IT Security: Potential Threats, Organizational Impact, and Security Framework
VerifiedAdded on  2023/06/04
|6
|1110
|302
AI Summary
This report proposes a better IT security plan for Belsure Company by discussing potential security threats, organizational impact, and security framework. Measures like frequent password changes, licensed software, antivirus, and biometric identification are suggested.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: IT SECURITY
Name of the Student
Name of the University
Author Note
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1IT SECURITY
Introduction
The report mainly discusses on proposing the better IT security in Belsure Company. The
Belsure has been a recent launched ICT company who has been looking for a flourishing and
a profitable future. The company unaware of the threats and security risk wanted to create a
security plan in order to encounter these threats1 and provide better understanding about the
basics of the organization.
Potential Security Threats
The potential security2 that are faced by the organisation are given by the organisation are as
follows:
Malicious damage:
1. Shoulder surfing: the internal breach in an organisation through shoulder surfing and
piggybacking. The data breach can cause minimal damage to major damage. The
shoulder surfing is said to be done when the details or data of one user is used by
another user without permission. Example: Facebook access through others
passwords,
2. Hacking: the unauthorised access to any data, the company can face this threat
externally or internally. The damage can just be small password to huge sensitive data
and information that can hamper organization effectively. Example: Game of thrones
hacking.
1 Roman, Rodrigo, Javier Lopez, and Masahiro Mambo. "Mobile edge computing, fog et al.: A survey and
analysis of security threats and challenges." Future Generation Computer Systems 78 (2018): 680-698.
2 Beberlein, L. T., G. Dias, K. N. Levitt, B. Mukherjee, and J. Wood. "Network attacks and an Ethernet-based
network security monitor." (2017).
Introduction
The report mainly discusses on proposing the better IT security in Belsure Company. The
Belsure has been a recent launched ICT company who has been looking for a flourishing and
a profitable future. The company unaware of the threats and security risk wanted to create a
security plan in order to encounter these threats1 and provide better understanding about the
basics of the organization.
Potential Security Threats
The potential security2 that are faced by the organisation are given by the organisation are as
follows:
Malicious damage:
1. Shoulder surfing: the internal breach in an organisation through shoulder surfing and
piggybacking. The data breach can cause minimal damage to major damage. The
shoulder surfing is said to be done when the details or data of one user is used by
another user without permission. Example: Facebook access through others
passwords,
2. Hacking: the unauthorised access to any data, the company can face this threat
externally or internally. The damage can just be small password to huge sensitive data
and information that can hamper organization effectively. Example: Game of thrones
hacking.
1 Roman, Rodrigo, Javier Lopez, and Masahiro Mambo. "Mobile edge computing, fog et al.: A survey and
analysis of security threats and challenges." Future Generation Computer Systems 78 (2018): 680-698.
2 Beberlein, L. T., G. Dias, K. N. Levitt, B. Mukherjee, and J. Wood. "Network attacks and an Ethernet-based
network security monitor." (2017).
2IT SECURITY
3. SQL Injection: the malicious code if injected can abruptly damage the application and
the database. Example: SQl payload injection
4. Identity theft: Using the others id to access any sort of data is called identity theft.
Example: the financial data loss in banks through sensitive data breach.
Threats related to E Commerce:
1. Cloud breach: the data breach that occurs through unauthorised access of the
information that is store in the cloud. The cloud breach is the worst threat that can
hamper the organization. Example: Uber data breach causing damage of 100
2. Ransom ware: The ransom ware is the malware that gain access to the system or the
application and denies the services to the user until the one pays a ransom. Example:
WannaCry.
3. Counterfeit Goods: The goods that are not bought through the authorised access of the
system are highly prone to the security threats the system may contain the viruses ,
malware or worms that could hamper the computer system or can cause breach to the
system.
Organizational impact:
The organizational impact can be caused by security issue can be minor as well as major the
data breach can disrupt or misused to the system to potentially damage the organization.
There have been recent cases like uber cloud bleed and wannacry that have shown that there
is not just loss of data but also the physical harm and loss of life. The hacking and data breach
have incurred a huge loss to finance as well. The ransom ware just denies the access, but
there can be chances that leaking of sensitive information.
3. SQL Injection: the malicious code if injected can abruptly damage the application and
the database. Example: SQl payload injection
4. Identity theft: Using the others id to access any sort of data is called identity theft.
Example: the financial data loss in banks through sensitive data breach.
Threats related to E Commerce:
1. Cloud breach: the data breach that occurs through unauthorised access of the
information that is store in the cloud. The cloud breach is the worst threat that can
hamper the organization. Example: Uber data breach causing damage of 100
2. Ransom ware: The ransom ware is the malware that gain access to the system or the
application and denies the services to the user until the one pays a ransom. Example:
WannaCry.
3. Counterfeit Goods: The goods that are not bought through the authorised access of the
system are highly prone to the security threats the system may contain the viruses ,
malware or worms that could hamper the computer system or can cause breach to the
system.
Organizational impact:
The organizational impact can be caused by security issue can be minor as well as major the
data breach can disrupt or misused to the system to potentially damage the organization.
There have been recent cases like uber cloud bleed and wannacry that have shown that there
is not just loss of data but also the physical harm and loss of life. The hacking and data breach
have incurred a huge loss to finance as well. The ransom ware just denies the access, but
there can be chances that leaking of sensitive information.
3IT SECURITY
Security framework
In order to encounter the threats, the following measures can be taken:
1. The employees of the company should be instructed to make changes in their
passwords frequently.
2. There must be licensed and original software used for work must be installed in the
company.
3. There must be proper antivirus and other security framework to check the potential
outputs to the organization.
4. There must be knowledge about the proper network ethics should be given to the
organization.
5. The organization must have biometric identification3 like fingerprints or retinal scan
installed to ensure the data security and authorised access of data in and within
organization.
Security and Network Features
The following features are discussed so that the stakeholders of the organisation has a brief
idea about the organisation.
1. Encryption: the encryption is the most important feature that can create a defence
against the threat the encryption helps in private access of data that could only be
accessed if there is a private or a public key4. The private and public key are the
digital signatures that is used to access information about the system.
3 White, Gregory B., Eric A. Fisch, and Udo W. Pooch. Computer system and network security. CRC press,
2017.
4 Chen, Gaojie, Yu Gong, Pei Xiao, and Jonathon A. Chambers. "Physical layer network security in the full-
duplex relay system." IEEE transactions on information forensics and security 10, no. 3 (2015): 574-583.
Security framework
In order to encounter the threats, the following measures can be taken:
1. The employees of the company should be instructed to make changes in their
passwords frequently.
2. There must be licensed and original software used for work must be installed in the
company.
3. There must be proper antivirus and other security framework to check the potential
outputs to the organization.
4. There must be knowledge about the proper network ethics should be given to the
organization.
5. The organization must have biometric identification3 like fingerprints or retinal scan
installed to ensure the data security and authorised access of data in and within
organization.
Security and Network Features
The following features are discussed so that the stakeholders of the organisation has a brief
idea about the organisation.
1. Encryption: the encryption is the most important feature that can create a defence
against the threat the encryption helps in private access of data that could only be
accessed if there is a private or a public key4. The private and public key are the
digital signatures that is used to access information about the system.
3 White, Gregory B., Eric A. Fisch, and Udo W. Pooch. Computer system and network security. CRC press,
2017.
4 Chen, Gaojie, Yu Gong, Pei Xiao, and Jonathon A. Chambers. "Physical layer network security in the full-
duplex relay system." IEEE transactions on information forensics and security 10, no. 3 (2015): 574-583.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4IT SECURITY
2. Handshaking: the techniques help in ensuring the safety of data by sending a message
when a signal is being sent and received.
3. Intruder detection: there are certain software that detects the software threats like
malware, virus and worm. Any potential threat could be detected by the organization
4. Firewall: the firewall framework makes sure that system can access only the secure
software.
2. Handshaking: the techniques help in ensuring the safety of data by sending a message
when a signal is being sent and received.
3. Intruder detection: there are certain software that detects the software threats like
malware, virus and worm. Any potential threat could be detected by the organization
4. Firewall: the firewall framework makes sure that system can access only the secure
software.
5IT SECURITY
Bibliography
Beberlein, L. T., G. Dias, K. N. Levitt, B. Mukherjee, and J. Wood. "Network attacks and an
Ethernet-based network security monitor." (2017).
Chen, Gaojie, Yu Gong, Pei Xiao, and Jonathon A. Chambers. "Physical layer network
security in the full-duplex relay system." IEEE transactions on information forensics and
security 10, no. 3 (2015): 574-583.
White, Gregory B., Eric A. Fisch, and Udo W. Pooch. Computer system and network
security. CRC press, 2017.
Roman, Rodrigo, Javier Lopez, and Masahiro Mambo. "Mobile edge computing, fog et al.: A
survey and analysis of security threats and challenges." Future Generation Computer
Systems 78 (2018): 680-698.
Bibliography
Beberlein, L. T., G. Dias, K. N. Levitt, B. Mukherjee, and J. Wood. "Network attacks and an
Ethernet-based network security monitor." (2017).
Chen, Gaojie, Yu Gong, Pei Xiao, and Jonathon A. Chambers. "Physical layer network
security in the full-duplex relay system." IEEE transactions on information forensics and
security 10, no. 3 (2015): 574-583.
White, Gregory B., Eric A. Fisch, and Udo W. Pooch. Computer system and network
security. CRC press, 2017.
Roman, Rodrigo, Javier Lopez, and Masahiro Mambo. "Mobile edge computing, fog et al.: A
survey and analysis of security threats and challenges." Future Generation Computer
Systems 78 (2018): 680-698.
1 out of 6
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.