Cybersecurity Report: Impact on Job Market and Business Strategy

Verified

Added on 2023/01/10

AI Summary

This report delves into the critical domain of cybersecurity, examining its profound influence on the job market and business strategies. It provides a comprehensive overview of cybercrime, its historical context, and the evolution of intrusion detection methods. The report explores the impact of emerging technologies like IoT and the role of regulatory bodies in addressing data breaches. It analyzes the general effects of cyber-attacks on businesses, including reputational, operational, and financial implications, alongside the level of awareness regarding these threats. The research methodology includes the use of secondary data from websites, journals, and surveys. The report further investigates new methods to mitigate risks, the importance of cybersecurity awareness, the implications of online exposure, and the use of personal devices and cloud computing. The findings highlight the need for new skills, shared responsibility, understanding threat actors, and effective awareness campaigns. The report concludes with policy recommendations, including ex-post and ex-ante regulations, and outlines potential areas for future research.

Changing the job market
and business strategy under
cyber security guidance

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Contents
Contents
Introduction.....................................................................................................3
1.1. Outline..............................................................................................6
Literature review.............................................................................................7
1.2. Cyber-crime......................................................................................7
1.3. The cyber security history................................................................8
1.4. Intrusion detection approaches.......................................................12
1.5. Exciting new technologies - IoT....................................................13
1.6. Maltese authorities for cyber security and data breach..................15
Research methodology..................................................................................17
Research Analysis.........................................................................................19
1.7. General effects of cyber-attacks – an insight from business
management perspective (reputational, operational, process disruptions….).....19
1.8. Level of awareness of cyber-attacks implications on business
performances.......................................................................................................19
1.9. New methods to mitigate the risk of the lack of knowledge required
for a successfully implementation of cyber security within public and private
entities 19
1.10. Cyberattack – national disaster. Case of – Malta, Iran, USA........20
1.11. Financial implications of having an attack in cyber security. From
Business point of view.........................................................................................24
1.12. Business awareness and attitude towards cyber security...............28
1.13. Online exposure and protection knowledge...................................29
1.14. Use of personal devices..................................................................32
1.15. Use of externally hosted web service ( cloud computing).............32

1.16. Business perception of conflicting advice.....................................33
1.17. Business perception of importance of cyber security....................34
Findings and Conclusions.............................................................................37
Recommendations.........................................................................................40
1.18. New skills – Three solutions.........................................................40
1.19. Cybersecurity – a shared responsibility.........................................42
1.20. Understanding cyber threats actors................................................43
1.21. Awareness – Awareness campaigns..............................................48
1.22. Policy.............................................................................................49
1.22.1. Ex-post Regulations....................................................................50
1.22.2. Ex-ante Regulations....................................................................51
1.22.3. Maltese policies and regulatory framework................................52
Future Works.................................................................................................54

List of Figures
List of Tables
List of Abbreviations
GDPR – General Data Pro….
IoT Internet of Things
WSN Wireless Sensor Networks
SBNL security breach notification laws
cybercrime-as-a-service (CaaS)
Introduction
The topic which has been selected for this research is cyber security. It is
one of the most important topic which needs to be explored in today’s time.
Cybersecurity is important because it encompasses everything that pertains to
protecting our sensitive data, personally identifiable information (PII), protected
health information (PHI), personal information, intellectual property, data, and
governmental and industry information systems from theft and damage

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

attempted. Most of the organizations making use of internet makes sure that the
personal and private data of employees are been protected so that the trust exists
upon them.
I was really motivated to the project and find the end results on subject
matter. At first I was really anxious but then my seniors and my tutor supported
me. This has helped me in overcoming the problems which I faced during
making of report. Since the internet is being used in day to day life the chances
of cyber-attack is been increasing. This is one of the major problem which has
been faced in today’s time. The objective of the report is to analyze the
importance of cybersecurity so that cyber-attack incidences are been reduced.
There are various research methods which has been used in the research. Like
secondary information has been collected from the websites, journal articles,
blogs, books and journals. It was really easy for me to collect the information
from these sources. The advantage of using this research method was that it
saved lots of time. Reliable and authentic information has been gathered with
the help of these sources. The data was also collected by making use of The
Ipsos 2019 survey websites. The primary method of data collection was also
being used. This paper will consist of the introduction related to subject matter.
It will also provide literature review for the same. In this theoretical framework
related to the subject matter will be discussed. It will also provide the details
about the research methods which are being used.
- Importance of the topic (research)
- Your motivation (Statement of the problem)
- Objective
- Short research methods (how you did it)
- Short description of the research paper structure

In this chapter, we will explain the problem definition and demonstrate the
methodology, objectives of our study, then, briefly mention the contributions.
Finally, we will outline the structure.
Since the encroachment of Internet into day to day lives of common people,
cyber-attacks have become inevitable. This inevitability of getting attacked, has
revolutionized the way people think about security and the rules and methods to
safeguard the business and national security.
(Quereshi S, 2003) observed that more and more the development rate in the
information technology sector is much higher than the other sectors of the world.
The increase in information technology development rate underlines the fact that
people need to build up its resources of skills, awareness and experience. The
transfer of technology has been a concern of development experts for over two
decades. The concern observed is between various nationalities and in some
countries between their own North and South territories.
The need of information technology is felt in every part of our lives and
important for us as the food is for humankind. (Johansson, 2018). The increasing
globalization of world economies is being fueled by a number of Information
technology infrastructure and applications. Without information technology some
of the services we have taken for granted would not exist. In 1995, only 1% of the
world’s population was online. Nowadays, fast forward 20 years, more than 3.5
billion people have internet connection, almost half of the humans on the planet.
The rate is increasing by approximately 10 people a second, making it now
virtually impossible to imagine life without internet (Nuwer, 2017). The UK’s
office for National statistics reported that nearly 93% of adults surveyed in UK
said that had used the internet in the previous three months. (ONS UK, May 2019).
This shows that almost all every person is using the internet and people belonging

from every age group are engaged in using internet. This way the concept of cyber
security has become a big part of the security debate very quickly.
This work is set to analyze the concept of cyber security and the current
discourse which is used to frame the threats that are coming from various sectors.
The main question of the dissertation is therefore “What is the awareness level and
what are the implications of the gap between actual and perceived cyber threats to
various Maltese organizations and how does this gap influence the understanding
of cyber security concept?”. Following chapters will compare Maltese and foreign
companies….
The methodology used to answer the above questions was mainly obtained
by conducting a survey on the Internet via email, social media and through web-
based questionnaires such as Web monkey, by sending the web survey’s URL link
via email and social media. The internet provides various opportunities to conduct
surveys more efficiently and effectively than traditional ones. Web based surveys
provide opportunities to improve the quality of survey data which postal mail
survey cannot achieve. Few advantages of Web based surveys over the traditional
postage are that web survey applications can check the completeness of each reply
after each submission without the need of human intervention. The study also
suggests that the web-based questionnaires are of great potential value for a
research. In fact, the study shows that 90% of the users preferred to reply to the
questionnaire via the Web then the traditional way (Zhang, 2000).
1.1. Outline
This thesis is organized into seven chapters. The first chapter provides brief
introduction to thesis and explanation of its methodology. Then:
Chapter 2

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

I structured the research focused on this chapter 3 more specialized on …….
Literature review
1.2. Cyber-crime
Cyber security has emerged as a response to technological innovations and
their involvement in changing the approach of economic, geographical and
political development (Hansen, Nissen Baum, 2009). The term cyber security is
often used interchangeably with the term information security (Von Solms, Von
Niekerk, 2013). The definition of cyber-crime given by Fomenko A in 2014 was
that Cyber Crime can be defined as the unlawful acts where the computer is used
wither as a tool or a target or both. Cybercrime is a broad term that is used to
define criminal activity in which computers or computer networks are tool, a target
or a place of criminal activity and is no doubt that it is the most rapidly
accelerating kinds of crime today. The term is a general term that covers crimes
like phishing, credit card frauds, bank robbery, illegal downloading, industrial
espionage, the circulation of pictures pertaining to child sexual abuse, scams
mainly operating through electronic mail, kidnapping children via chatrooms,
cyber terrorism, creation and distribution of virus, fraud involving online auctions ,
misusing financial services available on the internet.
Cyber threats have been a major issue for politicians and security experts
from the mid-1990s. President Obama on NYTimes in 2009 reported that the
defense and military networks are under constant attack by Alqeda and other
terrorist groups. He also described that attacks in today’s world are not only from a
few extremists in suicide vests using information technology as a weapon of mass

destruction (NYTimes, 2009). President George W. Bush said in 2003 that
“securing cyberspace is an extraordinarily difficult strategic challenge” (Lemos,
R., 2003). The guardian in Jan 2020 reported that the killing of Qassem Suleimani
increased the possibility that Iran will retaliate severely and the blow back could
come in the form of cyber-attack on critical infrastructure sectors such as power
grid, healthcare facilities, banks and communications networks (Guardian, 2020).
However, the research of the topic within the security studies field is rather limited
for both businesses and national security. The main reason is details about the
threat is restricted since a cyber-attack news may jeopardize the brand for
businesses and the reputation of a country. After the cyber-attacks against Estonia
which were officially considered as the world’s first cyber war, cyber security
topic once again got its importance in 2007. Most Estonia’s government’s
websites were put offline at once and governmental services were at halt. Prior this
incident, cyber attacks were not considered as a threat to the citizens and was not
considered as an offence and an attack on a member state of the NATO. Should the
attack have been a physical attack NATO could have activated the collective
defense policy under Article 5, however the cyber attack was not clear if a state
could legitimately respond to the cyber-attack. In 2016 and in response to this
attack NATO organized the largest cyber defense exercise in Estonia named as
Cyber Coalition 2016. The three-day event attracted more than 700 participants
consisting of legal experts, government officials, industry representatives and
academics coming from locations across the NATO partner nations (e-
Estonia,2018).
1.3. The cyber security history

The Cyber security history issues begins in 1970s with a project called The
Advanced Research project Agency Network (ARPANET). The program appeared
inside the project and was named Creeper fallowing the printed massages left
behind: I’m the Creeper: Catch m if you can (Murphey, 2019). That was the
world’s first hacker. Once the internet starts to be open to the public (1990s), more
and more people started to use computers, and add their personal information on
them and sharing it on the internet too. This was the time when organized crime
entities took this opportunity get more financial resources, stealing data and money
from individual, businesses and governments. By mid of 1990s, in order to protect
the people and the government against all this whipped, NSA create the first
firewall.
Over the year, due to the continue improving the technologies, hacking
become more complicated. New and new cases of cyber-attack risen, such as:
Snowden & The NSA, 2013 (a former CIA copied and leaked classified information
from NSA); Yahoo 2013-2014 (hackers broke into Yahoo, jeopardizing the
accounts and personal information of all their 3 million users); WannaCry, 2017
(known as ransomworm – targeted computers running the Microsoft Windows
operating systems and demanded ransom payments in the Bitcoin cryptocurrency),
(Murphey, 2019). All this was possible because, while there are significant
advances in information technology and infrastructure which offer new
opportunities, cyberspace is still far from completely secured (Shiva et. al., 2010).
In the present time, cyber-attack can appear as: Phishing (it is the practice of
sending fraudulent emails that resemble emails from reputable sources, with the
scope to steal sensitive personal data); Ransomware (it is a practice to extort
money by blocking access to files or the computer system until the ransom is paid);
Malware aims to gain unauthorized access or to cause damage to a computer;
Social engineering (which comes a tactic that adversaries use to trick you into

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

revealing sensitive information). In the current life, there are also other two types
of cyber-attack, used for obtaining access to the system, like: Man-in-the-
Middle (which is a cyber-attack where the data to be exchanged between
communicating parties is compromised by an attacker), and Brute Force (where
the attacker tries guessing system access credentials like passwords). Mad ware or
also called as mobile adware, interrupts the customer experience and can uncover
location detail, device identifiers and contact information to cybercriminals.
Mobile adware gossips indiscreetly on a user device when they download an app –
habitually send automatic alerts to the notification bar, modify browser settings,
increase icons, spams user with unwanted ads and collects personal information
(Hughes, 2013). Avast’s threat Lab’ research reported that adware on mobiles now
accounts for 72% of all mobile malware and increasingly growing significantly in
the past years, growing its share of mobile malware on Android smartphones by
38%. Mobile users get infected with mobile adware through apps that appear
completely harmless but sneakily download executable files and run malicious
activities in the background. These executable files enable these cyber criminals to
make profit off ad clicks and sometimes even subscribe users to premium accounts
without the knowledge of user (Verdict, 2020). With the advances in information
technology, criminals are using cyberspace to commit numerous cyber-crimes
(Mosteanu and Galea, 2020). Anything which is using IT infrastructure is highly
vulnerable to intrusions and other threats. Physical devices and human intervention
are not enough for monitoring and protection of these infrastructures; hence, there
is a need for more sophisticated cyber defense systems that need to be flexible,
adaptable and robust, and able to detect a wide variety of threats and make
intelligent real-time decisions (Dilek et. Al., 2015). During the journey of this
present research, we consider that Artificial Intelligence can and will play an
important role in cybercrime detection and prevention.

Matijasevic and Jelena (2014) describe a procedure that can be used to end
on the cyber-crime is a global problem just like terrorist activities, since the
repercussions of the cybercrime affect the whole world. Thus, the authors all for
the global response towards this new offense. The author also mentioned that
different countries have different technology capabilities. The developed nations
have better latest technology and thus are in a better position to identify the
individuals that are associated with the cybercrimes. On the other hand,
underdeveloped countries are the consumers of the computer products that are
produced by developed nations. However, the developed nations are seeking to
expand their business activities to the growing nations. Thus, the threat caused by
cybercrimes affects all the stakeholders.
In cyber world conflicts between organization, individuals and nations are
going to play a vital role. Cyber strategies will remain in use by organized
individual groups or nations in an endeavor to damage or rescind the protected
information or funds of its targets (Hughes, 2013). We will see the cyber alike of
sabre rapid-fire, in 2019, where organizations, nation states and even individual
groups would use cyber-attacks to show their power and would send a message.
The use of computer varies from one person to another and from one place
to the other. Programs that are used and designed for domestic use or used at home
are different from the ones designed for industrial use (Dahbur et al, 2017). Most
of the time people using computers for different tasks do not know about the virus
that can affect their system at any given time. Thus, some users fail to understand
what is going on with their computers when they fail to function as required. For
example, students taking different subjects at school could be using the computer
to work on an essay, draw with acad or do research work (Kshetri, 2010). In
addition, people with small businesses could be using their computers to list the