Cyber Security Review

profileJAZ123
Cyber_SecurityIntroduction.docx
Home>Information Systems homework help>Cyber Security Review

Running head: CYBER SECURITY RESEARCH 1

CYBER SECURITY RESEARCH 8

Cyber Security

Introduction

In today's digital age, the technological revolution has created a paradigm shift in the life of humankind. The progressive growth of technology and innovation has benefited the globe, changing entertainment, healthcare, global defense and security, communication, e-commerce, and other spheres. In the modern world, technology has become pervasive and ubiquitous in societies. However, as technology grows, a corresponding growth is exhibited in the technological risks (Raban & Hauptman, 2018, p. 2). Such hazards include cybersecurity threats. Hence, as people connect to the internet and other ICT infrastructure, they expose themselves to a wide variety of cybersecurity attacks. Cyber threats pervade individuals, organizations, governments, among other institutions. According to Fran Howarth, distributed denial-of-service attacks have recently increased by 214 % (Howarth, 2021, p. 1). Of worrying concern is that these cyber threats are not static. In this regard, cybercriminals use innovative methods to design millions of new cybersecurity threats every year. Moreover, cyber threats originate from varying people, organizations, and contexts. Such sources include individuals, nations, terrorists, hackers, industrial spies, and business competitors. These cybercriminals employ diverse techniques to perpetuate their cyber threats, including malware, phishing, the man-in-the-middle attack, trojans, ransomware, and denial of service attacks. These cyber-threats pose potent security to organizations and individuals. Examples of such adverse impacts include paralysis of information systems, data breaches, electrical blackouts, and general disruption of Information and Communications Technology  (ICT) systems that causes vast losses to the victims. Hence, organizations need to devise diverse strategies to prevent and mitigate these cyber threats.

Problem Statement

Due to the increasing rate of technological growth, the number of cybercrimes is on the rise (Wall, 2017, p. 3), and hence business firms face increased cases of cyber attacks. Cybercriminals ranging from sole hackers to organized criminals, business competitors, and industrial spies daily develop advanced cyber threats. Using techniques such as phishing, denial of service attacks, ransomware, among other cyber attacks, these individuals present a security challenge to business firms. For example, James Barr claims that ransomware attacks in the manufacturing industry rose by 156% between 2019 and 2020 and in 2020, ransomware attackers demanded $34 million from a Taiwanese company (Barr, 2021, p. 2). Hence, cybersecurity threats are ubiquitous and present a security challenge to organizations. Such challenges include disruption of business, stealing or loss of data, legal liabilities, financial losses, and brand equity damage. Therefore, organizations need to develop various strategies to address the threat of cyber attacks.

Purpose

The purpose of this study is to research and determine the remedial effects of various cyber threat interventions that can be employed by organizations to prevent and mitigate cybersecurity threats. The strategies under study include effective management of information system infrastructure, identifying potential cyber threats, and clarifying security policies. Moreover, the research shall employ a combination of quantitative and qualitative research measures. Combining the two research methods is designed to improve the study's evaluation by ensuring that the efficiency limitations of one of the research methods are balanced by the other research method's strengths. Hence, providing more conclusive research and improving the research's quality. The study will prove or disapprove that effective management of ICT infrastructure systems and clarification of information system security policies improve organizations' information security.

Research Questions

This research focuses on three questions to produce conclusive results. Firstly, does the effective management of security systems ensure the protection of an organizations information? Secondly, does early identification of potential cyber threats and risks on organizational information systems positively impact information security? Lastly, is the clarification of corporate security policies correlated with improved information security?

Significance of the Study

The advancement of technology has positively changed societies. Consequently, business firms have adopted technology and innovations aiming to gain a competitive edge over their competitors. However, despite the organization's adoption of technology availing various benefits to the firms, technology has also exposed the organizations to different cybersecurity challenges. These cyber-attacks can pose adverse effects to the firms. Therefore, all corporate enterprises and other organizations need to adopt competent interventions to guard them against the potent threat of cybersecurity attacks. In this regard, this research aims to conduct an extensive study to test the efficiency of various strategies adopted by organizations to guard themselves against cyber attacks and, if they occur, the multiple mechanisms of mitigating these risk will reduce the severity of these cybersecurity attacks. Such intervention methods under this study include effective management of security systems, risk avoidance strategies such as early identification of potential information security and clarification of information security policies. Hence, this research shall test these interventions and measure their effectiveness in improving organizational safety against cyber threats. Consequently, the information from this research will improve the existing knowledge on organizational cybersecurity. Hence, corporate leaders will benefit from the information generated by this research, enabling them to make more informed decisions regarding protecting their firms against cybersecurity attacks.

Definition of Words

Malware

Malware refers to malicious software that performs cybersecurity attacks on their target devices or computer networks. The malware performs various malicious activities such as stealing, deleting, encrypting, altering or deleting sensitive corporate information.

Phishing Attack

A phishing attack is a type of social engineering cybersecurity threat often used by cybercriminals to steal user data such as system login details and credit card credentials. In this type of attack, attackers who pretend to be trusted entities trick their victims into clicking malicious links through emails or instant text messages. Hence, the recipient is duped into downloading infected documents, malware, or revealing private information since they trust the message's sender.

Man-in-the-Middle Attack

The man-in-the-middle attack is an eavesdropping cybersecurity attack where cyber criminals intercept communication between two communicating entities such as an information system user and an application. The attack occurs through the attackers positioning themselves between the communicating parties and pretending to be a legitimate communicating entity. Since the attacker appears as a legitimate party, they intercept private conversation details such as login details and credit card numbers unnoticed.

Trojan

A Trojan also referred to as a Trojan horse, is a computer malware that disguises itself as legitimate computer software. Through social engineering, attackers trick computer users into downloading Trojans into their devices, and once the Trojans are activated, the attackers can steal sensitive user data or spy on them.

Denial of Service Attack (DoS)

DoS is a type of cyber attack where legitimate information system users are denied access to network resources due to the activities of a malicious attacker. In this cyber threat, an attacker floods the target network with vast traffic until the host crashes, denying legitimate users access to the network resources.

Ransomware

Ransomware is a type of malware attack that uses encryption to hold its victims' data on ransom. In this attack, a victims data is encrypted, and the attacker demands a ransom to provide the files' decryption keys.

Limitations of the Study

Due to this paper's focus, the research is limited to evaluating and assessing the effectiveness of the three previously mentioned interventions in preventing and mitigating cyberattacks. These interventions include effective management of information system security, identifying potential cyber threats, and clarifying information security policies. Although other strategies exist to prevent and mitigate cyberattacks, this paper ignores them and limits itself to the aforementioned three strategies.

Assumptions

The security of an organization's information systems is tied to their brand reputation, and therefore, organizations might feel uncomfortable sharing factual information concerning their information systems security. In this regard, this study assumes that firms will be honest in their responses and will not hide past or present cyber attacks on their systems.

References

Bar, J.G. (2021). Protecting Manufacturing Systems from Cyber Attacks. Faulkner Information

Services.

file:///C:/Users/Orlando/Documents/Master%20Degree%20APU/Information%20Technology/Course/Research%20Methods/Week%202/Peer%20Review%202_ProtectingManufacturingSystemsfromCyberAttacks0521.pdf

Howarth, F. (2021). EU Cybersecurity Strategy for the Digital Decade.  Faulkner Information

Services.

file:///C:/Users/Orlando/Documents/Master%20Degree%20APU/Information%20Technology/Course/Research%20Methods/Week%202/Peer%20Review%201_EUCybersecurityStrategyfortheDigitalDecade.pdf

Raban, Y., & Hauptman, A. (2018). Foresight of Cyber Security Threat Drivers and Affecting Technologies. foresight.

Wall, D. S. (2017). Crime, Security and Information Communication Technologies: The Changing Cybersecurity Threat Landscape and Its Implications for Regulation and Policing. Security and Information Communication Technologies: The Changing Cybersecurity Threat Landscape and Its Implications for Regulation and Policing (July 20, 2017).