CC7178 Cyber Security Management: Risk and Security Report
VerifiedAdded on 2022/09/15
|13
|3762
|24
Report
AI Summary
This technical report focuses on Cyber Security and Risk Management (CSRM), exploring the importance of cybersecurity in the modern digital era. The report begins with an introduction to CSRM, followed by a comprehensive literature review that examines the evolution of technology and its imp...
Running Head: CSRM
0
Cyber Security and Risk Management
CC7178 CYBER SECURITY MANAGEMENT
(Student Details: )
4/12/2020
0
Cyber Security and Risk Management
CC7178 CYBER SECURITY MANAGEMENT
(Student Details: )
4/12/2020
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
CSRM 1
Contents
Abstract......................................................................................................................................2
CyberSecurity and Risk Managment.........................................................................................3
Introduction................................................................................................................................3
Literature Review.......................................................................................................................3
Understanding of the topic and critical analysis........................................................................5
Identification of issues and use of examples..............................................................................7
Real-life Examples.................................................................................................................7
Conclusion and Recommendations............................................................................................8
References................................................................................................................................10
Contents
Abstract......................................................................................................................................2
CyberSecurity and Risk Managment.........................................................................................3
Introduction................................................................................................................................3
Literature Review.......................................................................................................................3
Understanding of the topic and critical analysis........................................................................5
Identification of issues and use of examples..............................................................................7
Real-life Examples.................................................................................................................7
Conclusion and Recommendations............................................................................................8
References................................................................................................................................10
CSRM 2
Abstract
The research is mainly focused on researching the area of CyberSecurity and Risk
Management (hereinafter referred to as CSRM). In doing so, the paper has included the
interpretation of CSRM while introducing the cybersecurity in general. Literature review
based on past useful pieces of evidence has been conducted on CSRM. Majorly, this research
is going to identify how technology has developed in this era and how Information
Technology (IT) and (IS), is playing a key role in the field of global business development.
The discussion has included an in-depth understanding of CSRM while demonstrating critical
analysis too. In addition to that, the report has attempted to identify key issues as well as the
use of real-life examples based on case studies. Based on research conducted in this paper, it
has been found that cybersecurity is the security of internet-based processes and information
available on the internet which is confidential and important. The CSRM is necessary from
the perspective of increased rate and prevalence of cybercriminals, hackers and other people
who breach security for their reasons. Thus, the research has reviewed useful literature on the
topic of CSRM while identifying the gaps in the literature. In this way, based on identified
issues, security concerns, critical analysis, and challenges related to CSRM, the paper has
provided key future recommendations at the end of the research report. Lastly, key learning
and findings have been summarized in the later section of the paper.
Abstract
The research is mainly focused on researching the area of CyberSecurity and Risk
Management (hereinafter referred to as CSRM). In doing so, the paper has included the
interpretation of CSRM while introducing the cybersecurity in general. Literature review
based on past useful pieces of evidence has been conducted on CSRM. Majorly, this research
is going to identify how technology has developed in this era and how Information
Technology (IT) and (IS), is playing a key role in the field of global business development.
The discussion has included an in-depth understanding of CSRM while demonstrating critical
analysis too. In addition to that, the report has attempted to identify key issues as well as the
use of real-life examples based on case studies. Based on research conducted in this paper, it
has been found that cybersecurity is the security of internet-based processes and information
available on the internet which is confidential and important. The CSRM is necessary from
the perspective of increased rate and prevalence of cybercriminals, hackers and other people
who breach security for their reasons. Thus, the research has reviewed useful literature on the
topic of CSRM while identifying the gaps in the literature. In this way, based on identified
issues, security concerns, critical analysis, and challenges related to CSRM, the paper has
provided key future recommendations at the end of the research report. Lastly, key learning
and findings have been summarized in the later section of the paper.
CSRM 3
CyberSecurity and Risk Management
Introduction
The technical report is mainly focused on the topic of CyberSecurity and Risk management
(CSRM). In this context, the topic area of interest for writing this report is CSRM because, in
this era of modern technologies and digital innovation, awareness regarding cybersecurity has
become essential. Thus, the report is going to introduce the topic of CSRM in detail while
reviewing the literature on the topic mentioned so that readers can get the previous research
outcomes and an overview of the topic. In general, CSRM is all about researching, studying,
understanding, managing, controlling as well as mitigating cyber risks all across an
organization (Financier Worldwide Magazine, 2019). In this era, modern organizations
mostly rely on information technology (IT) and information systems (IS) for doing efficient
business, thus so many inherent risks are involved in the use of IT and IS in the business
today (Continuum, 2019).
In addition to that, the paper is going to present a detailed analysis of its technical content in-
depth while looking at all related issues concerned. Thus, the research report will demonstrate
in-depth knowledge of CSRM (Brown et al., 2012). The study will also include real-life
examples and case studies, like an organization’s cybersecurity management, information
security risk assessment, information security toolkit uses, and firewall security policy
design. After reviewing the literature, the research report will demonstrate an understanding
of the chosen topic along with the critical analysis. Moreover, the identification of key issues
related to CSRM will be highlighted while supported by examples (Weber, 2016).
Literature Review
Background
In the digital era, the whole global society has become more technologically reliant than ever
before (The Economic Times, 2018). The technology use is being increased day-by-day and
there is no prediction that technological trends will get slow in the future. Thus, in such a
situation cybersecurity is significantly needed with the rise of technological innovations
(Kizza, 2009). Cybersecurity is required because personal data of human beings and
organizations could result in identity theft which is now posted to social media and other
CyberSecurity and Risk Management
Introduction
The technical report is mainly focused on the topic of CyberSecurity and Risk management
(CSRM). In this context, the topic area of interest for writing this report is CSRM because, in
this era of modern technologies and digital innovation, awareness regarding cybersecurity has
become essential. Thus, the report is going to introduce the topic of CSRM in detail while
reviewing the literature on the topic mentioned so that readers can get the previous research
outcomes and an overview of the topic. In general, CSRM is all about researching, studying,
understanding, managing, controlling as well as mitigating cyber risks all across an
organization (Financier Worldwide Magazine, 2019). In this era, modern organizations
mostly rely on information technology (IT) and information systems (IS) for doing efficient
business, thus so many inherent risks are involved in the use of IT and IS in the business
today (Continuum, 2019).
In addition to that, the paper is going to present a detailed analysis of its technical content in-
depth while looking at all related issues concerned. Thus, the research report will demonstrate
in-depth knowledge of CSRM (Brown et al., 2012). The study will also include real-life
examples and case studies, like an organization’s cybersecurity management, information
security risk assessment, information security toolkit uses, and firewall security policy
design. After reviewing the literature, the research report will demonstrate an understanding
of the chosen topic along with the critical analysis. Moreover, the identification of key issues
related to CSRM will be highlighted while supported by examples (Weber, 2016).
Literature Review
Background
In the digital era, the whole global society has become more technologically reliant than ever
before (The Economic Times, 2018). The technology use is being increased day-by-day and
there is no prediction that technological trends will get slow in the future. Thus, in such a
situation cybersecurity is significantly needed with the rise of technological innovations
(Kizza, 2009). Cybersecurity is required because personal data of human beings and
organizations could result in identity theft which is now posted to social media and other
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
CSRM 4
public accounts. In addition to that, various kinds of sensitive information such as credit card
information, social security numbers, and bank account details are being stowed in online
cloud storage services such as Google Drive, iCloud and Dropbox (Jansen, 2011). Thus, in
any case; be it an individual, large multinational, small business, a person rely on computer
systems for their everyday activities. With the rise in cloud services, smartphones and the
Internet of Things (IoT), a poor cloud service security has been seen these days. Therefore,
there are a lot of cybersecurity threats which were not existing a few decades ago. In this
way, cybersecurity and risk management are important to be studied and implemented (Lee,
2017). CSRM often encompasses several factors for protecting sensitive data, protected
health information (PHI), personal information, personally identifiable information (PII),
intellectual property, data, as well as IS of governmental and industry. Thus, by protecting all
of the above information, CSRM protects humans from theft and damage attempted by the
cybercriminals and hackers (Liu et al., 2018).
What is CyberSecurity and Risk Management
In general, cybersecurity refers to the practice of protecting elements like computer systems,
programs and networks from cyber or digital attacks (Shabani, 2017). In this context, such
cyberattacks are objected to accessing, altering, or destroying important sensitive
information. According to (Weber, 2016), cybersecurity provides protection against hackers
which extorts money from users while interrupting usual business processes (Schwartz,
2018).
On the other hand, a cyber-risk assessment in an organization is the risk management strategy
made for assessing and evaluating the cyber risks form the cybercriminals (Chang &
Ramachandran, 2015). As we know, modern organizations typically rely on IS and IT
systems to conduct their business hence cyber risks assessment and management are
conducted to protect the everyday business from cybercriminals and other hackers (Stallings
et al., 2012).
According to (Bendovschi, 2015), cybercriminals of the millennial generation have become
more intelligent and sophisticated, while evolving their target. Cyber attackers are also
changing the way how they impact organizations as well as the methods of attack for diverse
network security systems (Picanso, 2010). Thus, the study suggested that information theft is
one of the expensive and fastest-growing segments of cybercrime in the digital age. Thus,
public accounts. In addition to that, various kinds of sensitive information such as credit card
information, social security numbers, and bank account details are being stowed in online
cloud storage services such as Google Drive, iCloud and Dropbox (Jansen, 2011). Thus, in
any case; be it an individual, large multinational, small business, a person rely on computer
systems for their everyday activities. With the rise in cloud services, smartphones and the
Internet of Things (IoT), a poor cloud service security has been seen these days. Therefore,
there are a lot of cybersecurity threats which were not existing a few decades ago. In this
way, cybersecurity and risk management are important to be studied and implemented (Lee,
2017). CSRM often encompasses several factors for protecting sensitive data, protected
health information (PHI), personal information, personally identifiable information (PII),
intellectual property, data, as well as IS of governmental and industry. Thus, by protecting all
of the above information, CSRM protects humans from theft and damage attempted by the
cybercriminals and hackers (Liu et al., 2018).
What is CyberSecurity and Risk Management
In general, cybersecurity refers to the practice of protecting elements like computer systems,
programs and networks from cyber or digital attacks (Shabani, 2017). In this context, such
cyberattacks are objected to accessing, altering, or destroying important sensitive
information. According to (Weber, 2016), cybersecurity provides protection against hackers
which extorts money from users while interrupting usual business processes (Schwartz,
2018).
On the other hand, a cyber-risk assessment in an organization is the risk management strategy
made for assessing and evaluating the cyber risks form the cybercriminals (Chang &
Ramachandran, 2015). As we know, modern organizations typically rely on IS and IT
systems to conduct their business hence cyber risks assessment and management are
conducted to protect the everyday business from cybercriminals and other hackers (Stallings
et al., 2012).
According to (Bendovschi, 2015), cybercriminals of the millennial generation have become
more intelligent and sophisticated, while evolving their target. Cyber attackers are also
changing the way how they impact organizations as well as the methods of attack for diverse
network security systems (Picanso, 2010). Thus, the study suggested that information theft is
one of the expensive and fastest-growing segments of cybercrime in the digital age. Thus,
CSRM 5
cybersecurity is mainly driven by the cumulative exposure of identity info to the web with the
help of cloud services (Vacca, 2012).
In this way, it is clear that by studying about cybersecurity and risk management,
contemporary organizations can protect the organizational data and information against
cybercrimes and cyber risks as well. Yet, the literature is showing research gaps in terms of
addressing cyber security issues and challenges adequately (The SSL Store, 2019).
Understanding of the topic and critical analysis
In the context of CSRM, there is some key information to be protected such as sensitive data,
protected health information (PHI), personal information, personally identifiable information
(PII), intellectual property, data, as well as IS of governmental and industry (Shabani, 2017).
The aforementioned list of personal information is often extensive, and hence protecting such
personal information comes under data privacy (Ismail, 2017). In this way, in the business
context, data privacy may go beyond the PII of the employees as well as customers. In
modern organizations, data privacy also includes the data and information which can help the
firm to operate, so as to show how the company is spending and investing their money
(Trkman, McCormack, De Oliveira, & Ladeira, 2010). Personal data and information must
avoid getting in the wrong hands, as so many bad things can happen by breaching data
privacy. In this way, data privacy in research can put more effort in order to know data
standards and curation implications in contemporary organizations (Ismail, 2019).
It is well aware that earlier antivirus software and simple firewalls used to be placed as single
security measures (Gollmann, 2010). Nowadays, global business leaders and organizations
can never leave their IT and IS in the hand of cybersecurity professionals from the
perspective of information security (Gatzlaff & McCullough, 2010). The current state of
CSRM is depicting that recent cyber threats are coming from every level of an organization.
Thus, modern organizations need to train and educate their people, IT professionals and other
staff regarding social engineering scams such as phishing and data breaches. On the other
hand, cyber hackers have found more sophisticated cybersecurity attacks such as ransomware
as well as malware which are typically designed for stealing intellectual property (IP) or other
personal data of a human being (Financier Worldwide Magazine, 2019).
The top cybersecurity and Information security agencies are suggesting that in this modern
business environment, there is no case where cybersecurity can be ignored by modern
cybersecurity is mainly driven by the cumulative exposure of identity info to the web with the
help of cloud services (Vacca, 2012).
In this way, it is clear that by studying about cybersecurity and risk management,
contemporary organizations can protect the organizational data and information against
cybercrimes and cyber risks as well. Yet, the literature is showing research gaps in terms of
addressing cyber security issues and challenges adequately (The SSL Store, 2019).
Understanding of the topic and critical analysis
In the context of CSRM, there is some key information to be protected such as sensitive data,
protected health information (PHI), personal information, personally identifiable information
(PII), intellectual property, data, as well as IS of governmental and industry (Shabani, 2017).
The aforementioned list of personal information is often extensive, and hence protecting such
personal information comes under data privacy (Ismail, 2017). In this way, in the business
context, data privacy may go beyond the PII of the employees as well as customers. In
modern organizations, data privacy also includes the data and information which can help the
firm to operate, so as to show how the company is spending and investing their money
(Trkman, McCormack, De Oliveira, & Ladeira, 2010). Personal data and information must
avoid getting in the wrong hands, as so many bad things can happen by breaching data
privacy. In this way, data privacy in research can put more effort in order to know data
standards and curation implications in contemporary organizations (Ismail, 2019).
It is well aware that earlier antivirus software and simple firewalls used to be placed as single
security measures (Gollmann, 2010). Nowadays, global business leaders and organizations
can never leave their IT and IS in the hand of cybersecurity professionals from the
perspective of information security (Gatzlaff & McCullough, 2010). The current state of
CSRM is depicting that recent cyber threats are coming from every level of an organization.
Thus, modern organizations need to train and educate their people, IT professionals and other
staff regarding social engineering scams such as phishing and data breaches. On the other
hand, cyber hackers have found more sophisticated cybersecurity attacks such as ransomware
as well as malware which are typically designed for stealing intellectual property (IP) or other
personal data of a human being (Financier Worldwide Magazine, 2019).
The top cybersecurity and Information security agencies are suggesting that in this modern
business environment, there is no case where cybersecurity can be ignored by modern
CSRM 6
businesses (Esposito et al., 2016). It is because many security incidents are regularly affecting
the modern businesses of every size and thus cybersecurity threats, as well as risks, are
causing irreversible reputational damage to the firms involved in the cyber risks or cyber
threats as well as security violation incidents (Rittinghouse & Ransome, 2009).
As per the above research and literature review on the area of CSRM, cybersecurity plays an
important role in the successful business growth and development at present and future as
well (Mather, 2009). It has been found that Governments of the whole world are continuously
bringing their attention to today’s efficient cybercriminals as well as cybercrimes. For
example, the General Data Protection Regulation (GDPR) is working towards protecting data
from hackers all across Europe (Aldawood, 2019). The agency has successfully decreased the
reputational damage from the data breaches in the organizations. Thus, all organizations
must:
1. Anonymize their sensitive data and information for privacy
2. Take user consent for processing the information for business analytics from the
perspective of data privacy (Brown et al., 2012).
3. Appoint at least one data protection or information security officer at their premises
4. Communicate data breaches on time so that identity fraud and identity theft can be
avoided at a large extent (Chang & Ramachandran, 2015).
businesses (Esposito et al., 2016). It is because many security incidents are regularly affecting
the modern businesses of every size and thus cybersecurity threats, as well as risks, are
causing irreversible reputational damage to the firms involved in the cyber risks or cyber
threats as well as security violation incidents (Rittinghouse & Ransome, 2009).
As per the above research and literature review on the area of CSRM, cybersecurity plays an
important role in the successful business growth and development at present and future as
well (Mather, 2009). It has been found that Governments of the whole world are continuously
bringing their attention to today’s efficient cybercriminals as well as cybercrimes. For
example, the General Data Protection Regulation (GDPR) is working towards protecting data
from hackers all across Europe (Aldawood, 2019). The agency has successfully decreased the
reputational damage from the data breaches in the organizations. Thus, all organizations
must:
1. Anonymize their sensitive data and information for privacy
2. Take user consent for processing the information for business analytics from the
perspective of data privacy (Brown et al., 2012).
3. Appoint at least one data protection or information security officer at their premises
4. Communicate data breaches on time so that identity fraud and identity theft can be
avoided at a large extent (Chang & Ramachandran, 2015).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
CSRM 7
Source: (Aldawood, 2019)
Identification of issues and use of examples
In the field of digital technology, there are some key factors which are driving the growth in
cybercrimes day-by-day, these factors are:
The capability of cybercriminals of attacking targets exterior their jurisdiction while
making laws and policies difficult (Bogle, 2018)
The nature of the Internet as distributed
Increasing profitability as well as ease of commerce on the dark web
Thus, the discussion is based on an identification of major security issues with the use of
examples in a real-life context. There is a huge impact on cybercrime and cybersecurity
threats (The Economic Times, 2018). Therefore, a lack of focus and attention on
cybersecurity and risk management can permanently damage any business in the following
ways include:
Reputational costs: due to cybersecurity violation, there can be a loss of customer
trust, loss of present as well as future consumers. The loss of media coverage and loss
of customers to competitors is again an issue caused by cybersecurity threats (The
AME group, 2018)
Economic costs: it has been found that IP theft, corporate information theft, and any
disruption in trading causes economic costs as well as costs of repairing damaged
systems.
Regulatory costs: it has been found that regulatory costs resulted from regulatory
sanctions as well as fines due to cybercrimes (Shabani, 2017).
Apart from this, there are some key examples of damages to contemporary organizations
which are affected by cyber-attacks as well as data breaches. In the recent few years, the
prevalence of data breaches and cyber-attacks has been staggering. Thus, it is clear from the
following mentioned examples (Australian Government, 2018).
Real-life Examples
Yahoo: in August 2013, Yahoo disclosed a data breach from a group of hackers. In this data
breach, the hacker group hacked 1 billion accounts of Yahoo (Continuum, 2019). During the
incident, some security questions and answers were compromised, while increasing the whole
Source: (Aldawood, 2019)
Identification of issues and use of examples
In the field of digital technology, there are some key factors which are driving the growth in
cybercrimes day-by-day, these factors are:
The capability of cybercriminals of attacking targets exterior their jurisdiction while
making laws and policies difficult (Bogle, 2018)
The nature of the Internet as distributed
Increasing profitability as well as ease of commerce on the dark web
Thus, the discussion is based on an identification of major security issues with the use of
examples in a real-life context. There is a huge impact on cybercrime and cybersecurity
threats (The Economic Times, 2018). Therefore, a lack of focus and attention on
cybersecurity and risk management can permanently damage any business in the following
ways include:
Reputational costs: due to cybersecurity violation, there can be a loss of customer
trust, loss of present as well as future consumers. The loss of media coverage and loss
of customers to competitors is again an issue caused by cybersecurity threats (The
AME group, 2018)
Economic costs: it has been found that IP theft, corporate information theft, and any
disruption in trading causes economic costs as well as costs of repairing damaged
systems.
Regulatory costs: it has been found that regulatory costs resulted from regulatory
sanctions as well as fines due to cybercrimes (Shabani, 2017).
Apart from this, there are some key examples of damages to contemporary organizations
which are affected by cyber-attacks as well as data breaches. In the recent few years, the
prevalence of data breaches and cyber-attacks has been staggering. Thus, it is clear from the
following mentioned examples (Australian Government, 2018).
Real-life Examples
Yahoo: in August 2013, Yahoo disclosed a data breach from a group of hackers. In this data
breach, the hacker group hacked 1 billion accounts of Yahoo (Continuum, 2019). During the
incident, some security questions and answers were compromised, while increasing the whole
CSRM 8
risk of identity theft (Bogle, 2018). As a result, Yahoo has successfully changed the estimate
to 3 billion user accounts. The reports are suggesting that the IS breach was reported by
Yahoo on December 14, 2016, and hence Yahoo also forced all of the affected users to
change passwords. In this way, Yahoo advised re-entering an unencrypted security question
as well as answers for making them encrypted for the hackers in the future (Aldawood,
2019).
eBay: it has been found that during February and March 2014, the Company eBay has
become the victim of an IS breach of the encrypted passwords. Thus, the data breach resulted
in asking eBay all of their 145 million users for immediate resetting of the eBay accounts’
password (Bendovschi, 2015). In this data breach incident, the cyber attackers utilized a small
set of employee credentials for accessing the trove of user data. It is worth knowing that
breached information during the data breach was included personal information as well as
encrypted passwords. As per the breach notification, the IS breach of eBay was first disclosed
in May 2014, post a month-long investigation by the Company eBay (Bogle, 2018).
Uber: the giant transport company Uber had to pay $148 million in order to settle a
cybersecurity regulation fine against the data breach occurred in the year 2016 (Hern, 2018).
Thus, the ride-sharing company got into a nationwide investigation due to IS data breach.
After data breach analysis, it has been found that 2 hackers managed to access information
belonging to 57 million Uber riders as well as Uber drivers. It is worth knowing that data
breach was included driver's license numbers as well as names of 600,000 drivers (Fortune,
2018).
Conclusion and Recommendations
In whole, the research report has successfully talked about CSRM in the context of
contemporary organizations and business context. The discussion has identified so many
security issues and challenges related to cybersecurity and risk management. It has been
found that cyber-attacks are rising continuously against industrial security control systems. In
the technology-based environment, the cybersecurity threats such as hackers, nation-states,
insider threats, organized crime, malware and other viruses all are posing serious threats to
businesses. In this way, cybersecurity risk management must be used and designed to counter
above-identified cybersecurity threats. In this context, risk assessment also helps security
managers and IT officers to uncover, prioritize, rate, as well as remedy cybersecurity risks.
risk of identity theft (Bogle, 2018). As a result, Yahoo has successfully changed the estimate
to 3 billion user accounts. The reports are suggesting that the IS breach was reported by
Yahoo on December 14, 2016, and hence Yahoo also forced all of the affected users to
change passwords. In this way, Yahoo advised re-entering an unencrypted security question
as well as answers for making them encrypted for the hackers in the future (Aldawood,
2019).
eBay: it has been found that during February and March 2014, the Company eBay has
become the victim of an IS breach of the encrypted passwords. Thus, the data breach resulted
in asking eBay all of their 145 million users for immediate resetting of the eBay accounts’
password (Bendovschi, 2015). In this data breach incident, the cyber attackers utilized a small
set of employee credentials for accessing the trove of user data. It is worth knowing that
breached information during the data breach was included personal information as well as
encrypted passwords. As per the breach notification, the IS breach of eBay was first disclosed
in May 2014, post a month-long investigation by the Company eBay (Bogle, 2018).
Uber: the giant transport company Uber had to pay $148 million in order to settle a
cybersecurity regulation fine against the data breach occurred in the year 2016 (Hern, 2018).
Thus, the ride-sharing company got into a nationwide investigation due to IS data breach.
After data breach analysis, it has been found that 2 hackers managed to access information
belonging to 57 million Uber riders as well as Uber drivers. It is worth knowing that data
breach was included driver's license numbers as well as names of 600,000 drivers (Fortune,
2018).
Conclusion and Recommendations
In whole, the research report has successfully talked about CSRM in the context of
contemporary organizations and business context. The discussion has identified so many
security issues and challenges related to cybersecurity and risk management. It has been
found that cyber-attacks are rising continuously against industrial security control systems. In
the technology-based environment, the cybersecurity threats such as hackers, nation-states,
insider threats, organized crime, malware and other viruses all are posing serious threats to
businesses. In this way, cybersecurity risk management must be used and designed to counter
above-identified cybersecurity threats. In this context, risk assessment also helps security
managers and IT officers to uncover, prioritize, rate, as well as remedy cybersecurity risks.
CSRM 9
The cybersecurity prevention and risk management solutions provide a detailed in-depth view
of organizational security posture and thereby risk mitigation strategy. In this way, based on
the above research it is clear that cybersecurity officers and IS operators can always utilise
above-discussed information in order to prevent the disruption of security operations from the
most determined attackers. In whole, an organization should use the following future
recommendations:
Contemporary organizations should have a clear understanding of cybersecurity and
other IS vulnerabilities
Contemporary organizations should improve cyber risks’ assessment and management
Contemporary organizations should improve their risk mitigation and containment
plan in relation to the cybersecurity of their IS and IT systems.
The cybersecurity prevention and risk management solutions provide a detailed in-depth view
of organizational security posture and thereby risk mitigation strategy. In this way, based on
the above research it is clear that cybersecurity officers and IS operators can always utilise
above-discussed information in order to prevent the disruption of security operations from the
most determined attackers. In whole, an organization should use the following future
recommendations:
Contemporary organizations should have a clear understanding of cybersecurity and
other IS vulnerabilities
Contemporary organizations should improve cyber risks’ assessment and management
Contemporary organizations should improve their risk mitigation and containment
plan in relation to the cybersecurity of their IS and IT systems.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
CSRM 10
References
Aldawood, H.a.S.G., 2019. Reviewing Cyber Security Social Engineering Training and
Awareness Programs—Pitfalls and Ongoing Issues. Future Internet, 11(3), p.73.
Australian Government, 2018. Notifiable Data Breaches scheme. [Online] Available at:
https://www.oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme [Accessed
16 October 2018].
Bendovschi, A., 2015. Cyber-attacks–trends, patterns and security countermeasures. Procedia
Economics and Finance, 28, pp.24-31.
Bogle, , 2018. Data breaches: If a company has lost your personal info, they now have to tell
you. [Online] Available at: https://www.abc.net.au/news/science/2018-02-22/-companies-
must-inform-consumers-of-data-breaches/9462170 [Accessed 16 October 2018].
Brown, L., Stallings, W., Bauer, M. & Bhattacharjee, A., 2012. Computer security: principles
and practice. USA: Pearson Education.
Chang, V. & Ramachandran, M., 2015. Towards achieving data security with the cloud
computing adoption framework. IEEE Transactions on Services Computing, 9(1), pp.138-51.
Continuum, 2019. Cybercrime & Security Overview: Terms, Trends, Statistics, and
Takeaways. [Online] Available at:
https://www.continuum.net/resources/mspedia/cybercrime-and-security-overview [Accessed
2019].
Esposito , C., Castiglione , A., Martini, B. & Choo, 2016. Cloud manufacturing: security,
privacy, and forensic concerns. IEEE Cloud Computing, pp.16-22.
Financier Worldwide Magazine, 2019. Emerging trends in cyber security. [Online] Available
at: https://www.financierworldwide.com/emerging-trends-in-cyber-security#.Xg3TKkczbIV
[Accessed 2019].
Fortune, 2018. Uber Data Breach Exposed Personal Information of 20 Million Users.
[Online] Available at: http://fortune.com/2018/04/12/uber-data-breach-security/ [Accessed 27
May 2019].
References
Aldawood, H.a.S.G., 2019. Reviewing Cyber Security Social Engineering Training and
Awareness Programs—Pitfalls and Ongoing Issues. Future Internet, 11(3), p.73.
Australian Government, 2018. Notifiable Data Breaches scheme. [Online] Available at:
https://www.oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme [Accessed
16 October 2018].
Bendovschi, A., 2015. Cyber-attacks–trends, patterns and security countermeasures. Procedia
Economics and Finance, 28, pp.24-31.
Bogle, , 2018. Data breaches: If a company has lost your personal info, they now have to tell
you. [Online] Available at: https://www.abc.net.au/news/science/2018-02-22/-companies-
must-inform-consumers-of-data-breaches/9462170 [Accessed 16 October 2018].
Brown, L., Stallings, W., Bauer, M. & Bhattacharjee, A., 2012. Computer security: principles
and practice. USA: Pearson Education.
Chang, V. & Ramachandran, M., 2015. Towards achieving data security with the cloud
computing adoption framework. IEEE Transactions on Services Computing, 9(1), pp.138-51.
Continuum, 2019. Cybercrime & Security Overview: Terms, Trends, Statistics, and
Takeaways. [Online] Available at:
https://www.continuum.net/resources/mspedia/cybercrime-and-security-overview [Accessed
2019].
Esposito , C., Castiglione , A., Martini, B. & Choo, 2016. Cloud manufacturing: security,
privacy, and forensic concerns. IEEE Cloud Computing, pp.16-22.
Financier Worldwide Magazine, 2019. Emerging trends in cyber security. [Online] Available
at: https://www.financierworldwide.com/emerging-trends-in-cyber-security#.Xg3TKkczbIV
[Accessed 2019].
Fortune, 2018. Uber Data Breach Exposed Personal Information of 20 Million Users.
[Online] Available at: http://fortune.com/2018/04/12/uber-data-breach-security/ [Accessed 27
May 2019].
CSRM 11
Gatzlaff, K. & McCullough, K., 2010. The effect of data breaches on shareholder wealth.
Risk management and Insurance Review, 13(1), pp.61-83.
Gollmann, D., 2010. Computer Security. Wiley Interdisciplinary Reviews: Computational
Statistics, 2(5), pp.544-54.
Hern, A., 2018. Uber fined £385,000 for data breach affecting millions of passengers.
[Online] Available at: https://www.theguardian.com/technology/2018/nov/27/uber-fined-
385000-for-data-breach-affecting-millions-of-passengers-hacked [Accessed 2020].
Ismail, N., 2017. 7 nightmare cyber security threats to SMEs and how to secure against them.
[Online] Available at: https://www.information-age.com/7-nightmare-cyber-security-threats-
smes-secure-123466495/ [Accessed 12 October 2018].
Ismail, N., 2019. 10 cyber security trends to look out for in 2020. [Online] Available at:
https://www.information-age.com/10-cyber-security-trends-look-2020-123463680/
[Accessed 2019].
Jansen, W.A., 2011. Cloud Hooks: Security and Privacy Issues in Cloud Computing. Hawaii
International Conference on System Sciences, pp.1-10.
Khosrowshahi, , 2017. 2016 Data Security Incident. [Online] Available at:
https://www.uber.com/newsroom/2016-data-incident/ [Accessed 16 October 2018].
Kizza, J., 2009. Guide to computer network security. London: Springer.
Lee, D., 2017. Uber concealed huge data breach. [Online] Available at:
https://www.bbc.co.uk/news/amp/technology-42075306 [Accessed 17 October 2018].
Liu, L., Han, M., Wang, Y. & Zhou, Y., 2018. Understanding data breach: a visualization
aspect. International Conference on Wireless Algorithms systems and applications, pp.883-
92.
Mather, , 2009. Cloud Security and Privacy: An Enterprise Perspective on Risks and
Compliance. America: O'reilly.
Picanso, K.E., 2010. Protecting information security under a uniform data breach notification
law. Fordham L., (Rev.), p.355.
Gatzlaff, K. & McCullough, K., 2010. The effect of data breaches on shareholder wealth.
Risk management and Insurance Review, 13(1), pp.61-83.
Gollmann, D., 2010. Computer Security. Wiley Interdisciplinary Reviews: Computational
Statistics, 2(5), pp.544-54.
Hern, A., 2018. Uber fined £385,000 for data breach affecting millions of passengers.
[Online] Available at: https://www.theguardian.com/technology/2018/nov/27/uber-fined-
385000-for-data-breach-affecting-millions-of-passengers-hacked [Accessed 2020].
Ismail, N., 2017. 7 nightmare cyber security threats to SMEs and how to secure against them.
[Online] Available at: https://www.information-age.com/7-nightmare-cyber-security-threats-
smes-secure-123466495/ [Accessed 12 October 2018].
Ismail, N., 2019. 10 cyber security trends to look out for in 2020. [Online] Available at:
https://www.information-age.com/10-cyber-security-trends-look-2020-123463680/
[Accessed 2019].
Jansen, W.A., 2011. Cloud Hooks: Security and Privacy Issues in Cloud Computing. Hawaii
International Conference on System Sciences, pp.1-10.
Khosrowshahi, , 2017. 2016 Data Security Incident. [Online] Available at:
https://www.uber.com/newsroom/2016-data-incident/ [Accessed 16 October 2018].
Kizza, J., 2009. Guide to computer network security. London: Springer.
Lee, D., 2017. Uber concealed huge data breach. [Online] Available at:
https://www.bbc.co.uk/news/amp/technology-42075306 [Accessed 17 October 2018].
Liu, L., Han, M., Wang, Y. & Zhou, Y., 2018. Understanding data breach: a visualization
aspect. International Conference on Wireless Algorithms systems and applications, pp.883-
92.
Mather, , 2009. Cloud Security and Privacy: An Enterprise Perspective on Risks and
Compliance. America: O'reilly.
Picanso, K.E., 2010. Protecting information security under a uniform data breach notification
law. Fordham L., (Rev.), p.355.
CSRM 12
Rittinghouse, W. & Ransome, J.F., 2009. Cloud Computing Implementation, Management,
and Security. Boca Raton: CRC.
Schwartz, M., 2018. Cybercrime: 15 Top Threats and Trends. [Online] Available at:
https://www.bankinfosecurity.com/cybercrime-trends-hackers-still-prefer-bitcoin-a-11522
[Accessed 2019].
Shabani, N., 2017. A study of cyber security in hospitality industry-threats and
countermeasures: case study in Reno, Nevada. ArXiv.
Stallings, W., Brown, L., Bauer, M. & Bhattacharjee, A., 2012. Computer security: principles
and practice. NJ: Pearson Education.
The AME group, 2018. Data Security Breach: 5 Consequences for Your Business. [Online]
Available at: https://www.theamegroup.com/security-breach/ [Accessed 16 October 2018].
The Economic Times, 2018. 5 simple tips to keep your business secure from cyberattacks.
[Online] Available at:
https://economictimes.indiatimes.com/small-biz/security-tech/security/5-simple-tips-to-keep-
your-business-secure-from-cyberattacks/articleshow/64568063.cms [Accessed 12 October
2018].
The SSL Store, 2019. The Top Cyber Security Trends in 2019 (and What to Expect in 2020).
[Online] Available at: https://www.thesslstore.com/blog/the-top-cyber-security-trends-in-
2019-and-what-to-expect-in-2020/ [Accessed 2019].
Vacca, J., 2012. Computer and information security handbook. London: Newnes.
Weber, R.H.a.S.E., 2016. Cybersecurity in the Internet of Things: Legal aspects. Computer
Law & Security Review, 32(5), pp.715-28.
Rittinghouse, W. & Ransome, J.F., 2009. Cloud Computing Implementation, Management,
and Security. Boca Raton: CRC.
Schwartz, M., 2018. Cybercrime: 15 Top Threats and Trends. [Online] Available at:
https://www.bankinfosecurity.com/cybercrime-trends-hackers-still-prefer-bitcoin-a-11522
[Accessed 2019].
Shabani, N., 2017. A study of cyber security in hospitality industry-threats and
countermeasures: case study in Reno, Nevada. ArXiv.
Stallings, W., Brown, L., Bauer, M. & Bhattacharjee, A., 2012. Computer security: principles
and practice. NJ: Pearson Education.
The AME group, 2018. Data Security Breach: 5 Consequences for Your Business. [Online]
Available at: https://www.theamegroup.com/security-breach/ [Accessed 16 October 2018].
The Economic Times, 2018. 5 simple tips to keep your business secure from cyberattacks.
[Online] Available at:
https://economictimes.indiatimes.com/small-biz/security-tech/security/5-simple-tips-to-keep-
your-business-secure-from-cyberattacks/articleshow/64568063.cms [Accessed 12 October
2018].
The SSL Store, 2019. The Top Cyber Security Trends in 2019 (and What to Expect in 2020).
[Online] Available at: https://www.thesslstore.com/blog/the-top-cyber-security-trends-in-
2019-and-what-to-expect-in-2020/ [Accessed 2019].
Vacca, J., 2012. Computer and information security handbook. London: Newnes.
Weber, R.H.a.S.E., 2016. Cybersecurity in the Internet of Things: Legal aspects. Computer
Law & Security Review, 32(5), pp.715-28.
1 out of 13
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.