is to enter into the system through these devices that
employees bring into the workplace and access work related software and services (Downer
& Bhattacharya, 2015). Hence, this presents and important security vulnerability that needs
proper assessment as it have significant impact on the overall security of the company and
thus it needs enhanced security protection for ensuring data security which is important for
ABCT for securing their business.
2.2.3 Cloud Computing Vulnerability:
As cloud computing security depends completely on the cloud service providers and
type of security measures they implement for their service is often not provided to the client
which makes it difficult to identify if there is any potential threats for the data that is stored
there. If cloud service opted by ABCT does not have enhanced access control techniques and
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7EMERGING SECURITY THREATS
dos not offer highest level of encryption, it is not easy to secure those data from the hackers
and hence this might be a possible vulnerabilities to the security of the data.
3.0 Five Different Types of Emerging Threats:
Here are the five different types of emerging threats that ABCT needs to consider:
3.1 Cryptojacking:
Cryptojacking also known as ransomeware, which is a new technique, considered by
hackers to hack data. Here basically, hackers get control over the target system and once
accessed is gained they encrypt all the important files and data that is important for the
organization and demands huge amount of money from the victim organization for
decrypting the files and data (Pandey & Misra, 2016). It is although a relatively new
technology it has created a huge impact throughout the world. Hence, this an important
emerging threat for which ABCT needs to prepare strategy for increasing the security of data
and organizational information worth millions.
3.2 Threats from the IoT devices:
In order to offer better services to the consumers, companies are considering
deploying IoT services with the existing organisational infrastructure. With these devices, it
is possible to communicate with the help of internet and control them as well. However,
while communicating with the employees or with the consumers, these devices collect
various information including personal and sensitive information as well which makes this
devices a prefered choice of the hackers (DiMase et al., 2015). As these devices have less
computational power along with low memory and storage, it is not possible to implement
sophisticated security techniques for securing these devices. Hence, these devices are easy to
exploit and access secure data that is not authorized and legal.
3.3 Geopolitical risk:
As ABCT is string their data in the cloud, they need to aware about geopolitical risk
which has emerged as an important cyber-security risk and this needs to be analysed properly
(Sen, 2015). As trough cloud service data is outsourced and stored in different geographical
locations, it brings geopolitical risk due to differences in storing and accessing data and this
makes it difficult to comply with the standard data regulation laws applicable in those nations
from where cloud service is acquired.
dos not offer highest level of encryption, it is not easy to secure those data from the hackers
and hence this might be a possible vulnerabilities to the security of the data.
3.0 Five Different Types of Emerging Threats:
Here are the five different types of emerging threats that ABCT needs to consider:
3.1 Cryptojacking:
Cryptojacking also known as ransomeware, which is a new technique, considered by
hackers to hack data. Here basically, hackers get control over the target system and once
accessed is gained they encrypt all the important files and data that is important for the
organization and demands huge amount of money from the victim organization for
decrypting the files and data (Pandey & Misra, 2016). It is although a relatively new
technology it has created a huge impact throughout the world. Hence, this an important
emerging threat for which ABCT needs to prepare strategy for increasing the security of data
and organizational information worth millions.
3.2 Threats from the IoT devices:
In order to offer better services to the consumers, companies are considering
deploying IoT services with the existing organisational infrastructure. With these devices, it
is possible to communicate with the help of internet and control them as well. However,
while communicating with the employees or with the consumers, these devices collect
various information including personal and sensitive information as well which makes this
devices a prefered choice of the hackers (DiMase et al., 2015). As these devices have less
computational power along with low memory and storage, it is not possible to implement
sophisticated security techniques for securing these devices. Hence, these devices are easy to
exploit and access secure data that is not authorized and legal.
3.3 Geopolitical risk:
As ABCT is string their data in the cloud, they need to aware about geopolitical risk
which has emerged as an important cyber-security risk and this needs to be analysed properly
(Sen, 2015). As trough cloud service data is outsourced and stored in different geographical
locations, it brings geopolitical risk due to differences in storing and accessing data and this
makes it difficult to comply with the standard data regulation laws applicable in those nations
from where cloud service is acquired.
8EMERGING SECURITY THREATS
3.4 Cross-site scripting:
In cross-site scripting, hackers considers business website through which they
executes malicious codes in the browser of the victim and this helps in accessing cookies that
is required for authentication and thus hackers are successful in hijacking the website and this
does not require any credentials (Botta et al., 2016). ABCT should consider this aspect as
well as an emerging threats.
3.5 Mobile malware:
As mobile devices are becoming increasingly powerful, application of mobile devices
are also becoming very popular (Hussein & Khalid, 2016). However, security management of
mobile devices are often very poor which increases the risk of the system being hacked and
access data that are confidential in nature which requires effective security management and
it is hence an emerging security threats for ABCT as they deploys BYOD services for its
employees. Hence, execution of malware in mobile devices is a potential threat in this
context.
4.0 Conclusion:
Hence, from the above discussion it can be conclude that cyber security is very much
important concept for the businesses and the organization in the case of security aspects.
ABCT Company has recently identified about the cyber-security threats that according to the
company might have compromised security of the data. It might have even accessed some of
its confidential data as well. Hence, the report has analysed different security vulnerabilities
that is relevant for IT system of ABCT. The assessment has identified different security
vulnerabilities such as security issue in VPN service, which has not discovered yet but it
might also contribute to other security threats as well. along with that, as company has
integrated BYOD services, it has various potential security issues such as employees not
logging out of system after they have completed their sessions and this might allow hackers
to get access to organizational database and server as this devices has accesses to these
resources. Hence, strong password for these devices is necessary to restrict illegal access to
these systems. Another important security threat that the company have right now is the
integration of cloud services with the organizational infrastructure. Although it enhances data
storage and data processing, it has security issues as well. Although technology has brought
various important services for organizations to enhance their business and ensure competitive
advantages. However, this brings some important security issues as well which is extremely
3.4 Cross-site scripting:
In cross-site scripting, hackers considers business website through which they
executes malicious codes in the browser of the victim and this helps in accessing cookies that
is required for authentication and thus hackers are successful in hijacking the website and this
does not require any credentials (Botta et al., 2016). ABCT should consider this aspect as
well as an emerging threats.
3.5 Mobile malware:
As mobile devices are becoming increasingly powerful, application of mobile devices
are also becoming very popular (Hussein & Khalid, 2016). However, security management of
mobile devices are often very poor which increases the risk of the system being hacked and
access data that are confidential in nature which requires effective security management and
it is hence an emerging security threats for ABCT as they deploys BYOD services for its
employees. Hence, execution of malware in mobile devices is a potential threat in this
context.
4.0 Conclusion:
Hence, from the above discussion it can be conclude that cyber security is very much
important concept for the businesses and the organization in the case of security aspects.
ABCT Company has recently identified about the cyber-security threats that according to the
company might have compromised security of the data. It might have even accessed some of
its confidential data as well. Hence, the report has analysed different security vulnerabilities
that is relevant for IT system of ABCT. The assessment has identified different security
vulnerabilities such as security issue in VPN service, which has not discovered yet but it
might also contribute to other security threats as well. along with that, as company has
integrated BYOD services, it has various potential security issues such as employees not
logging out of system after they have completed their sessions and this might allow hackers
to get access to organizational database and server as this devices has accesses to these
resources. Hence, strong password for these devices is necessary to restrict illegal access to
these systems. Another important security threat that the company have right now is the
integration of cloud services with the organizational infrastructure. Although it enhances data
storage and data processing, it has security issues as well. Although technology has brought
various important services for organizations to enhance their business and ensure competitive
advantages. However, this brings some important security issues as well which is extremely
9EMERGING SECURITY THREATS
important for the organizations to consider if they want to ensure that their business data is
safe and secured and this is not accessed by anyone who are not authorized to do so.
However, this is not easy as security vulnerabilities might come from different sources.
Hence, it is required to design an effective security policy that considers security threats from
various resources and incorporate those issues while designing the policy and security
strategies.
5.0 Recommendation:
In the below section some recommendation has been provided regarding security of
home and offices from various types of cyber security attacks.
For securing devices in BYOD environment, it is recommended to set a strong
password for securing devices as these devices are also targeted by the hackers to get
access to important data regarding employees, organizations and consumers as well.
For increasing security in the workplace, it is recommended to upgrade infrastructure
and software services for increasing security. Although this might seem very basic
step but it is often overlooked by most of the people, which increases risk of data theft
and data vulnerability significantly. Hence, this is an essential recommendation for
securing device and data in workplace.
In order to exploit system outsides business environment different techniques are
considered of which phishing attack is an important one. Here an link, is sent to the
target user in his or her email and once this link is clicked this executes a malicious
code, which steals personal data such as password, banking details including credit
card and debit card and other important information as well. hence it is recommended
not to click any link sent through email or message, especially if it is not from any
recognized sources and if it claims to offers any monetary benefits as these emails I
most of the cases are scams designed by hackers and cyber-criminals.
important for the organizations to consider if they want to ensure that their business data is
safe and secured and this is not accessed by anyone who are not authorized to do so.
However, this is not easy as security vulnerabilities might come from different sources.
Hence, it is required to design an effective security policy that considers security threats from
various resources and incorporate those issues while designing the policy and security
strategies.
5.0 Recommendation:
In the below section some recommendation has been provided regarding security of
home and offices from various types of cyber security attacks.
For securing devices in BYOD environment, it is recommended to set a strong
password for securing devices as these devices are also targeted by the hackers to get
access to important data regarding employees, organizations and consumers as well.
For increasing security in the workplace, it is recommended to upgrade infrastructure
and software services for increasing security. Although this might seem very basic
step but it is often overlooked by most of the people, which increases risk of data theft
and data vulnerability significantly. Hence, this is an essential recommendation for
securing device and data in workplace.
In order to exploit system outsides business environment different techniques are
considered of which phishing attack is an important one. Here an link, is sent to the
target user in his or her email and once this link is clicked this executes a malicious
code, which steals personal data such as password, banking details including credit
card and debit card and other important information as well. hence it is recommended
not to click any link sent through email or message, especially if it is not from any
recognized sources and if it claims to offers any monetary benefits as these emails I
most of the cases are scams designed by hackers and cyber-criminals.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10EMERGING SECURITY THREATS
6.0 References:
Abomhara, M. (2015). Cyber security and the internet of things: vulnerabilities, threats,
intruders and attacks. Journal of Cyber Security and Mobility, 4(1), 65-88.
doi:10.13052/jcsm2245-1439.414
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Botta, A., De Donato, W., Persico, V., & Pescapé, A. (2016). Integration of cloud computing
and internet of things: a survey. Future generation computer systems, 56, 684-700.
doi:10.1016/j.future.2015.09.021
DiMase, D., Collier, Z. A., Heffner, K., & Linkov, I. (2015). Systems engineering framework
for cyber physical security and resilience. Environment Systems and Decisions, 35(2),
291-300. doi:10.1007/s10669-015-9540-y
Downer, K., & Bhattacharya, M. (2015). BYOD security: A new business challenge. In 2015
IEEE International Conference on Smart City/SocialCom/SustainCom
(SmartCity) (pp. 1128-1133). IEEE. doi:10.1109/smartcity.2015.221
Hussein, N. H., & Khalid, A. (2016). A survey of cloud computing security challenges and
solutions. International Journal of Computer Science and Information Security, 14(1),
52. doi:10.1109/iccs.2012.6
Hwang, Y. H. (2015, April). Iot security & privacy: threats and challenges. In Proceedings of
the 1st ACM Workshop on IoT Privacy, Trust, and Security (pp. 1-1). ACM.
Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats in cybersecurity. Journal
of Computer and System Sciences, 80(5), 973-993. doi:10.1016/j.jcss.2014.02.005
Pandey, R. K., & Misra, M. (2016). Cyber security threats—Smart grid infrastructure.
In 2016 National Power Systems Conference (NPSC) (pp. 1-6). IEEE.
doi:10.1109/npsc.2016.7858950
Probst, C. W., Hunker, J., Bishop, M., & Gollmann, D. (Eds.). (2010). Insider threats in
cyber security (Vol. 49). Springer Science & Business Media. doi:10.1007/978-1-
4419-7133-3
6.0 References:
Abomhara, M. (2015). Cyber security and the internet of things: vulnerabilities, threats,
intruders and attacks. Journal of Cyber Security and Mobility, 4(1), 65-88.
doi:10.13052/jcsm2245-1439.414
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Botta, A., De Donato, W., Persico, V., & Pescapé, A. (2016). Integration of cloud computing
and internet of things: a survey. Future generation computer systems, 56, 684-700.
doi:10.1016/j.future.2015.09.021
DiMase, D., Collier, Z. A., Heffner, K., & Linkov, I. (2015). Systems engineering framework
for cyber physical security and resilience. Environment Systems and Decisions, 35(2),
291-300. doi:10.1007/s10669-015-9540-y
Downer, K., & Bhattacharya, M. (2015). BYOD security: A new business challenge. In 2015
IEEE International Conference on Smart City/SocialCom/SustainCom
(SmartCity) (pp. 1128-1133). IEEE. doi:10.1109/smartcity.2015.221
Hussein, N. H., & Khalid, A. (2016). A survey of cloud computing security challenges and
solutions. International Journal of Computer Science and Information Security, 14(1),
52. doi:10.1109/iccs.2012.6
Hwang, Y. H. (2015, April). Iot security & privacy: threats and challenges. In Proceedings of
the 1st ACM Workshop on IoT Privacy, Trust, and Security (pp. 1-1). ACM.
Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats in cybersecurity. Journal
of Computer and System Sciences, 80(5), 973-993. doi:10.1016/j.jcss.2014.02.005
Pandey, R. K., & Misra, M. (2016). Cyber security threats—Smart grid infrastructure.
In 2016 National Power Systems Conference (NPSC) (pp. 1-6). IEEE.
doi:10.1109/npsc.2016.7858950
Probst, C. W., Hunker, J., Bishop, M., & Gollmann, D. (Eds.). (2010). Insider threats in
cyber security (Vol. 49). Springer Science & Business Media. doi:10.1007/978-1-
4419-7133-3
11EMERGING SECURITY THREATS
Puthal, D., Sahoo, B. P. S., Mishra, S., & Swain, S. (2015). Cloud computing features, issues,
and challenges: a big picture. In 2015 International Conference on Computational
Intelligence and Networks (pp. 116-123). IEEE. doi:10.1109/cine.2015.31
Sen, J. (2015). Security and privacy issues in cloud computing. In Cloud Technology:
Concepts, Methodologies, Tools, and Applications (pp. 1585-1630). IGI Global.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber
security. computers & security, 38, 97-102. doi:10.1016/j.cose.2013.04.004
Zahadat, N., Blessner, P., Blackburn, T., & Olson, B. A. (2015). BYOD security engineering:
A framework and its analysis. Computers & Security, 55, 81-99.
doi:10.1016/j.cose.2015.06.011
Zhou, J., Cao, Z., Dong, X., & Vasilakos, A. V. (2017). Security and privacy for cloud-based
IoT: Challenges. IEEE Communications Magazine, 55(1), 26-33.
doi:10.1109/mcom.2017.1600363cm
Puthal, D., Sahoo, B. P. S., Mishra, S., & Swain, S. (2015). Cloud computing features, issues,
and challenges: a big picture. In 2015 International Conference on Computational
Intelligence and Networks (pp. 116-123). IEEE. doi:10.1109/cine.2015.31
Sen, J. (2015). Security and privacy issues in cloud computing. In Cloud Technology:
Concepts, Methodologies, Tools, and Applications (pp. 1585-1630). IGI Global.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber
security. computers & security, 38, 97-102. doi:10.1016/j.cose.2013.04.004
Zahadat, N., Blessner, P., Blackburn, T., & Olson, B. A. (2015). BYOD security engineering:
A framework and its analysis. Computers & Security, 55, 81-99.
doi:10.1016/j.cose.2015.06.011
Zhou, J., Cao, Z., Dong, X., & Vasilakos, A. V. (2017). Security and privacy for cloud-based
IoT: Challenges. IEEE Communications Magazine, 55(1), 26-33.
doi:10.1109/mcom.2017.1600363cm
1 out of 12
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.