Risk Assessment and Mitigation Strategies Adopted by Netflix Report
VerifiedAdded on 2023/03/30
|19
|4588
|446
Report
AI Summary
This report delves into the risk assessment and mitigation strategies employed by Netflix, a leading online streaming platform. It identifies key threats such as data breaches, identity theft, phishing, and ransomware, which are common in the digital landscape. The report examines the vulnerabilities associated with these threats and their potential impact on Netflix and its users. Furthermore, it analyzes the risk mitigation strategies that Netflix has adopted, referencing guidelines from the National Institute of Standards and Technology (NIST). The discussion includes various security measures and best practices to protect user data and maintain the integrity of the platform. The report emphasizes the importance of proactive risk management in the face of evolving cyber threats, highlighting the need for continuous investment in security to safeguard the organization's cloud platform and data integration mechanisms. The report provides a comprehensive overview of the challenges and solutions related to cybersecurity within the context of a major online streaming service.
Running Head: RISK ASSESSMENT AND MITIGATION STRATEGIES ADOPTED BY NETFLIX
Risk Assessment and Mitigation Strategies Adopted by Netflix
Name of the Student
Name of the Organization
Author Note
Risk Assessment and Mitigation Strategies Adopted by Netflix
Name of the Student
Name of the Organization
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1RISK ASSESSMENT AND MITIGATION STRATEGIES ADOPTED BY NETFLIX
Abstract
The purpose of this report is to device a risk assessment and mitigation strategy for the online
streaming platform Netflix. Netflix has millions of users worldwide, and with such a huge user
base, subsequent risk related to user information ranging from user name, password, banking
details are associated with the account, and cybercriminals take advantage of such situations to
retrieve user information. Security threats include data breaching, identity theft, phishing as well
as ransom ware. The companies active role in identification of risks and mitigation strategies
involve investment, however this helps in identifying potential threat and risk to the
organizations cloud platform and data integration mechanisms. This report identifies potential
threats and subsequent strategies to mitigate the pertinent risks.
Abstract
The purpose of this report is to device a risk assessment and mitigation strategy for the online
streaming platform Netflix. Netflix has millions of users worldwide, and with such a huge user
base, subsequent risk related to user information ranging from user name, password, banking
details are associated with the account, and cybercriminals take advantage of such situations to
retrieve user information. Security threats include data breaching, identity theft, phishing as well
as ransom ware. The companies active role in identification of risks and mitigation strategies
involve investment, however this helps in identifying potential threat and risk to the
organizations cloud platform and data integration mechanisms. This report identifies potential
threats and subsequent strategies to mitigate the pertinent risks.
2RISK ASSESSMENT AND MITIGATION STRATEGIES ADOPTED BY NETFLIX
Table of Contents
Introduction......................................................................................................................................4
Discussion........................................................................................................................................5
Threats And Vulnerabilities.........................................................................................................6
Data Breach:............................................................................................................................6
Identity Theft:..........................................................................................................................7
Phishing:..................................................................................................................................7
Ransom ware:..........................................................................................................................8
Impact..........................................................................................................................................9
Risk Mitigation..........................................................................................................................11
Conclusion.....................................................................................................................................13
References......................................................................................................................................16
Table of Contents
Introduction......................................................................................................................................4
Discussion........................................................................................................................................5
Threats And Vulnerabilities.........................................................................................................6
Data Breach:............................................................................................................................6
Identity Theft:..........................................................................................................................7
Phishing:..................................................................................................................................7
Ransom ware:..........................................................................................................................8
Impact..........................................................................................................................................9
Risk Mitigation..........................................................................................................................11
Conclusion.....................................................................................................................................13
References......................................................................................................................................16
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3RISK ASSESSMENT AND MITIGATION STRATEGIES ADOPTED BY NETFLIX
Introduction
Netflix is an American online video streaming service, which was founded in the year
1997 by Reed Hastings and Marc Randolph. The organizational headquarter is based at Los
Gatos, California. This is an online service providing organization that allows its users with a
range of various contents, such as movies, series, and much more based upon their interests.
Approximately there are over 148 million subscribers who stream Netflix on a regular basis. This
data has been collected on the statistical survey conducted before April, 2019. The United States
has the most amount of Netflix subscribers with almost 60 million regular viewers (Statista,
2019). Moreover, Netflix offers its users with a 1 month free subscription. After the 30 days trial
is over, a user has to pay a certain amount of fees choosing from the available plans in order to
continue the streaming process.
This belongs to the mass media and entertainment industry and one of the leading online
streaming facility accessible worldwide except certain places, which include Crimea, North
Korea, Mainland China and Syria (Dastrala & Tripathi, 2019). The services provided by Netflix
is not only limited to films and videos streaming but production of original content ranging from
films, talk shows, and television series also. The amount of revenue generated by the
organization as of 2018 is $ 15.7 billion, however the operating income is within the range of $
1.6 billion (Dizon, 2018). The total number of employees working for the organization is near
about 5500 people.
The advent of streaming services has facilitated the audience to enjoy advertisement free
content accessible in computer or mobile devices, reducing the effort of going to movie halls and
Introduction
Netflix is an American online video streaming service, which was founded in the year
1997 by Reed Hastings and Marc Randolph. The organizational headquarter is based at Los
Gatos, California. This is an online service providing organization that allows its users with a
range of various contents, such as movies, series, and much more based upon their interests.
Approximately there are over 148 million subscribers who stream Netflix on a regular basis. This
data has been collected on the statistical survey conducted before April, 2019. The United States
has the most amount of Netflix subscribers with almost 60 million regular viewers (Statista,
2019). Moreover, Netflix offers its users with a 1 month free subscription. After the 30 days trial
is over, a user has to pay a certain amount of fees choosing from the available plans in order to
continue the streaming process.
This belongs to the mass media and entertainment industry and one of the leading online
streaming facility accessible worldwide except certain places, which include Crimea, North
Korea, Mainland China and Syria (Dastrala & Tripathi, 2019). The services provided by Netflix
is not only limited to films and videos streaming but production of original content ranging from
films, talk shows, and television series also. The amount of revenue generated by the
organization as of 2018 is $ 15.7 billion, however the operating income is within the range of $
1.6 billion (Dizon, 2018). The total number of employees working for the organization is near
about 5500 people.
The advent of streaming services has facilitated the audience to enjoy advertisement free
content accessible in computer or mobile devices, reducing the effort of going to movie halls and
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4RISK ASSESSMENT AND MITIGATION STRATEGIES ADOPTED BY NETFLIX
even reducing the amount of piracy circling the entertainment services, where due to torrent
sites, organizations face a lot of challenges.
Netflix adopted the services introduced by Amazon, which was named as Amazon S3
(Amazon Simple Storage Service), which gave the provision for users to store data in cloud
storage facilities to easily access required information without the need of carrying external
peripheral devices (Jing et al., 2014). The transmission of video over internet was not secured
then, due to huge amount of bandwidth required to transmit data, and Netflix Incorporation
found an opportunity to use this service provided by Amazon for video streaming with the help
of cloud computing, provided by Amazon Web Services (AWS). Netflix gradually adopted the
strategy of moving entirely into cloud streaming facility as well as developed a tool named as
Chaos Automation Platform (CAP) which would self-repair errors occurring during online
streaming to provide seamless integration of videos and uninterrupted streaming service to the
customer (Basiri et al., 2019). However, services on the internet using cloud facilities often face
certain threats from hackers, who plan on stealing data for piracy. This report provides a
synopsis of risks, threats and vulnerabilities faced by the organization in this digital sphere. The
risk mitigation for the identified threats and vulnerabilities will be analyzed with the help of risk
management guidelines outlined in National Institute of Standards and Technology (NIST) and
the required strategies in order to mitigate those risks.
Discussion
According to the National Institute of Standards and Technology or as generally referred
to as the NISTR, a risk can be defined as the measure of extent up to which a particular entity is
threatened by any event or the relative potential circumstances attached to it (Gomez-Uribe &
Hunt, 2016). The circumstances may have an adverse impact on the specific platform. The risks
even reducing the amount of piracy circling the entertainment services, where due to torrent
sites, organizations face a lot of challenges.
Netflix adopted the services introduced by Amazon, which was named as Amazon S3
(Amazon Simple Storage Service), which gave the provision for users to store data in cloud
storage facilities to easily access required information without the need of carrying external
peripheral devices (Jing et al., 2014). The transmission of video over internet was not secured
then, due to huge amount of bandwidth required to transmit data, and Netflix Incorporation
found an opportunity to use this service provided by Amazon for video streaming with the help
of cloud computing, provided by Amazon Web Services (AWS). Netflix gradually adopted the
strategy of moving entirely into cloud streaming facility as well as developed a tool named as
Chaos Automation Platform (CAP) which would self-repair errors occurring during online
streaming to provide seamless integration of videos and uninterrupted streaming service to the
customer (Basiri et al., 2019). However, services on the internet using cloud facilities often face
certain threats from hackers, who plan on stealing data for piracy. This report provides a
synopsis of risks, threats and vulnerabilities faced by the organization in this digital sphere. The
risk mitigation for the identified threats and vulnerabilities will be analyzed with the help of risk
management guidelines outlined in National Institute of Standards and Technology (NIST) and
the required strategies in order to mitigate those risks.
Discussion
According to the National Institute of Standards and Technology or as generally referred
to as the NISTR, a risk can be defined as the measure of extent up to which a particular entity is
threatened by any event or the relative potential circumstances attached to it (Gomez-Uribe &
Hunt, 2016). The circumstances may have an adverse impact on the specific platform. The risks
5RISK ASSESSMENT AND MITIGATION STRATEGIES ADOPTED BY NETFLIX
that are related to information security are one of the major problems that are needed to be dealt
with in the recent times. In general, an information security risk emerges from a loss in integrity,
confidentiality and information availability that impact the organizational operations in a
negative way.
Netflix has become one of the major streaming service providers in the recent times. As a
result of this, there has been a subsequent increment of information system and cyber security
threats (Matrix, 2014). Although many security layers have been incorporated within the
platform, there are few vulnerabilities associated with it which are faced by most of the online
streaming service providers. These have been discussed below.
Threats And Vulnerabilities
Data Breach: One of the most common threats in the field of security is a data
breach. A data breach is responsible for the exposure of protected and confidential information.
While streaming platforms, especially like Netflix, loss or theft related to the user ID, email and
passwords is a matter of common fact. The occurrence of a data breach can be accidental or
intentional in nature. An attacker often referred to as a cybercriminal in the field of cyber
security may gain access to the Netflix database in an unauthorized way. In such cases, all the
personal information stored within that database are at risk. In addition to it, a staff of Netflix
may also be responsible for an accidental exposure of the personal information that has been
shared on the company’s database. In any case, the consequences that are to be faced by the
users are heavy (Amatriain & Basilico, 2015). The criminals gaining an unauthorized access to
the personal credentials of any individual will be able to gain profits on the user expenses.
Streaming service providers are not the only targets of the attackers. Government offices,
that are related to information security are one of the major problems that are needed to be dealt
with in the recent times. In general, an information security risk emerges from a loss in integrity,
confidentiality and information availability that impact the organizational operations in a
negative way.
Netflix has become one of the major streaming service providers in the recent times. As a
result of this, there has been a subsequent increment of information system and cyber security
threats (Matrix, 2014). Although many security layers have been incorporated within the
platform, there are few vulnerabilities associated with it which are faced by most of the online
streaming service providers. These have been discussed below.
Threats And Vulnerabilities
Data Breach: One of the most common threats in the field of security is a data
breach. A data breach is responsible for the exposure of protected and confidential information.
While streaming platforms, especially like Netflix, loss or theft related to the user ID, email and
passwords is a matter of common fact. The occurrence of a data breach can be accidental or
intentional in nature. An attacker often referred to as a cybercriminal in the field of cyber
security may gain access to the Netflix database in an unauthorized way. In such cases, all the
personal information stored within that database are at risk. In addition to it, a staff of Netflix
may also be responsible for an accidental exposure of the personal information that has been
shared on the company’s database. In any case, the consequences that are to be faced by the
users are heavy (Amatriain & Basilico, 2015). The criminals gaining an unauthorized access to
the personal credentials of any individual will be able to gain profits on the user expenses.
Streaming service providers are not the only targets of the attackers. Government offices,
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6RISK ASSESSMENT AND MITIGATION STRATEGIES ADOPTED BY NETFLIX
hospitals, corporations, retailers, collages etc. have equally been affected by data breaches over
the years.
Identity Theft: The deliberate usage of someone else’s identity for the purpose of
gaining financial advantages or obtaining other benefits can be referred to as identity theft. The
victim, on which this attack has been performed may have to face adverse consequences. There
had been many subsequent identity theft attempts on Netflix users in the year 2017 (Jenner,
2016). Many users lost their personal information and some even lost their subscriptions due to
it. An identity theft may comprise of fingerprints, pin numbers, bank account numbers etc. that
can be used to gain unauthorized access of an individual’s account. However, it is quite
challenging to determine the mutual link between an identity theft and a data breach, as in case
of identity theft, the victim is unaware of the process of how his/her credentials were obtained. In
addition to that, an identity theft is often undetectable by the victims (Romanosky, Hoffman &
Acquisti, 2014). However, it is to be noted that an identity theft is not always the case of an
identity fraud. In case of an identity fraud there are various other methods attached to it. There
are various types of identity theft, namely: Criminal identity theft, child identity theft, medical
identity theft, synthetic identity theft, tax identity theft, identity cloning and concealment and
financial identity theft. Depending upon the type of identity theft, the related consequences can
be tremendously negative.
Phishing: Another most popular type of attack in the field of cyber security is
phishing. A phishing can be referred to as a kind of cybercrime that comprises of targeting a
victim via e-mail, text message or telephone (Hagey & Vranica, 2014). The message is generally
sent by an anonymous user posing to be a legitimate organization for the purpose of luring
individuals or group of individuals to provide confidential or personal data. The information
hospitals, corporations, retailers, collages etc. have equally been affected by data breaches over
the years.
Identity Theft: The deliberate usage of someone else’s identity for the purpose of
gaining financial advantages or obtaining other benefits can be referred to as identity theft. The
victim, on which this attack has been performed may have to face adverse consequences. There
had been many subsequent identity theft attempts on Netflix users in the year 2017 (Jenner,
2016). Many users lost their personal information and some even lost their subscriptions due to
it. An identity theft may comprise of fingerprints, pin numbers, bank account numbers etc. that
can be used to gain unauthorized access of an individual’s account. However, it is quite
challenging to determine the mutual link between an identity theft and a data breach, as in case
of identity theft, the victim is unaware of the process of how his/her credentials were obtained. In
addition to that, an identity theft is often undetectable by the victims (Romanosky, Hoffman &
Acquisti, 2014). However, it is to be noted that an identity theft is not always the case of an
identity fraud. In case of an identity fraud there are various other methods attached to it. There
are various types of identity theft, namely: Criminal identity theft, child identity theft, medical
identity theft, synthetic identity theft, tax identity theft, identity cloning and concealment and
financial identity theft. Depending upon the type of identity theft, the related consequences can
be tremendously negative.
Phishing: Another most popular type of attack in the field of cyber security is
phishing. A phishing can be referred to as a kind of cybercrime that comprises of targeting a
victim via e-mail, text message or telephone (Hagey & Vranica, 2014). The message is generally
sent by an anonymous user posing to be a legitimate organization for the purpose of luring
individuals or group of individuals to provide confidential or personal data. The information
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7RISK ASSESSMENT AND MITIGATION STRATEGIES ADOPTED BY NETFLIX
gained by the attacker via the process of phishing, is then used for his/her benefits which may
result in financial loss, personal data loss or identity theft for the victim. Netflix had been in the
target zone of phishing for a long time (Cheatham, 2015). With a user base of almost 200 million
active subscribers, attackers had been trying to gain unauthorized access over the Netflix
databases for a long time now.
Ransom ware: A ransom ware can be defined as any malware or software that is
malicious in nature. The purpose behind the concept of a ransom ware is to design a software
which denies data access to a computer system until and unless a particular ransom amount is
paid. A ransom ware may spread via phishing emails or by visiting obscurely infected websites.
A ransom ware can have a devastating impact on an organization or an individual. Government,
healthcare systems, law enforcement agencies and other critical infrastructures are often
victimized using a ransom ware as well (Mayer et al., 2014). Anyone storing personal
information or important credentials on a particular computer network can be targeted with
ransom ware and the consequences can be devastating. It is very difficult to recover the data,
however data recovery specialists often help in dealing with such situations. Although, the victim
has to pay a ransom amount for the purpose of recovering data, there is no guarantee that the
particular data will be recovered. In order to avoid ransom wares, updating the soft wares as well
as the operating system in terms of latest available patches can resolve this malice to a great
extent.
Although, Netflix has incorporated data protection and stellar security practices,
cybercriminals targeted a small firm named Larson Studios which is a small scale Post
Production Company that is associated with Netflix (Blue et al., 2018). Since, Larson Studios is
a small organization with minimal security measures incorporated, it was easy to bypass. The
gained by the attacker via the process of phishing, is then used for his/her benefits which may
result in financial loss, personal data loss or identity theft for the victim. Netflix had been in the
target zone of phishing for a long time (Cheatham, 2015). With a user base of almost 200 million
active subscribers, attackers had been trying to gain unauthorized access over the Netflix
databases for a long time now.
Ransom ware: A ransom ware can be defined as any malware or software that is
malicious in nature. The purpose behind the concept of a ransom ware is to design a software
which denies data access to a computer system until and unless a particular ransom amount is
paid. A ransom ware may spread via phishing emails or by visiting obscurely infected websites.
A ransom ware can have a devastating impact on an organization or an individual. Government,
healthcare systems, law enforcement agencies and other critical infrastructures are often
victimized using a ransom ware as well (Mayer et al., 2014). Anyone storing personal
information or important credentials on a particular computer network can be targeted with
ransom ware and the consequences can be devastating. It is very difficult to recover the data,
however data recovery specialists often help in dealing with such situations. Although, the victim
has to pay a ransom amount for the purpose of recovering data, there is no guarantee that the
particular data will be recovered. In order to avoid ransom wares, updating the soft wares as well
as the operating system in terms of latest available patches can resolve this malice to a great
extent.
Although, Netflix has incorporated data protection and stellar security practices,
cybercriminals targeted a small firm named Larson Studios which is a small scale Post
Production Company that is associated with Netflix (Blue et al., 2018). Since, Larson Studios is
a small organization with minimal security measures incorporated, it was easy to bypass. The
8RISK ASSESSMENT AND MITIGATION STRATEGIES ADOPTED BY NETFLIX
main purpose of the attacker was to target a small scale company and then subsequently
bypassing large enterprises associated with it.
Impact
The impact of security breaches through data corruption, identity theft, phishing and
ransom ware can cause a great deal of problems, if such situations occur, causing a loss of
revenue, loss of audience as well as it hampers reputation of an organization.
The occurrence of data breaches are common for online streaming platforms. The data
breaches occur at a substantial rate, due to which users are sent email to reset their passwords as
bank account details and credit card numbers are associated with Netflix accounts (Erukulapati,
2016). The data breaches occur when users sometimes give same password to Tumblr, LinkedIn
or MySpace accounts. The breach made millions of user information and passwords were posted
online on social media platforms. Breaches occurred when hackers exposed the errors associated
with data integration of online streaming platforms, which were maintained by an organization
named “Attunity”, which is an Amazon Storage Bucket. The impact is consequently faced by
Netflix, where loads of user data due to leak are accessible online (Alsharnouby, Alaca &
Chiasson, 2015). Organizations name is stained consequently, and the data breaches decrease the
total user base of streaming services, which relies on customer interaction on their streaming
platform. The breaches provide user’s bank account information and Netflix passwords to
customers at a reduced rate incurring a huge loss to the company.
The next pertinent issue associated with online streaming platform is the risk of identity
theft. Identity theft is related to accessing user account without knowledge of the user. The
potential hack has provision for user’s identity, details associated with the account to be accessed
by another individual without the user’s knowledge. Subsequent impact is faced by the
main purpose of the attacker was to target a small scale company and then subsequently
bypassing large enterprises associated with it.
Impact
The impact of security breaches through data corruption, identity theft, phishing and
ransom ware can cause a great deal of problems, if such situations occur, causing a loss of
revenue, loss of audience as well as it hampers reputation of an organization.
The occurrence of data breaches are common for online streaming platforms. The data
breaches occur at a substantial rate, due to which users are sent email to reset their passwords as
bank account details and credit card numbers are associated with Netflix accounts (Erukulapati,
2016). The data breaches occur when users sometimes give same password to Tumblr, LinkedIn
or MySpace accounts. The breach made millions of user information and passwords were posted
online on social media platforms. Breaches occurred when hackers exposed the errors associated
with data integration of online streaming platforms, which were maintained by an organization
named “Attunity”, which is an Amazon Storage Bucket. The impact is consequently faced by
Netflix, where loads of user data due to leak are accessible online (Alsharnouby, Alaca &
Chiasson, 2015). Organizations name is stained consequently, and the data breaches decrease the
total user base of streaming services, which relies on customer interaction on their streaming
platform. The breaches provide user’s bank account information and Netflix passwords to
customers at a reduced rate incurring a huge loss to the company.
The next pertinent issue associated with online streaming platform is the risk of identity
theft. Identity theft is related to accessing user account without knowledge of the user. The
potential hack has provision for user’s identity, details associated with the account to be accessed
by another individual without the user’s knowledge. Subsequent impact is faced by the
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9RISK ASSESSMENT AND MITIGATION STRATEGIES ADOPTED BY NETFLIX
organization, where the user base is affected due to such unethical means of accessing services
on their platform (Park, Quadari & Tsang, 2017). This in turn is directly related to huge financial
loss incurred by Netflix. The total number of users is not a mere one hundred or two hundred
users ID, but thousand and in some cases extends to millions which incurs huge financial loss for
the organization. The hackers deal in lump sum amount of money for providing organization
with user details related to bank accounts, which in turn causes a bad reputation for the
organization from where the identity theft occurs. There has been cases of identity theft from
Netflix, numbered to more than 110 million in the recent years through email, where users are
asked to provide their personal details related to the account to secure from theft, which causes
the hack of information from user’s personal account.
The occurrence of phishing for digital media streaming platforms is also on the rise. This
can cause heavy damage to an organization. The process of phishing is generally involved with
accessing a person’s information without their acknowledgement. The phishing attacks are
usually involved in stealing a user’s banking details from an organizations server. This can be
used in online transaction, or withdrawal of money from bank account (Nowitz, 2018). Data
collected globally related to phishing provides an estimate loss of around $3.7 million loss to the
organization at a single time. Phishing is not only used to scourge out user information but also
used in impersonating higher ranked official to send e-mails to lower ranked staffs to transfer
funds to their personal bank accounts and leave no trace, because the entire process of
transaction was carried out using an employee’s email ID (Field, Cram & Gonzalez, 2016).
Fraudulent email or text messages, disguised to look like it was sent from Netflix is often
misinterpreted by user’s who fall into trap of such attacks that provide with links to reset
organization, where the user base is affected due to such unethical means of accessing services
on their platform (Park, Quadari & Tsang, 2017). This in turn is directly related to huge financial
loss incurred by Netflix. The total number of users is not a mere one hundred or two hundred
users ID, but thousand and in some cases extends to millions which incurs huge financial loss for
the organization. The hackers deal in lump sum amount of money for providing organization
with user details related to bank accounts, which in turn causes a bad reputation for the
organization from where the identity theft occurs. There has been cases of identity theft from
Netflix, numbered to more than 110 million in the recent years through email, where users are
asked to provide their personal details related to the account to secure from theft, which causes
the hack of information from user’s personal account.
The occurrence of phishing for digital media streaming platforms is also on the rise. This
can cause heavy damage to an organization. The process of phishing is generally involved with
accessing a person’s information without their acknowledgement. The phishing attacks are
usually involved in stealing a user’s banking details from an organizations server. This can be
used in online transaction, or withdrawal of money from bank account (Nowitz, 2018). Data
collected globally related to phishing provides an estimate loss of around $3.7 million loss to the
organization at a single time. Phishing is not only used to scourge out user information but also
used in impersonating higher ranked official to send e-mails to lower ranked staffs to transfer
funds to their personal bank accounts and leave no trace, because the entire process of
transaction was carried out using an employee’s email ID (Field, Cram & Gonzalez, 2016).
Fraudulent email or text messages, disguised to look like it was sent from Netflix is often
misinterpreted by user’s who fall into trap of such attacks that provide with links to reset
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10RISK ASSESSMENT AND MITIGATION STRATEGIES ADOPTED BY NETFLIX
password of their accounts, which in turn is used by attackers to trade details for certain amount
of money.
Ransom ware hacks are common for organizations providing content at a price. Ransom
ware are used by attackers because in the digital sphere data can be protected and secured but
complete integrity is not possible, due to new malware software, which are increasing at an
alarming rate. The theft includes stealing of user information, exploiting vulnerabilities of the
system (Rajput, 2017). Purpose of such attacks are exploited by cybercriminals, like luring a user
to install suspicious software, which in turn is able to access user data. Ransom ware virus,
which was detected by Trend Micro named as “RANSOM_NETFLIX.A”, whose purpose was to
lure windows user having a Netflix account with the help of a login generator, which is a tool
used for piracy in getting membership of paid digital media accounts. The loss is incurred by the
organization in detecting security breaches, due to a huge user base it is tough to find the
malware, which in turn is exploited by hackers. The Netflix ransom ware is reported by security
analysts as an encryption mechanism for accessing users file and information from their personal
computer as well as getting access to the database with the user’s account, which pose as a threat
to the organization.
Risk Mitigation
The four primary issues pointed out are data breach, identity theft, phishing and ransom
ware (Ferreira & Kawakami, 2018). There are certain steps an organization like Netflix must
actively instill into the working mechanisms of the application in order to mitigate these issues.
Cybercrimes like data breaches are increasing rapidly, which is estimated to be around $6
trillion dollars incurred by large, medium and small scale enterprises operating in the digital
sphere in the modern world. Certain policies are required to be made effective for having a
password of their accounts, which in turn is used by attackers to trade details for certain amount
of money.
Ransom ware hacks are common for organizations providing content at a price. Ransom
ware are used by attackers because in the digital sphere data can be protected and secured but
complete integrity is not possible, due to new malware software, which are increasing at an
alarming rate. The theft includes stealing of user information, exploiting vulnerabilities of the
system (Rajput, 2017). Purpose of such attacks are exploited by cybercriminals, like luring a user
to install suspicious software, which in turn is able to access user data. Ransom ware virus,
which was detected by Trend Micro named as “RANSOM_NETFLIX.A”, whose purpose was to
lure windows user having a Netflix account with the help of a login generator, which is a tool
used for piracy in getting membership of paid digital media accounts. The loss is incurred by the
organization in detecting security breaches, due to a huge user base it is tough to find the
malware, which in turn is exploited by hackers. The Netflix ransom ware is reported by security
analysts as an encryption mechanism for accessing users file and information from their personal
computer as well as getting access to the database with the user’s account, which pose as a threat
to the organization.
Risk Mitigation
The four primary issues pointed out are data breach, identity theft, phishing and ransom
ware (Ferreira & Kawakami, 2018). There are certain steps an organization like Netflix must
actively instill into the working mechanisms of the application in order to mitigate these issues.
Cybercrimes like data breaches are increasing rapidly, which is estimated to be around $6
trillion dollars incurred by large, medium and small scale enterprises operating in the digital
sphere in the modern world. Certain policies are required to be made effective for having a
11RISK ASSESSMENT AND MITIGATION STRATEGIES ADOPTED BY NETFLIX
proactive and robust framework to secure software from data breaches. Risk management
strategies should be planned and analyzed with accurate cost estimation and prioritizing such
tasks. The risks identified should be classified based on threat posed to the organization. Asset
classification strategies should be adopted, where the necessary protection required is provided
based on the importance of the data under threat (Sun, Nanda & Jaeger, 2015). This will help to
estimate the amount of cost incurred to nullify a breach. Improvement must be done on
Information Systems (IS) Security, which include access management, network security as well
as physical security. There should be policies for related Information system assessment as well
as policies related to security operations. Prevention of data breaches can be done with the help
of using encrypted database for storing user information, as well as multi-factor authentication to
help organizations identify and analyze risks and threat it poses to the company.
Identity theft is a common occurrence in this digitally connected world. There are
various ways personal information can be protected. Awareness is necessary for such occurrence,
users availing streaming services in their personal computers or laptops should always use latest
version of software, and readily update when rolled out by the companies (Kang et al., 2015).
Updating a software reduces the risk of getting hacked and falling victim to a cyber-attack.
Effective threat intelligence adoption mechanism is one of the safest way to mitigate identity
theft (Market Realist, 2019). This can be done with the help of tools in company database, which
can easily find fake profiles, for example a user can be from United States whereas it is showing
that the same user has accessed his or her account from another location within a period of few
hours. Steps are needed to be taken so that similar identity theft malwares are not able to breach
into the company servers in future. Netflix should arrange for awareness campaigns in their
streaming platform to protect user’s giving in details to other websites about their user account.
proactive and robust framework to secure software from data breaches. Risk management
strategies should be planned and analyzed with accurate cost estimation and prioritizing such
tasks. The risks identified should be classified based on threat posed to the organization. Asset
classification strategies should be adopted, where the necessary protection required is provided
based on the importance of the data under threat (Sun, Nanda & Jaeger, 2015). This will help to
estimate the amount of cost incurred to nullify a breach. Improvement must be done on
Information Systems (IS) Security, which include access management, network security as well
as physical security. There should be policies for related Information system assessment as well
as policies related to security operations. Prevention of data breaches can be done with the help
of using encrypted database for storing user information, as well as multi-factor authentication to
help organizations identify and analyze risks and threat it poses to the company.
Identity theft is a common occurrence in this digitally connected world. There are
various ways personal information can be protected. Awareness is necessary for such occurrence,
users availing streaming services in their personal computers or laptops should always use latest
version of software, and readily update when rolled out by the companies (Kang et al., 2015).
Updating a software reduces the risk of getting hacked and falling victim to a cyber-attack.
Effective threat intelligence adoption mechanism is one of the safest way to mitigate identity
theft (Market Realist, 2019). This can be done with the help of tools in company database, which
can easily find fake profiles, for example a user can be from United States whereas it is showing
that the same user has accessed his or her account from another location within a period of few
hours. Steps are needed to be taken so that similar identity theft malwares are not able to breach
into the company servers in future. Netflix should arrange for awareness campaigns in their
streaming platform to protect user’s giving in details to other websites about their user account.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 19
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.